Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Might be infected


  • Please log in to reply

#1
Geekl33t

Geekl33t

    Member

  • Member
  • PipPip
  • 22 posts

Hello

 

My mouse sometimes makes some weird move without touching it, i'm scared this might be an infection even though my antivirus doesn't detect anything or it could be the mouse. Also my internet connection began to go slower for whatever reason. Anyways I would like someone to help me find out what the problem might be.

 

Extra information:

It's a laptop

Windows 7 32 bits

 

Thanks in advance :)

 

OTL

 

OTL logfile created on: 10/12/2014 17:52:06 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Loni\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17420)
Locale: 0000080c | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy
 
3,00 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 42,87% Memory free
5,99 Gb Paging File | 3,84 Gb Available in Paging File | 64,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 137,59 Gb Total Space | 20,91 Gb Free Space | 15,20% Space Free | Partition Type: NTFS
Drive D: | 11,46 Gb Total Space | 1,87 Gb Free Space | 16,31% Space Free | Partition Type: NTFS
Drive G: | 607,79 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: LONI-PC | User Name: Loni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/12/09 18:51:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Loni\Desktop\OTL.exe
PRC - [2014/11/25 07:39:27 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/11/21 06:12:46 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/11/01 11:15:32 | 005,223,016 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/10/29 17:54:46 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/09/12 10:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/08/04 17:07:11 | 001,660,216 | ---- | M] (Toolwiz) -- C:\Program Files\Toolwiz Time Freeze 2014\ToolwizTimeFreeze.exe
PRC - [2014/08/03 11:57:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2014/07/30 19:16:54 | 001,241,472 | ---- | M] (Oracle Corporation) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2014/07/14 17:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/07/14 17:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/05/29 19:33:38 | 000,631,816 | ---- | M] (Sandboxie Holdings, LLC) -- C:\Program Files\Sandboxie\SbieCtrl.exe
PRC - [2014/05/29 19:33:38 | 000,134,664 | ---- | M] (Sandboxie Holdings, LLC) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2014/03/19 14:20:14 | 001,696,976 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
PRC - [2014/03/19 14:20:14 | 001,106,128 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
PRC - [2013/10/23 23:39:14 | 001,017,224 | ---- | M] (Flux Software LLC) -- C:\Users\Loni\AppData\Local\FluxSoftware\Flux\flux.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 22:29:25 | 004,247,040 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows NT\Accessories\wordpad.exe
PRC - [2009/08/18 01:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/08/18 01:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2008/05/08 00:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\Windows\System32\Crypserv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/11/25 07:39:25 | 014,910,280 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll
MOD - [2014/11/25 07:39:24 | 009,009,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\39.0.2171.71\pdf.dll
MOD - [2014/11/25 07:39:20 | 001,077,064 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
MOD - [2014/11/25 07:39:18 | 000,211,272 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\39.0.2171.71\libegl.dll
MOD - [2014/11/25 07:39:17 | 001,677,128 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
MOD - [2014/10/29 17:54:51 | 038,561,576 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2014/12/09 22:40:19 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/11/14 13:54:22 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/11/06 03:59:34 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/10/30 10:29:54 | 000,777,728 | ---- | M] (FileZilla Project) [Auto | Stopped] -- C:\Program Files\FileZilla Server\FileZilla Server.exe -- (FileZilla Server)
SRV - [2014/10/29 17:54:46 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/09/12 10:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/04 10:57:58 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2014/07/23 02:27:02 | 000,073,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe -- (VsEtwService120)
SRV - [2014/07/14 17:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 17:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/05/29 19:33:38 | 000,134,664 | ---- | M] (Sandboxie Holdings, LLC) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2014/05/02 09:47:30 | 000,032,568 | ---- | M] (The OpenVPN Project) [On_Demand | Stopped] -- C:\Program Files\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2014/04/03 19:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/02/19 23:25:56 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Kits\8.1\App Certification Kit\fussvc.exe -- (fussvc)
SRV - [2013/08/21 20:55:10 | 000,091,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
SRV - [2013/05/27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/03/01 02:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009/08/18 01:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2008/05/08 00:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\Windows\System32\Crypserv.exe -- (Crypkey License)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2014/12/10 17:51:21 | 000,114,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014/11/23 13:49:38 | 000,787,800 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014/11/21 15:16:54 | 000,744,520 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2014/11/21 15:16:32 | 000,126,496 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2014/11/21 15:16:32 | 000,116,184 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2014/11/21 15:16:32 | 000,104,384 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2014/11/21 11:56:52 | 000,423,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2014/11/21 06:14:20 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2014/11/21 06:14:06 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2014/11/01 11:15:32 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2014/10/29 17:54:54 | 000,206,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/10/29 17:54:54 | 000,091,496 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2014/10/29 17:54:54 | 000,081,768 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/10/29 17:54:54 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/10/29 17:54:54 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/08/06 15:36:03 | 000,231,760 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2014/08/04 17:07:12 | 000,033,040 | ---- | M] (Toolwiz.com) [File_System | System | Running] -- C:\Windows\System32\drivers\TWZFILE.sys -- (TWZFILE)
DRV - [2014/08/04 17:07:11 | 000,066,704 | ---- | M] (Toolwiz.com) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TWZDISK.sys -- (TWZDISK)
DRV - [2014/08/01 18:47:45 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2014/05/29 19:33:38 | 000,160,264 | ---- | M] (Sandboxie Holdings, LLC) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2014/03/19 14:27:42 | 000,065,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2013/08/22 13:40:22 | 000,035,288 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2013/03/01 02:48:42 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2012/07/13 15:13:16 | 000,055,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\VSPerfDrv110.sys -- (VSPerfDrv110)
DRV - [2011/05/13 17:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2011/05/13 17:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2010/11/20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2009/08/18 02:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2008/03/17 17:45:52 | 000,019,584 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\Ckldrv.sys -- (NetworkX)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://be.msn.com/de....aspx?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-be
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3C 4C 84 58 A2 AD CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: foxyproxy%40eric.h.jung:4.4.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.3
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.20.2: C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.20.2: C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/12/06 20:34:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2014/08/06 16:39:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Loni\AppData\Roaming\Mozilla\Extensions
[2014/12/03 17:42:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Loni\AppData\Roaming\Mozilla\Firefox\Profiles\zgjeioag.default\extensions
[2014/12/03 17:42:10 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Loni\AppData\Roaming\Mozilla\Firefox\Profiles\zgjeioag.default\extensions\[email protected]
[2014/11/14 13:54:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/11/14 13:54:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
[2014/11/14 13:54:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/11/14 13:54:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.5.16_0\
CHR - Extension: No name found = C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2502.149_0\
CHR - Extension: No name found = C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [f.lux] C:\Users\Loni\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (Sandboxie Holdings, LLC)
O4 - HKCU..\Run: [ToolwizTimeFreeze] C:\Program Files\Toolwiz Time Freeze 2014\ToolwizTimeFreeze.exe (Toolwiz)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 11.20.2)
O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.8.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7746467F-4FBF-456F-ABDD-8F599A16562C}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/12/10 16:13:19 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2014/12/09 18:51:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Loni\Desktop\OTL.exe
[2014/12/09 16:49:37 | 000,000,000 | ---D | C] -- C:\Users\Loni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pidgin-otr
[2014/12/09 16:49:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pidgin-otr
[2014/12/09 16:49:36 | 000,000,000 | ---D | C] -- C:\Program Files\pidgin-otr
[2014/12/09 12:27:00 | 000,000,000 | ---D | C] -- C:\Users\Loni\AppData\Roaming\.purple
[2014/12/09 12:25:54 | 000,000,000 | ---D | C] -- C:\Program Files\Pidgin
[2014/12/08 00:10:04 | 000,000,000 | ---D | C] -- C:\Users\Loni\Desktop\Friday (1995)
[2014/12/07 23:26:53 | 000,000,000 | -HSD | C] -- C:\Users\Loni\AppData\Local\EmieBrowserModeList
[2014/12/07 00:53:15 | 000,000,000 | ---D | C] -- C:\Users\Loni\Desktop\Book, tools
[2014/12/06 21:45:24 | 000,165,888 | ---- | C] (Kenonic Controls) -- C:\Windows\Ckconfig.exe
[2014/12/06 21:45:24 | 000,122,880 | ---- | C] (CrypKey (Canada) Ltd.) -- C:\Windows\System32\Crypserv.exe
[2014/12/06 20:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2014/12/06 20:34:51 | 000,291,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/12/05 19:23:57 | 000,000,000 | ---D | C] -- C:\Users\Loni\AppData\Roaming\asoftech
[2014/12/05 19:23:55 | 000,000,000 | ---D | C] -- C:\Program Files\Asoftech
[2014/12/05 18:37:59 | 000,000,000 | ---D | C] -- C:\Log
[2014/12/05 18:37:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/12/05 01:16:49 | 000,000,000 | ---D | C] -- C:\Users\Loni\Desktop\TreeBook
[2014/12/04 00:40:40 | 000,000,000 | ---D | C] -- C:\Users\Loni\AppData\Roaming\ICSharpCode
[2014/11/30 03:16:48 | 000,000,000 | ---D | C] -- C:\Users\Loni\Desktop\Desktop
[2014/11/30 03:15:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014/11/30 03:15:52 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2014/11/30 03:15:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014/11/30 03:14:40 | 000,000,000 | ---D | C] -- C:\Users\Loni\AppData\Local\Adobe
[2014/11/25 00:17:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[2014/11/25 00:17:32 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2014/11/23 14:24:27 | 000,000,000 | ---D | C] -- C:\Users\Loni\VirtualBox VMs
[2014/11/23 14:23:47 | 000,000,000 | ---D | C] -- C:\Users\Loni\.VirtualBox
[2014/11/23 14:22:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2014/11/23 14:22:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2014/11/23 14:22:08 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2014/11/14 13:54:05 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/11/13 02:27:41 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Phone Silverlight Kits
[2014/11/13 02:27:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
[2014/11/13 02:25:01 | 000,000,000 | ---D | C] -- C:\Users\Loni\Documents\Visual Studio 2013
[2014/11/13 02:24:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft XDE
[2014/11/13 02:15:42 | 000,000,000 | ---D | C] -- C:\Program Files\AppInsights
[2014/11/13 01:39:41 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier
[2014/11/13 01:38:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows App Certification Kit
[2014/11/13 01:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Phone Kits
[2014/11/13 00:56:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
[2014/11/13 00:39:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 12.0
[2014/11/11 17:29:03 | 000,000,000 | ---D | C] -- C:\Users\Loni\AppData\Local\CrashDumps
 
========== Files - Modified Within 30 Days ==========
 
[2014/12/10 17:51:21 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/12/10 17:42:46 | 000,059,872 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/12/10 17:42:46 | 000,059,872 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/12/10 17:40:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/12/10 17:32:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/12/10 13:40:01 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/12/10 13:39:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/12/10 13:39:20 | 2413,707,264 | -HS- | M] () -- C:\hiberfil.sys
[2014/12/09 19:16:36 | 2147,483,648 | ---- | M] () -- C:\Users\Loni\Documents\projects
[2014/12/09 18:51:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Loni\Desktop\OTL.exe
[2014/12/09 12:26:40 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Pidgin.lnk
[2014/12/08 00:48:25 | 000,653,780 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/12/08 00:48:25 | 000,121,652 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/12/07 23:56:41 | 000,134,783 | ---- | M] () -- C:\Users\Loni\Desktop\Portfolio.rar
[2014/12/06 23:02:42 | 1047,700,332 | ---- | M] () -- C:\Users\Loni\Desktop\Fury.2014.576p.DVDSCR.999MB.ShAaNiG.mkv
[2014/12/06 21:45:27 | 000,000,073 | ---- | M] () -- C:\Windows\Crypkey.ini
[2014/12/06 20:35:26 | 000,002,045 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014/12/02 19:34:53 | 000,001,060 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/12/01 12:23:35 | 000,001,576 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2014/11/30 13:41:30 | 000,294,400 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/11/28 23:08:02 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/11/26 19:34:45 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/11/23 14:22:39 | 000,001,100 | ---- | M] () -- C:\Users\Loni\Application Data\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk
[2014/11/23 13:49:38 | 000,787,800 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsnx.sys
[2014/11/21 11:56:52 | 000,423,784 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
[2014/11/21 06:14:20 | 000,051,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/11/21 06:14:10 | 000,075,480 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/11/21 06:14:06 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2014/12/09 19:14:37 | 2147,483,648 | ---- | C] () -- C:\Users\Loni\Documents\projects
[2014/12/09 12:26:40 | 000,000,949 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk
[2014/12/09 12:26:40 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Pidgin.lnk
[2014/12/07 23:56:41 | 000,134,783 | ---- | C] () -- C:\Users\Loni\Desktop\Portfolio.rar
[2014/12/06 22:16:28 | 1047,700,332 | ---- | C] () -- C:\Users\Loni\Desktop\Fury.2014.576p.DVDSCR.999MB.ShAaNiG.mkv
[2014/12/06 21:45:27 | 000,000,073 | ---- | C] () -- C:\Windows\Crypkey.ini
[2014/12/06 21:45:24 | 000,027,648 | R--- | C] () -- C:\Windows\Setup_ck.exe
[2014/12/06 21:45:24 | 000,019,584 | ---- | C] () -- C:\Windows\System32\Ckldrv.sys
[2014/12/06 21:45:24 | 000,018,432 | ---- | C] () -- C:\Windows\Setup_ck.dll
[2014/12/06 21:45:24 | 000,011,776 | ---- | C] () -- C:\Windows\Ckrfresh.exe
[2014/12/06 20:35:26 | 000,002,045 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014/11/30 13:41:13 | 000,294,400 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/11/30 03:16:10 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/11/23 14:22:39 | 000,001,100 | ---- | C] () -- C:\Users\Loni\Application Data\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk
[2014/09/10 18:20:47 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/09/06 00:38:41 | 000,001,576 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2014/08/06 23:01:27 | 000,004,608 | ---- | C] () -- C:\Users\Loni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/08/06 23:01:03 | 000,753,873 | ---- | C] () -- C:\Windows\unins000.exe
[2014/08/06 23:01:03 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\Lagarith.dll
[2014/08/06 23:01:03 | 000,067,833 | ---- | C] () -- C:\Windows\unins000.dat
[2014/08/01 17:09:34 | 000,206,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/08/01 17:09:33 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/08/01 17:09:33 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014/08/01 16:58:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/03/01 02:47:36 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2014/12/09 22:59:42 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\.purple
[2014/12/07 16:57:24 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\asoftech
[2014/08/01 18:44:33 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\AVAST Software
[2014/12/10 17:51:03 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\BitTorrent
[2014/08/04 18:18:54 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\DAEMON Tools Lite
[2014/10/12 21:39:17 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\datamodeler
[2014/11/06 15:17:33 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\FileZilla Server
[2014/12/04 00:40:40 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\ICSharpCode
[2014/12/04 21:05:33 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\Notepad++
[2014/09/14 02:51:40 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\NuGet
[2014/08/16 18:53:29 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\OmniCoin
[2014/10/12 22:38:50 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\Oracle SQL Developer Data Modeler
[2014/09/14 02:52:12 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\stetic
[2014/10/12 22:38:55 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\Subversion
[2014/08/06 15:37:16 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\TrueCrypt
[2014/10/19 12:42:12 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\Wireshark
[2014/10/22 17:55:06 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\Xamarin
[2014/09/14 02:51:34 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\XamarinStudio-5.0
[2014/09/14 02:51:52 | 000,000,000 | ---D | M] -- C:\Users\Loni\AppData\Roaming\xbuild
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:D5FBE8F9
 
< End of report >

 

 

Edited by Geekl33t, 10 December 2014 - 11:09 AM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP

Looks clean.  Let's run a few scans to be sure:

 

 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
     
     
    Please download Farbar Recovery Scan Tool and save it to your Desktop. 
     
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. 
     
    •  
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 
  •  

    Get Process Explorer
     
    Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
     
    View, Select Column, check Verified Signer, OK
    Options, Verify Image Signatures
     
     
    Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
     
    Wait a full minute then:
     
    File, Save As, Save.  Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
     
     

    Go to http://www.speedtest.net/ and click on Begin Test
     
    When the Test finishes click on Share This Result and then select Forum then Copy then move to a reply and Ctrl + v
     
     

    • 0

    #3
    Geekl33t

    Geekl33t

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

    AdwCleaner:

     

    R0:

     

    # AdwCleaner v4.105 - Report created 10/12/2014 at 20:44:28
    # Updated 08/12/2014 by Xplode
    # Database : 2014-12-08.2 [Live]
    # Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
    # Username : Loni - LONI-PC
    # Running from : C:\Users\Loni\Desktop\AdwCleaner.exe
    # Option : Scan
     
    ***** [ Services ] *****
     
    Service Found : c2cautoupdatesvc
    Service Found : c2cpnrsvc
     
    ***** [ Files / Folders ] *****
     
    Folder Found : C:\ProgramData\apn
     
    ***** [ Scheduled Tasks ] *****
     
     
    ***** [ Shortcuts ] *****
     
     
    ***** [ Registry ] *****
     
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
     
    ***** [ Browsers ] *****
     
    -\\ Internet Explorer v11.0.9600.17420
     
     
    -\\ Mozilla Firefox v32.0.3 (x86 nl)
     
     
    -\\ Google Chrome v39.0.2171.71
     
     
    *************************
     
    AdwCleaner[R0].txt - [1258 octets] - [10/12/2014 20:44:28]
     
    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1318 octets] ##########
     

     

    S0:

     

    # AdwCleaner v4.105 - Report created 10/12/2014 at 20:46:26
    # Updated 08/12/2014 by Xplode
    # Database : 2014-12-08.2 [Live]
    # Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
    # Username : Loni - LONI-PC
    # Running from : C:\Users\Loni\Desktop\AdwCleaner.exe
    # Option : Clean
     
    ***** [ Services ] *****
     
    Service Deleted : c2cautoupdatesvc
    Service Deleted : c2cpnrsvc
     
    ***** [ Files / Folders ] *****
     
    Folder Deleted : C:\ProgramData\apn
     
    ***** [ Scheduled Tasks ] *****
     
     
    ***** [ Shortcuts ] *****
     
     
    ***** [ Registry ] *****
     
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
     
    ***** [ Browsers ] *****
     
    -\\ Internet Explorer v11.0.9600.17420
     
     
    -\\ Mozilla Firefox v32.0.3 (x86 nl)
     
     
    -\\ Google Chrome v39.0.2171.71
     
     
    *************************
     
    AdwCleaner[R0].txt - [1398 octets] - [10/12/2014 20:44:28]
    AdwCleaner[S0].txt - [1335 octets] - [10/12/2014 20:46:26]
     
    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1395 octets] ##########
     
    JRT:
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.4.0 (11.29.2014:1)
    OS: Windows 7 Home Premium x86
    Ran by Loni on mer. 10/12/2014 at 20:51:27,45
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
     
    ~~~ Services
     
     
     
    ~~~ Registry Values
     
     
     
    ~~~ Registry Keys
     
     
     
    ~~~ Files
     
     
     
    ~~~ Folders
     
     
     
    ~~~ Event Viewer Logs were cleared
     
     
     
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on mer. 10/12/2014 at 20:59:48,17
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
    FRST:

     

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-12-2014 01
    Ran by Loni (administrator) on LONI-PC on 10-12-2014 21:05:02
    Running from C:\Users\Loni\Desktop
    Loaded Profile: Loni (Available profiles: Loni)
    Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AMD) C:\Windows\System32\atiesrxx.exe
    (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
    (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
    (Flux Software LLC) C:\Users\Loni\AppData\Local\FluxSoftware\Flux\flux.exe
    (Toolwiz) C:\Program Files\Toolwiz Time Freeze 2014\ToolwizTimeFreeze.exe
    (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (Apple Inc.) C:\Program Files\Xamarin\Bonjour\mDNSResponder.exe
    (CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
    (FileZilla Project) C:\Program Files\FileZilla Server\FileZilla Server.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
    (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
    (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-01] (AVAST Software)
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
    HKU\S-1-5-21-1114357038-2612704853-781822362-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
    HKU\S-1-5-21-1114357038-2612704853-781822362-1000\...\Run: [f.lux] => C:\Users\Loni\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
    HKU\S-1-5-21-1114357038-2612704853-781822362-1000\...\Run: [ToolwizTimeFreeze] => C:\Program Files\Toolwiz Time Freeze 2014\ToolwizTimeFreeze.exe [1660216 2014-08-04] (Toolwiz)
    HKU\S-1-5-21-1114357038-2612704853-781822362-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [631816 2014-05-29] (Sandboxie Holdings, LLC)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page = 
    HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = 
    HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = 
    HKU\S-1-5-21-1114357038-2612704853-781822362-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://be.msn.com/de....aspx?ocid=iehp
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Loni\AppData\Roaming\Mozilla\Firefox\Profiles\zgjeioag.default
    FF NetworkProxy: "socks_remote_dns", true
    FF NetworkProxy: "type", 0
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
    FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Extension: FoxyProxy Standard - C:\Users\Loni\AppData\Roaming\Mozilla\Firefox\Profiles\zgjeioag.default\Extensions\[email protected] [2014-12-03]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2014-11-14]
    FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-11-14]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-01]
     
    Chrome: 
    =======
    CHR StartupUrls: Default -> "hxxp://www.google.com/"
    CHR Profile: C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Docs) - C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-01]
    CHR Extension: (Google Drive) - C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-01]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-01]
    CHR Extension: (WOT) - C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-08-02]
    CHR Extension: (YouTube) - C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-01]
    CHR Extension: (Google Search) - C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-01]
    CHR Extension: (Avast Online Security) - C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-01]
    CHR Extension: (Google Wallet) - C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-01]
    CHR Extension: (Gmail) - C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-01]
    CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-29]
     
    ========================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-29] (AVAST Software)
    R2 Bonjour Service; C:\Program Files\Xamarin\Bonjour\mDNSResponder.exe [384512 2014-10-17] (Apple Inc.) [File not signed]
    R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
    R2 FileZilla Server; C:\Program Files\FileZilla Server\FileZilla Server.exe [777728 2014-10-30] (FileZilla Project) [File not signed]
    S3 fussvc; C:\Program Files\Windows Kits\8.1\App Certification Kit\fussvc.exe [140800 2014-02-19] (Microsoft Corporation) [File not signed]
    R2 IpOverUsbSvc; C:\Program Files\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
    R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [32568 2014-05-02] (The OpenVPN Project)
    R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [134664 2014-05-29] (Sandboxie Holdings, LLC)
    S3 Te.Service; C:\Program Files\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [91136 2013-08-21] (Microsoft Corporation) [File not signed]
    S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [73360 2014-07-23] (Microsoft Corporation)
    S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-10-29] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-01] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-10-29] (AVAST Software)
    R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-10-29] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-23] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-21] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-10-29] (AVAST Software)
    R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-10-29] ()
    R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-08-01] (Disc Soft Ltd)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-12-10] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
    R1 NetworkX; C:\Windows\system32\ckldrv.sys [19584 2008-03-17] () [File not signed]
    R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
    R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [160264 2014-05-29] (Sandboxie Holdings, LLC)
    R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
    R0 TWZDISK; C:\Windows\System32\Drivers\TWZDISK.sys [66704 2014-08-04] (Toolwiz.com)
    R1 TWZFILE; C:\Windows\system32\Drivers\TWZFILE.sys [33040 2014-08-04] (Toolwiz.com)
    S3 VSPerfDrv110; C:\Program Files\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\VSPerfDrv110.sys [55416 2012-07-13] (Microsoft Corporation)
     
    ==================== NetSvcs (Whitelisted) ===================
     
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-12-10 21:05 - 2014-12-10 21:05 - 00013718 _____ () C:\Users\Loni\Desktop\FRST.txt
    2014-12-10 21:04 - 2014-12-10 21:05 - 00000000 ____D () C:\FRST
    2014-12-10 20:59 - 2014-12-10 20:59 - 00000634 _____ () C:\Users\Loni\Desktop\JRT.txt
    2014-12-10 20:51 - 2014-12-10 20:51 - 00000000 ____D () C:\Windows\ERUNT
    2014-12-10 20:44 - 2014-12-10 20:46 - 00000000 ____D () C:\AdwCleaner
    2014-12-10 20:35 - 2014-12-10 20:36 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\Loni\Desktop\procexp.exe
    2014-12-10 20:35 - 2014-12-10 20:35 - 01111040 _____ (Farbar) C:\Users\Loni\Desktop\FRST.exe
    2014-12-10 20:34 - 2014-12-10 20:34 - 01707646 _____ (Thisisu) C:\Users\Loni\Desktop\JRT.exe
    2014-12-10 20:31 - 2014-12-10 20:31 - 02166272 _____ () C:\Users\Loni\Desktop\AdwCleaner.exe
    2014-12-10 20:17 - 2014-12-10 20:17 - 01435975 _____ () C:\Users\Loni\Desktop\piano.rar
    2014-12-10 18:28 - 2014-12-10 18:28 - 00000000 ____D () C:\Users\Loni\Desktop\piano
    2014-12-10 18:04 - 2014-12-10 18:04 - 00072444 _____ () C:\Users\Loni\Desktop\OTL.Txt
    2014-12-10 16:11 - 2014-12-10 16:11 - 01685080 _____ (BitTorrent Inc.) C:\Users\Loni\Downloads\BitTorrent (1).exe
    2014-12-09 19:14 - 2014-12-09 19:16 - 2147483648 _____ () C:\Users\Loni\Documents\projects
    2014-12-09 18:51 - 2014-12-09 18:51 - 00602112 _____ (OldTimer Tools) C:\Users\Loni\Desktop\OTL.exe
    2014-12-09 16:49 - 2014-12-09 16:49 - 06731033 _____ () C:\Users\Loni\Downloads\pidgin-otr-4.0.1 (1).exe
    2014-12-09 16:49 - 2014-12-09 16:49 - 00000000 ____D () C:\Users\Loni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pidgin-otr
    2014-12-09 16:49 - 2014-12-09 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pidgin-otr
    2014-12-09 16:49 - 2014-12-09 16:49 - 00000000 ____D () C:\Program Files\pidgin-otr
    2014-12-09 12:34 - 2014-12-09 12:35 - 06731033 _____ () C:\Users\Loni\Downloads\pidgin-otr-4.0.1.exe
    2014-12-09 12:27 - 2014-12-09 22:59 - 00000000 ____D () C:\Users\Loni\AppData\Roaming\.purple
    2014-12-09 12:26 - 2014-12-09 12:26 - 00000949 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk
    2014-12-09 12:26 - 2014-12-09 12:26 - 00000937 _____ () C:\Users\Public\Desktop\Pidgin.lnk
    2014-12-09 12:25 - 2014-12-09 16:49 - 00000000 ____D () C:\Program Files\Pidgin
    2014-12-09 12:24 - 2014-12-09 12:25 - 09670472 _____ () C:\Users\Loni\Downloads\pidgin-2.10.11.exe
    2014-12-08 00:10 - 2014-12-08 00:10 - 00000000 ____D () C:\Users\Loni\Desktop\Friday (1995)
    2014-12-07 23:56 - 2014-12-07 23:56 - 00134783 _____ () C:\Users\Loni\Desktop\Portfolio.rar
    2014-12-07 23:26 - 2014-12-07 23:26 - 00000000 __SHD () C:\Users\Loni\AppData\Local\EmieBrowserModeList
    2014-12-07 21:49 - 2014-12-07 21:49 - 00091615 _____ () C:\Users\Loni\Downloads\Les 10(2).pptx
    2014-12-07 13:15 - 2014-12-10 20:48 - 00001470 _____ () C:\Windows\PFRO.log
    2014-12-07 00:53 - 2014-12-10 16:17 - 00000000 ____D () C:\Users\Loni\Desktop\Book, tools
    2014-12-06 22:16 - 2014-12-06 23:02 - 1047700332 _____ () C:\Users\Loni\Desktop\Fury.2014.576p.DVDSCR.999MB.ShAaNiG.mkv
    2014-12-06 21:45 - 2014-12-10 20:49 - 00000868 _____ () C:\Windows\error.log
    2014-12-06 21:45 - 2014-12-10 20:48 - 00000189 _____ () C:\Windows\errord.log
    2014-12-06 21:45 - 2014-12-06 21:45 - 00000073 _____ () C:\Windows\Crypkey.ini
    2014-12-06 21:45 - 2008-05-08 00:29 - 00122880 _____ (CrypKey (Canada) Ltd.) C:\Windows\system32\Crypserv.exe
    2014-12-06 21:45 - 2008-03-17 17:45 - 00019584 _____ () C:\Windows\system32\Ckldrv.sys
    2014-12-06 21:45 - 1999-06-18 21:49 - 00165888 _____ (Kenonic Controls) C:\Windows\Ckconfig.exe
    2014-12-06 21:45 - 1996-05-03 17:21 - 00027648 ____R () C:\Windows\Setup_ck.exe
    2014-12-06 21:45 - 1996-05-03 15:36 - 00018432 _____ () C:\Windows\Setup_ck.dll
    2014-12-06 21:45 - 1995-07-04 18:33 - 00011776 _____ () C:\Windows\Ckrfresh.exe
    2014-12-06 20:35 - 2014-12-06 20:35 - 00002045 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2014-12-06 20:35 - 2014-12-06 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2014-12-06 20:34 - 2014-10-29 17:54 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2014-12-05 19:23 - 2014-12-07 16:57 - 00000000 ____D () C:\Users\Loni\AppData\Roaming\asoftech
    2014-12-05 19:23 - 2014-12-05 19:24 - 02572304 _____ (File Recovery Ltd. ) C:\Users\Loni\Downloads\undelete-360-setup.exe
    2014-12-05 19:23 - 2014-12-05 19:23 - 00000000 ____D () C:\Program Files\Asoftech
    2014-12-05 19:22 - 2014-12-05 19:22 - 04311560 _____ (Asoftech Photo Recovery ) C:\Users\Loni\Downloads\apr.exe
    2014-12-05 18:37 - 2014-12-05 19:15 - 00000000 ____D () C:\ProgramData\TEMP
    2014-12-05 18:37 - 2014-12-05 18:37 - 00000000 ____D () C:\Log
    2014-12-05 18:36 - 2014-12-05 18:36 - 05979488 _____ (Stellar Information Technology Pvt Ltd. ) C:\Users\Loni\Downloads\StellarPhoenixWindowsDataRecovery-Professional.exe
    2014-12-05 01:16 - 2014-12-05 01:16 - 00000000 ____D () C:\Users\Loni\Desktop\TreeBook
    2014-12-04 00:40 - 2014-12-04 00:40 - 00000000 ____D () C:\Users\Loni\AppData\Roaming\ICSharpCode
    2014-12-01 12:30 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2014-11-30 18:52 - 2014-11-30 18:52 - 00049760 _____ () C:\Users\Loni\Downloads\Les 9(3).pptx
    2014-11-30 18:07 - 2014-11-30 18:07 - 00063488 _____ () C:\Users\Loni\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-11-30 13:54 - 2014-11-05 18:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2014-11-30 13:54 - 2014-11-05 18:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-11-30 13:54 - 2014-11-05 18:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-11-30 13:54 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2014-11-30 13:54 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2014-11-30 13:54 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
    2014-11-30 13:54 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2014-11-30 13:53 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-11-30 13:41 - 2014-12-10 20:48 - 00004424 _____ () C:\Windows\setupact.log
    2014-11-30 13:41 - 2014-11-30 13:41 - 00294400 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-11-30 13:41 - 2014-11-30 13:41 - 00000000 _____ () C:\Windows\setuperr.log
    2014-11-30 03:25 - 2014-11-30 03:26 - 00000040 _____ () C:\Users\Loni\Desktop\test.txt
    2014-11-30 03:16 - 2014-11-30 13:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2014-11-30 03:15 - 2014-11-30 13:42 - 00000000 ____D () C:\ProgramData\Adobe
    2014-11-30 03:15 - 2014-11-30 03:16 - 00000000 ____D () C:\Program Files\Common Files\Adobe
    2014-11-30 03:15 - 2014-11-30 03:15 - 00000000 ____D () C:\Program Files\Adobe
    2014-11-30 03:14 - 2014-11-30 03:27 - 00000000 ____D () C:\Users\Loni\AppData\Local\Adobe
    2014-11-27 23:10 - 2014-11-27 23:10 - 00011466 _____ () C:\Users\Loni\Downloads\Cijfer AD1 1e test (2) (1).xlsx
    2014-11-27 23:09 - 2014-11-27 23:09 - 00011466 _____ () C:\Users\Loni\Downloads\Cijfer AD1 1e test (2).xlsx
    2014-11-25 17:25 - 2014-11-25 17:25 - 01355734 _____ () C:\Users\Loni\Downloads\PP_SchrijvenWeb_141121.pptx
    2014-11-25 00:17 - 2014-11-25 00:53 - 00000000 ____D () C:\Program Files\Recuva
    2014-11-25 00:17 - 2014-11-25 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
    2014-11-25 00:16 - 2014-11-25 00:16 - 04210920 _____ (Piriform Ltd) C:\Users\Loni\Downloads\rcsetup151.exe
    2014-11-23 18:31 - 2014-11-23 18:31 - 00057170 _____ () C:\Users\Loni\Downloads\Les 8(1).pptx
    2014-11-23 14:24 - 2014-11-23 14:27 - 00000000 ____D () C:\Users\Loni\VirtualBox VMs
    2014-11-23 14:23 - 2014-11-23 15:37 - 00000000 ____D () C:\Users\Loni\.VirtualBox
    2014-11-23 14:22 - 2014-11-23 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
    2014-11-23 14:22 - 2014-11-23 14:22 - 00000000 ____D () C:\Program Files\Oracle
    2014-11-23 14:22 - 2014-11-21 15:16 - 00744520 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
    2014-11-23 14:22 - 2014-11-21 15:16 - 00104384 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
    2014-11-23 14:18 - 2014-11-23 14:20 - 110585544 _____ (Oracle Corporation) C:\Users\Loni\Downloads\VirtualBox-4.3.20-96996-Win.exe
    2014-11-23 03:09 - 2014-11-28 22:35 - 00000000 ____D () C:\Users\Loni\Downloads\rufus_files
    2014-11-23 01:44 - 2014-11-23 01:44 - 01275392 _____ () C:\Users\Loni\Downloads\defcon-16-brading.ppt
    2014-11-22 23:57 - 2014-11-22 23:57 - 00640424 _____ (Akeo Consulting (http://akeo.ie)) C:\Users\Loni\Downloads\rufus-1.4.12.exe
    2014-11-22 23:56 - 2014-11-23 00:40 - 3147300864 _____ () C:\Users\Loni\Downloads\kali-linux-1.0.9a-i386.iso
    2014-11-21 15:16 - 2014-11-21 15:16 - 00174888 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
    2014-11-21 15:16 - 2014-11-21 15:16 - 00126496 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
    2014-11-21 15:16 - 2014-11-21 15:16 - 00116184 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
    2014-11-19 14:33 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-11-19 14:33 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2014-11-18 20:03 - 2014-11-18 20:03 - 00447849 _____ () C:\Users\Loni\Downloads\Les 7(2).pptx
    2014-11-14 21:53 - 2014-11-14 21:54 - 17738910 _____ () C:\Users\Loni\Downloads\creating-it-business-relevance-with-non-it-stakeholders--2.pptx
    2014-11-14 13:54 - 2014-11-14 13:54 - 00000000 ____D () C:\Program Files\Mozilla Firefox
    2014-11-13 23:59 - 2014-11-13 23:59 - 00076173 _____ () C:\Users\Loni\Downloads\les 6.pptx
    2014-11-13 02:27 - 2014-11-13 02:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
    2014-11-13 02:27 - 2014-11-13 02:27 - 00000000 ____D () C:\Program Files\Windows Phone Silverlight Kits
    2014-11-13 02:25 - 2014-12-08 03:40 - 00000000 ____D () C:\Users\Loni\Documents\Visual Studio 2013
    2014-11-13 02:24 - 2014-11-13 02:24 - 00000000 ____D () C:\Program Files\Microsoft XDE
    2014-11-13 02:15 - 2014-11-13 02:15 - 00000000 ____D () C:\Program Files\AppInsights
    2014-11-13 01:39 - 2014-11-13 01:39 - 00000000 ____D () C:\Program Files\Application Verifier
    2014-11-13 01:38 - 2014-11-13 02:19 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit
    2014-11-13 01:18 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
    2014-11-13 01:06 - 2014-11-13 01:06 - 00000000 ____D () C:\Program Files\Windows Phone Kits
    2014-11-13 00:56 - 2014-11-13 01:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
    2014-11-13 00:39 - 2014-11-13 02:08 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 12.0
    2014-11-13 00:36 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2014-11-13 00:36 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2014-11-13 00:36 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2014-11-13 00:36 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
    2014-11-13 00:36 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2014-11-13 00:36 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2014-11-13 00:36 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2014-11-13 00:36 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
    2014-11-13 00:36 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
    2014-11-13 00:35 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2014-11-13 00:35 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-11-13 00:35 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2014-11-13 00:35 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2014-11-13 00:35 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2014-11-13 00:35 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2014-11-13 00:35 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2014-11-13 00:35 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2014-11-13 00:34 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-11-13 00:34 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-11-13 00:34 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-11-13 00:34 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-11-13 00:34 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-11-13 00:34 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-11-13 00:34 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-11-13 00:34 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-11-13 00:34 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-11-13 00:34 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-11-13 00:34 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-11-13 00:34 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-11-13 00:34 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-11-13 00:34 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-11-13 00:34 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-11-13 00:34 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2014-11-13 00:34 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-11-13 00:34 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
    2014-11-13 00:34 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2014-11-13 00:34 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2014-11-13 00:33 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-11-13 00:33 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-11-13 00:33 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-11-13 00:33 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-11-13 00:33 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-11-13 00:33 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-11-13 00:33 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-11-13 00:33 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-11-13 00:33 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-11-13 00:33 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-11-13 00:33 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-11-13 00:33 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-11-13 00:33 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-11-13 00:33 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-11-13 00:33 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-11-13 00:24 - 2014-11-13 00:24 - 01240624 _____ (Microsoft Corporation) C:\Users\Loni\Downloads\vs_community.exe
    2014-11-11 17:29 - 2014-11-29 20:58 - 00000000 ____D () C:\Users\Loni\AppData\Local\CrashDumps
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-12-10 20:54 - 2014-08-01 16:59 - 01926981 _____ () C:\Windows\WindowsUpdate.log
    2014-12-10 20:50 - 2014-08-04 22:27 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-12-10 20:48 - 2014-08-01 17:09 - 00001052 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-12-10 20:48 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-12-10 20:47 - 2009-07-14 05:34 - 00059872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-12-10 20:47 - 2009-07-14 05:34 - 00059872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-12-10 20:40 - 2014-09-15 23:46 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-12-10 20:32 - 2014-08-01 17:09 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-12-10 17:51 - 2014-08-02 23:17 - 00000000 ____D () C:\Users\Loni\AppData\Roaming\BitTorrent
    2014-12-09 22:40 - 2014-09-15 23:46 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2014-12-09 22:40 - 2014-09-15 23:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2014-12-08 02:48 - 2014-08-01 22:21 - 00000000 ____D () C:\Users\Loni\Documents\Stuff
    2014-12-08 00:48 - 2010-11-20 22:01 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-12-08 00:26 - 2014-09-01 14:03 - 00000000 ____D () C:\Users\Loni\AppData\Roaming\vlc
    2014-12-07 20:34 - 2014-10-11 23:11 - 00000000 ____D () C:\Users\Loni\Desktop\Portfolio
    2014-12-04 21:05 - 2014-10-11 23:25 - 00000000 ____D () C:\Users\Loni\AppData\Roaming\Notepad++
    2014-12-04 17:33 - 2014-08-06 16:36 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
    2014-12-03 19:45 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
    2014-12-02 19:34 - 2014-08-04 22:26 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-12-02 19:34 - 2014-08-04 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-12-02 19:34 - 2014-08-04 22:26 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
    2014-12-02 00:37 - 2014-08-04 01:35 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-12-01 12:23 - 2014-09-06 00:38 - 00001576 _____ () C:\Windows\Sandboxie.ini
    2014-11-30 13:49 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\LogFiles
    2014-11-30 03:27 - 2014-08-04 10:51 - 00000000 ____D () C:\Users\Loni\AppData\Roaming\Adobe
    2014-11-28 23:08 - 2014-09-10 18:20 - 00000258 __RSH () C:\ProgramData\ntuser.pol
    2014-11-28 18:10 - 2014-08-01 17:03 - 00000000 ____D () C:\Users\Loni
    2014-11-26 19:34 - 2014-08-01 17:10 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-11-24 14:04 - 2014-08-01 17:20 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2014-11-23 13:49 - 2014-08-01 17:09 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
    2014-11-21 11:56 - 2014-08-01 17:09 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
    2014-11-21 06:14 - 2014-08-04 22:26 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-11-21 06:14 - 2014-08-04 22:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-11-21 06:14 - 2014-08-04 22:26 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-11-15 20:15 - 2014-08-01 19:14 - 00000000 ____D () C:\Users\Loni\Documents\Visual Studio 2012
    2014-11-14 13:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
    2014-11-13 19:04 - 2014-08-01 19:06 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
    2014-11-13 18:59 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
    2014-11-13 18:56 - 2014-08-01 18:59 - 00000000 ____D () C:\ProgramData\Package Cache
    2014-11-13 10:25 - 2014-10-21 22:17 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2014-11-13 02:24 - 2014-08-01 19:06 - 00000000 ____D () C:\Program Files\Microsoft SDKs
    2014-11-13 02:14 - 2014-10-21 22:10 - 00000000 ____D () C:\Program Files\IIS Express
    2014-11-13 01:53 - 2014-10-21 22:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2014-11-13 01:39 - 2014-08-01 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
    2014-11-13 01:34 - 2014-08-01 19:11 - 00000000 ____D () C:\Program Files\Common Files\Merge Modules
    2014-11-13 01:30 - 2014-10-21 22:11 - 00000000 ____D () C:\Program Files\Microsoft ASP.NET
    2014-11-13 01:25 - 2014-10-29 01:27 - 00000000 ____D () C:\Program Files\Microsoft Web Tools
    2014-11-13 01:22 - 2014-10-29 01:54 - 00000000 ____D () C:\Program Files\NuGet
    2014-11-13 01:22 - 2014-10-21 22:09 - 00000000 ____D () C:\Program Files\Microsoft WCF Data Services
    2014-11-13 01:15 - 2014-08-01 19:06 - 00000000 ____D () C:\Windows\system32\1033
    2014-11-13 01:06 - 2014-08-01 19:08 - 00000000 ____D () C:\Program Files\Windows Kits
    2014-11-13 01:05 - 2014-08-01 19:06 - 00000000 ____D () C:\Program Files\Microsoft Help Viewer
    2014-11-13 00:49 - 2014-08-01 19:02 - 00000000 ____D () C:\Program Files\Microsoft.NET
    2014-11-13 00:33 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\MSBuild
    2014-11-11 03:08 - 2014-10-21 21:46 - 00000000 ____D () C:\Windows\Minidump
     
    Some content of TEMP:
    ====================
    C:\Users\Loni\AppData\Local\Temp\Quarantine.exe
    C:\Users\Loni\AppData\Local\Temp\sqlite3.dll
    C:\Users\Loni\AppData\Local\Temp\utt1E33.tmp.exe
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2014-12-05 17:58
     

     

    ==================== End Of Log ============================
     
    Addition:
     
    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-12-2014 01
    Ran by Loni at 2014-12-10 21:06:08
    Running from C:\Users\Loni\Desktop
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
     Tools for .Net 3.5 (Version: 3.11.50727 - Microsoft Corporation) Hidden
    Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.09) - Nederlands (HKLM\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
    Android SDK Tools (HKLM\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
    Application Insights Tools for Visual Studio 2013 (Version: 2.4 - Microsoft Corporation) Hidden
    Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2206 - AVAST Software)
    AzureTools.Notifications (Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
    Behaviors SDK (Windows Phone) for Visual Studio 2013 (Version: 12.0.50716.0 - Microsoft Corporation) Hidden
    Behaviors SDK (Windows) for Visual Studio 2013 (Version: 12.0.50429.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio 2012 (Version: 5.0.30709.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio 2012 ENU resources (Version: 5.0.30709.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio 2013 (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
    Blend for Visual Studio 2013 ENU resources (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
    Blend for Visual Studio Add-in for Adobe FXG Import (Version: 1.0.40218.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for .NET 4.5 (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for Silverlight 5 (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Build Tools - x86 (Version: 12.0.31101 - Microsoft Corporation) Hidden
    Build Tools Language Resources - x86 (Version: 12.0.31101 - Microsoft Corporation) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
    DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
    Dotfuscator and Analytics Community Edition (Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
    Dotfuscator and Analytics Community Edition (Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
    Entity Framework 6.1.1 Tools  for Visual Studio 2013 (HKLM\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
    Entity Framework Designer for Visual Studio 2012 - enu (HKLM\...\{3F29268A-F53A-4387-9F2B-E9368A823178}) (Version: 11.1.30729.00 - Microsoft Corporation)
    Euro Truck Simulator 2 (HKLM\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.13.3 - SCS Software)
    Ezvid (HKLM\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0982 - Ezvid, inc.)
    f.lux (HKU\S-1-5-21-1114357038-2612704853-781822362-1000\...\Flux) (Version:  - )
    FileZilla Server (HKLM\...\FileZilla Server) (Version: beta 0.9.48 - FileZilla Project)
    Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
    Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
    Greenfoot (HKLM\...\{8C838B70-3A71-41E8-91A6-4ADCF2E483D0}) (Version: 2.4.0 - Greenfoot Team)
    Gtk# for .Net 2.12.26 (HKLM\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
    IIS 8.0 Express (HKLM\...\{B8FFB7D6-6ABD-47C3-8BAD-86FF5D8F3EDC}) (Version: 8.0.1557 - Microsoft Corporation)
    IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
    Java 8 Update 20 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
    Java SE Development Kit 8 Update 20 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180200}) (Version: 8.0.200.26 - Oracle Corporation)
    Java™ 6 Update 39 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216039FF}) (Version: 6.0.390 - Oracle)
    Java™ SE Development Kit 6 Update 39 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160390}) (Version: 1.6.0.390 - Oracle)
    Kit SDK de vérification de Visual Studio 2012 - fra (Version: 12.0.30501 - Microsoft Corporation) Hidden
    LocalESPC (Version: 8.59.29989 - Microsoft Corporation) Hidden
    LocalESPC Dev12 (Version: 8.100.25984 - Microsoft Corporation) Hidden
    LocalESPCui for en-us (Version: 8.59.25584 - Microsoft) Hidden
    LocalESPCui for en-us Dev12 (Version: 8.100.25984 - Microsoft) Hidden
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Memory Profiler (Version: 12.0.31101 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 SDK (HKLM\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 SDK (HKLM\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
    Microsoft ASP.NET MVC 3 (HKLM\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
    Microsoft ASP.NET Web Pages (HKLM\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
    Microsoft Help Viewer 2.0 (HKLM\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
    Microsoft Help Viewer 2.1 (HKLM\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0413-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
    Microsoft Silverlight 4 SDK (HKLM\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
    Microsoft Silverlight 5 SDK (HKLM\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{5EF1EBC5-4A40-4D1C-B02E-0C54BC93FD06}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{FE939060-416C-4ECD-890E-13776E2707C4}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects  (HKLM\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client  (HKLM\...\{544ACD54-9FAA-4A60-A1E7-B2EC3AA75D24}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{79B49428-E9B0-4479-A0FA-3EFF8AFA9F07}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{E7654811-38F9-4225-9688-827FDA716582}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service  (HKLM\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{4A1DEB7A-341B-453E-A3AF-7EA9902F9711}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects  (HKLM\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{C340BAB2-9A21-41B9-A465-7AC7B1DF773E}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 T-SQL Language Service  (HKLM\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 ENU (HKLM\...\{773AC1E4-5F27-4DF6-A932-7FDDE35C069D}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (HKLM\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio Community 2013 with Update 4 (HKLM\...\{96a8b90c-0a91-4e76-ab34-730c23923d11}) (Version: 12.0.31101 - Microsoft Corporation)
    Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
    Microsoft Visual Studio Professional 2012 (HKLM\...\{c93c1c16-fd12-4b07-8926-2a4af46b6597}) (Version: 11.0.50727.26 - Microsoft Corporation)
    Microsoft Web Deploy 3.5 (HKLM\...\{D58573E7-F82D-41E4-B10B-3041202A51D2}) (Version: 3.1237.1763 - Microsoft Corporation)
    Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
    Microsoft Web Platform Installer 4.0 (HKLM\...\{1F4DF099-EA5C-482D-9901-C0A8B539B417}) (Version: 4.0.1622 - Microsoft Corporation)
    Mono for Windows 3.2.3 (HKLM\...\{afbbbda2-1dd7-11e3-ae37-080027022fbf}_is1) (Version: 3.2.3 - Mono)
    MonoGame (HKLM\...\MonoGame) (Version: 3.0 - MonoGame)
    Mozilla Firefox 32.0.3 (x86 nl) (HKLM\...\Mozilla Firefox 32.0.3 (x86 nl)) (Version: 32.0.3 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
    Notepad++ (HKLM\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
    OpenVPN 2.3.4-I001  (HKLM\...\OpenVPN) (Version: 2.3.4-I001 - )
    Oracle VM VirtualBox 4.3.20 (HKLM\...\{3ACD85F2-BD6D-44FE-8CAE-5C1C3757ED7E}) (Version: 4.3.20 - Oracle Corporation)
    paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF4819}) (Version: 4.0.3 - dotPDN LLC)
    Pidgin (HKLM\...\Pidgin) (Version: 2.10.11 - )
    pidgin-otr 4.0.1 (HKLM\...\pidgin-otr) (Version: 4.0.1 - Cypherpunks CA)
    PowreShellIntegration.Notifications (Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
    PreEmptive Analytics Visual Studio Components (Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
    PreEmptive Analytics Visual Studio Components (Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
    Prerequisites for SSDT  (HKLM\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Prerequisites for SSDT  (HKLM\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
    Python Tools Redirection Template (Version: 1.3 - Microsoft Corporation) Hidden
    Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
    Sandboxie 4.12 (32-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
    SDK de comprobación de Visual Studio 2012 - esn (Version: 12.0.30501 - Microsoft Corporation) Hidden
    Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
    Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
    SmartAssembly 6 (HKLM\...\{B0BAB8FE-6DDE-44ED-8816-05C080842E4C}) (Version: 6.8.0.121 - Red Gate Software Ltd)
    TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
    Team Explorer for Microsoft Visual Studio 2013 (Version: 12.0.21005 - Microsoft Corporation) Hidden
    Toolwiz File Recovery FREE (HKLM\...\Toolwiz File Recovery FREE_is1) (Version: 1.3.0.0 - Toolwiz)
    Toolwiz Time Freeze 2014 (HKLM\...\{3A74D01E-3AEF-4DF4-8404-0056150C97A3}) (Version: 2.2.0.6000 - Toolwiz)
    TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
    TypeScript Power Tool (Version: 1.0.5.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 2013 (Version: 1.0.5.0 - Microsoft Corporation) Hidden
    Update for  (KB2504637) (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
    Visual Studio 2012 Update 4 (KB2707250) (HKLM\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
    Visual Studio 2013 Update 4 (KB2829760) (HKLM\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
    VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
    VS Update core components (Version: 12.0.31101 - Microsoft Corporation) Hidden
    WCF Data Services 5.0 (for OData v3) Primary Components (Version: 5.0.50628.0 - Microsoft Corporation) Hidden
    WCF Data Services 5.6.0 Runtime (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2012 (Version: 5.0.50710.0 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2013 (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
    WCF RIA Services V1.0 SP2 (HKLM\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
    WindowsFormsApplication1 (HKU\S-1-5-21-1114357038-2612704853-781822362-1000\...\d03da06cd506d783) (Version: 1.0.0.0 - WindowsFormsApplication1)
    WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
    WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
    Wireshark 1.12.1 (32-bit) (HKLM\...\Wireshark) (Version: 1.12.1 - The Wireshark developer community, http://www.wireshark.org)
    Xamarin (HKLM\...\{B1A107B3-BB77-4679-A65F-C99410C018F3}) (Version: 3.7.230.0 - Xamarin)
    Xamarin Studio 5.5.2 (HKLM\...\{CF37A44C-9D58-4BDE-AB4C-21C892E1E30C}) (Version: 5.5.2.0 - Xamarin)
    Xamarin Universal Installer (HKLM\...\{7ddf1364-61e0-4079-80f4-e4bb3e49d7c0}) (Version: 3.5.0.0 - Xamarin, Inc)
    XAMPP (HKLM\...\xampp) (Version: 1.8.3-5 - Bitnami)
    Пакет Visual Studio 2012 Verification SDK - rus (Version: 12.0.30501 - Microsoft Corporation) Hidden
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-1114357038-2612704853-781822362-1000_Classes\CLSID\{5852F5ED-8BF4-11D4-A245-0080C6F74284}\InprocServer32 -> C:\Program Files\Greenfoot\jdk\jre\bin\wsdetect.dll (Oracle Corporation)
     
    ==================== Restore Points  =========================
     
    06-12-2014 19:33:13 avast! antivirus system restore point
    07-12-2014 15:56:56 Removed Asoftech Photo Recovery
    09-12-2014 10:52:33 Windows Update
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {24FA6BDF-FD32-47AA-8E8D-E8DB3B7E8C2F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-29] (AVAST Software)
    Task: {62B6ADC4-80DA-4D5A-83FE-DADE9C6CAD19} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
    Task: {7D9B3C4C-753D-49AC-AB44-BA45FBF4982F} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
    Task: {97575D21-242C-4BD8-92B5-608C0ED66401} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {9D2F5149-7473-4421-9C57-6E80C7A8AB73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-01] (Google Inc.)
    Task: {9F177585-CF64-4285-93EF-C145A6134DE6} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {BB7A4FE1-FF6A-4B57-8662-BADF62A3E1AF} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {BE813682-5C47-4193-9EBB-9B26B7CF4868} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
    Task: {EBA7F2D1-74CE-4DDE-9862-F527C1D1A756} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {FD99E309-3EBC-4794-942A-DFAE1F67D188} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-01] (Google Inc.)
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
     
    ==================== Loaded Modules (whitelisted) =============
     
    2014-12-10 20:14 - 2014-12-10 20:14 - 02905088 _____ () C:\Program Files\AVAST Software\Avast\defs\14121001\algo.dll
    2014-10-29 17:54 - 2014-10-29 17:54 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-05-12 10:49 - 2014-05-12 10:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
    2014-11-26 19:34 - 2014-11-25 07:39 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
    2014-11-26 19:34 - 2014-11-25 07:39 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\libegl.dll
    2014-11-26 19:34 - 2014-11-25 07:39 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\pdf.dll
    2014-11-26 19:34 - 2014-11-25 07:39 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
    AlternateDataStreams: C:\ProgramData\TEMP:D5FBE8F9
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
     
    ==================== EXE Association (whitelisted) =============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== MSCONFIG/TASK MANAGER disabled items =========
     
    (Currently there is no automatic fix for this section.)
     
     
    ========================= Accounts: ==========================
     
    Administrator (S-1-5-21-1114357038-2612704853-781822362-500 - Administrator - Disabled)
    Guest (S-1-5-21-1114357038-2612704853-781822362-501 - Limited - Disabled)
    Loni (S-1-5-21-1114357038-2612704853-781822362-1000 - Administrator - Enabled) => C:\Users\Loni
     
    ==================== Faulty Device Manager Devices =============
     
    Name: Base System Device
    Description: Base System Device
    Class Guid: 
    Manufacturer: 
    Service: 
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
     
    Name: Base System Device
    Description: Base System Device
    Class Guid: 
    Manufacturer: 
    Service: 
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
     
    Name: 
    Description: 
    Class Guid: 
    Manufacturer: 
    Service: 
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
     
    Name: Base System Device
    Description: Base System Device
    Class Guid: 
    Manufacturer: 
    Service: 
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
     
    System errors:
    =============
     
    Microsoft Office Sessions:
    =========================
     
    ==================== Memory info =========================== 
     
    Processor: Pentium® Dual-Core CPU T4200 @ 2.00GHz
    Percentage of memory in use: 42%
    Total physical RAM: 3069.19 MB
    Available physical RAM: 1772.79 MB
    Total Pagefile: 6136.67 MB
    Available Pagefile: 4507.29 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1915.47 MB
     
    ==================== Drives ================================
     
    Drive c: () (Fixed) (Total:137.59 GB) (Free:20.86 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
    Drive d: (RECOVERY) (Fixed) (Total:11.46 GB) (Free:1.87 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive g: (VS2012_WDX_ENU) (CDROM) (Total:0.59 GB) (Free:0 GB) CDFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 0CF1D19B)
    Partition 1: (Active) - (Size=137.6 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=11.5 GB) - (Type=07 NTFS)
     
    ==================== End Of Log ============================
     
    Procex:

     

    Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
    armsvc.exe 840 K 2.900 K 2488 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
    atieclxx.exe 1.296 K 4.272 K 1332 AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
    atiesrxx.exe 812 K 2.956 K 864 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
    chrome.exe 30.520 K 51.692 K 2408 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 29.028 K 51.060 K 3792 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 65.848 K 98.272 K 4284 Google Chrome Google Inc. (Verified) Google Inc
    Crypserv.exe 2.088 K 3.584 K 2920 CrypKey License Service CrypKey (Canada) Ltd. (No signature was present in the subject) CrypKey (Canada) Ltd.
    dllhost.exe 1.236 K 4.084 K 4836 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
    IpOverUsbSvc.exe 8.144 K 8.444 K 3484 Microsoft Corporation (Verified) Microsoft Corporation
    itype.exe 4.492 K 1.776 K 360 IType.exe Microsoft Corporation (Verified) Microsoft Corporation
    jucheck.exe 3.076 K 10.096 K 2508 Java Update Checker Oracle Corporation (Verified) Oracle America
    jusched.exe 1.432 K 6.548 K 2012 Java Update Scheduler Oracle Corporation (Verified) Oracle America
    lsass.exe 3.452 K 8.340 K 564 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
    lsm.exe 1.344 K 2.972 K 572 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
    mbamscheduler.exe 3.688 K 7.696 K 3560 Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
    mbamservice.exe 182.944 K 87.576 K 3656 Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
    mDNSResponder.exe 1.592 K 4.412 K 2628 Bonjour Service Apple Inc. (No signature was present in the subject) Apple Inc.
    SbieSvc.exe 1.376 K 3.204 K 1224 Sandboxie Service Sandboxie Holdings, LLC (Verified) Invincea
    SearchFilterHost.exe 1.632 K 4.492 K 2312 Microsoft Windows Search Filter Host Microsoft Corporation (Verified) Microsoft Windows
    services.exe 4.668 K 9.648 K 540 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
    smss.exe 268 K 800 K 304 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
    spoolsv.exe 4.364 K 7.788 K 1860 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
    sppsvc.exe 5.076 K 4.492 K 424 Microsoft Software Protection Platform Service Microsoft Corporation (Verified) Microsoft Windows
    sqlwriter.exe 1.292 K 4.324 K 3804 SQL Server VSS Writer Microsoft Corporation (Verified) Microsoft Corporation
    svchost.exe 3.736 K 6.688 K 3016 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 1.148 K 3.964 K 4960 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 1.224 K 4.192 K 3836 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 16.000 K 14.236 K 940 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 8.312 K 11.068 K 1008 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 2.808 K 7.192 K 692 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 11.824 K 9.588 K 1936 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 3.068 K 5.968 K 812 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 32.856 K 17.200 K 2412 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    taskeng.exe 1.236 K 4.216 K 1116 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
    ToolwizTimeFreeze.exe 5.384 K 9.040 K 108 Toolwiz Toolwiz (Verified) XII CNC Inc.
    unsecapp.exe 1.156 K 4.060 K 1136 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
    wininit.exe 928 K 3.268 K 492 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
    winlogon.exe 1.744 K 4.980 K 736 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
    WmiPrvSE.exe 1.848 K 4.712 K 4892 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
    WmiPrvSE.exe 5.752 K 9.160 K 320 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
    wuauclt.exe 1.384 K 5.068 K 1272 Windows Update Microsoft Corporation (Verified) Microsoft Windows
    hpservice.exe < 0.01 956 K 3.456 K 1200 HpService Hewlett-Packard Company (Verified) Microsoft Windows Hardware Compatibility Publisher
    SearchProtocolHost.exe 0.01 1.828 K 6.364 K 4348 Microsoft Windows Search Protocol Host Microsoft Corporation (Verified) Microsoft Windows
    SearchIndexer.exe 0.01 23.480 K 12.048 K 4072 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
    ipoint.exe 0.01 4.120 K 1.984 K 2072 IPoint.exe Microsoft Corporation (Verified) Microsoft Corporation
    svchost.exe 0.02 12.900 K 12.216 K 1380 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 0.02 19.868 K 32.500 K 1032 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    csrss.exe 0.05 1.364 K 3.360 K 416 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 0.06 59.648 K 62.356 K 980 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    chrome.exe 0.09 87.972 K 110.628 K 2232 Google Chrome Google Inc. (Verified) Google Inc
    avastui.exe 0.09 11.876 K 14.216 K 2000 avast! Antivirus AVAST Software (Verified) AVAST Software a.s.
    AvastSvc.exe 0.11 66.108 K 40.960 K 1520 avast! Service AVAST Software (Verified) AVAST Software a.s.
    FileZilla Server.exe 0.12 1.232 K 3.564 K 3204 FileZilla Server FileZilla Project (No signature was present in the subject) FileZilla Project
    taskhost.exe 0.13 10.500 K 10.248 K 1868 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
    chrome.exe 0.13 69.852 K 108.012 K 1852 Google Chrome Google Inc. (Verified) Google Inc
    SbieCtrl.exe 0.22 2.712 K 9.124 K 332 Sandboxie Control Sandboxie Holdings, LLC (Verified) Invincea
    explorer.exe 0.30 20.424 K 34.224 K 2996 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
    flux.exe 0.40 28.212 K 14.896 K 2044 f.lux Flux Software LLC (Verified) Michael Herf
    chrome.exe 0.72 55.424 K 97.968 K 1504 Google Chrome Google Inc. (Verified) Google Inc
    mbam.exe 0.98 28.808 K 34.944 K 3768 Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
    System 1.25 44 K 944 K 4
    csrss.exe 2.89 2.548 K 7.400 K 504 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
    Interrupts 3.60 0 K 0 K n/a Hardware Interrupts and DPCs
    dwm.exe 4.57 30.860 K 29.300 K 1612 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
    procexp.exe 29.24 23.328 K 39.520 K 4488 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
    System Idle Process 55.00 0 K 24 K 0

    • 0

    #4
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,029 posts
    • MVP

    Looks like you have some bad drivers.  That's generally what a high value of Interrupts means:  You have

     

    Interrupts 3.60 0 K 0 K n/a Hardware Interrupts and DPCs

     

    I like to see it under 1.4.

     

    Also you have some drivers not starting.  The Base System Driver is part of Intel's Ethernet driver software.  See:

     

    http://www.intel.com...b/cs-022703.htm for a possible fix.

     

    The other driver is invisible so it may be a good thing it doesn't start.

     

    Let's see if autoruns can see it:

     

    Get autoruns from

     
    Download Save and Run the program by right clicking and Run As Admin.   File, Save, to your desktop, autoruns.arn, OK.  This file is normally a bit over the forum size limit so will need to be zipped.  If you do not have win-zip or 7-zip then get 7-zip from 
    Download, Save and Run the appropriate msi file for your PC.  You want the one for 32 bit x86.
     
    Once you have it installed you can then right click on autoruns.arn then click on 7-zip, Add to autoruns.zip.  It should put the autoruns.zip file in the same directory.  Attach it.

    • 0

    #5
    Geekl33t

    Geekl33t

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

    Here you go

    Attached Files


    Edited by Geekl33t, 10 December 2014 - 05:19 PM.

    • 0

    #6
    Geekl33t

    Geekl33t

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

    Btw I just tried to install that driver, but here's the error I get.

     

    "Cannot install drivers. No Intel® Adapters are present in this computer."


    • 0

    #7
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,029 posts
    • MVP

    Yes it looks like the network adapter is from Broadcom and the other are from amd & via.  What make and model PC is this?  If there is a service tag give me that too.  Does it have a flash card reader built in?  


    • 0

    #8
    Geekl33t

    Geekl33t

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

    It's an HP

     

    model: dv6-1210eb


    • 0

    #9
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,029 posts
    • MVP

    Check the model number again.  It's not coming up on the Belgium/Lux. HP support site or the US site.  Where did you buy the PC?  I found a 1210sb and a 1250eb but no 1210eb. See if this works for you.

     

    http://h10025.www1.h...en&cc=us&dlc=en


    • 0

    #10
    Geekl33t

    Geekl33t

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

    Nope sorry that's it actually, that's the unique number i'm getting :/


    • 0

    Advertisements


    #11
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,029 posts
    • MVP

    where did you buy it?


    • 0

    #12
    Geekl33t

    Geekl33t

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

    Well I didn't actually buy it from a store, I got it from a friend for €100.

     

    Is that really important?


    Edited by Geekl33t, 10 December 2014 - 07:34 PM.

    • 0

    #13
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,029 posts
    • MVP

    Problem is each country has its own HP site and they only list the PCs made for that country.  I've checked the Belgium/Lux, US, German and French sites and can't find it.  Perhaps if you go to the Belgium HP Support  site

    http://www8.hp.com/be/fr/drivers.html

     

    with your PC and let it determine which PC you have

    (Détecter mon produit) 

    it will find the right one.

     

    You can also right click on (My) Computer and select Manage, Yes then Device Manager,  Look in the right pane for yellow or red flagged devices.  Do you see any?


    • 0

    #14
    Geekl33t

    Geekl33t

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

    »Ordinateur portable de loisirs HP Pavilion dv6-1210sb 

     

    http://h10025.www1.h...be&dlc=fr&ssf=1

     

    I think you were right it's not dv6-1210eb but dv6-1210sb o.O?


    • 0

    #15
    Geekl33t

    Geekl33t

      Member

    • Topic Starter
    • Member
    • PipPip
    • 22 posts

    I don't know what happened but my computer went to sleep by itself while working on it? This never happened before, my batterie is full.

     

    Is that something to worry about?


    • 0






    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP