AdwCleaner:
R0:
# AdwCleaner v4.105 - Report created 10/12/2014 at 20:44:28
# Updated 08/12/2014 by Xplode
# Database : 2014-12-08.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Loni - LONI-PC
# Running from : C:\Users\Loni\Desktop\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : c2cautoupdatesvc
Service Found : c2cpnrsvc
***** [ Files / Folders ] *****
Folder Found : C:\ProgramData\apn
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Mozilla Firefox v32.0.3 (x86 nl)
-\\ Google Chrome v39.0.2171.71
*************************
AdwCleaner[R0].txt - [1258 octets] - [10/12/2014 20:44:28]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1318 octets] ##########
S0:
# AdwCleaner v4.105 - Report created 10/12/2014 at 20:46:26
# Updated 08/12/2014 by Xplode
# Database : 2014-12-08.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Loni - LONI-PC
# Running from : C:\Users\Loni\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : c2cautoupdatesvc
Service Deleted : c2cpnrsvc
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Mozilla Firefox v32.0.3 (x86 nl)
-\\ Google Chrome v39.0.2171.71
*************************
AdwCleaner[R0].txt - [1398 octets] - [10/12/2014 20:44:28]
AdwCleaner[S0].txt - [1335 octets] - [10/12/2014 20:46:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1395 octets] ##########
JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x86
Ran by Loni on mer. 10/12/2014 at 20:51:27,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on mer. 10/12/2014 at 20:59:48,17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-12-2014 01
Ran by Loni (administrator) on LONI-PC on 10-12-2014 21:05:02
Running from C:\Users\Loni\Desktop
Loaded Profile: Loni (Available profiles: Loni)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Flux Software LLC) C:\Users\Loni\AppData\Local\FluxSoftware\Flux\flux.exe
(Toolwiz) C:\Program Files\Toolwiz Time Freeze 2014\ToolwizTimeFreeze.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Apple Inc.) C:\Program Files\Xamarin\Bonjour\mDNSResponder.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(FileZilla Project) C:\Program Files\FileZilla Server\FileZilla Server.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-01] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-1114357038-2612704853-781822362-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1114357038-2612704853-781822362-1000\...\Run: [f.lux] => C:\Users\Loni\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-1114357038-2612704853-781822362-1000\...\Run: [ToolwizTimeFreeze] => C:\Program Files\Toolwiz Time Freeze 2014\ToolwizTimeFreeze.exe [1660216 2014-08-04] (Toolwiz)
HKU\S-1-5-21-1114357038-2612704853-781822362-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [631816 2014-05-29] (Sandboxie Holdings, LLC)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Loni\AppData\Roaming\Mozilla\Firefox\Profiles\zgjeioag.default
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: FoxyProxy Standard - C:\Users\Loni\AppData\Roaming\Mozilla\Firefox\Profiles\zgjeioag.default\Extensions\
[email protected] [2014-12-03]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2014-11-14]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-11-14]
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-01]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-01]
CHR Extension: (Google Drive) - C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-01]
CHR Extension: (WOT) - C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-08-02]
CHR Extension: (YouTube) - C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-01]
CHR Extension: (Google Search) - C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-01]
CHR Extension: (Avast Online Security) - C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-01]
CHR Extension: (Google Wallet) - C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-01]
CHR Extension: (Gmail) - C:\Users\Loni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-01]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-29]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-29] (AVAST Software)
R2 Bonjour Service; C:\Program Files\Xamarin\Bonjour\mDNSResponder.exe [384512 2014-10-17] (Apple Inc.) [File not signed]
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
R2 FileZilla Server; C:\Program Files\FileZilla Server\FileZilla Server.exe [777728 2014-10-30] (FileZilla Project) [File not signed]
S3 fussvc; C:\Program Files\Windows Kits\8.1\App Certification Kit\fussvc.exe [140800 2014-02-19] (Microsoft Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [32568 2014-05-02] (The OpenVPN Project)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [134664 2014-05-29] (Sandboxie Holdings, LLC)
S3 Te.Service; C:\Program Files\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [91136 2013-08-21] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [73360 2014-07-23] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-10-29] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-10-29] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-10-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-10-29] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-10-29] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-08-01] (Disc Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-12-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [19584 2008-03-17] () [File not signed]
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [160264 2014-05-29] (Sandboxie Holdings, LLC)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R0 TWZDISK; C:\Windows\System32\Drivers\TWZDISK.sys [66704 2014-08-04] (Toolwiz.com)
R1 TWZFILE; C:\Windows\system32\Drivers\TWZFILE.sys [33040 2014-08-04] (Toolwiz.com)
S3 VSPerfDrv110; C:\Program Files\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\VSPerfDrv110.sys [55416 2012-07-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-10 21:05 - 2014-12-10 21:05 - 00013718 _____ () C:\Users\Loni\Desktop\FRST.txt
2014-12-10 21:04 - 2014-12-10 21:05 - 00000000 ____D () C:\FRST
2014-12-10 20:59 - 2014-12-10 20:59 - 00000634 _____ () C:\Users\Loni\Desktop\JRT.txt
2014-12-10 20:51 - 2014-12-10 20:51 - 00000000 ____D () C:\Windows\ERUNT
2014-12-10 20:44 - 2014-12-10 20:46 - 00000000 ____D () C:\AdwCleaner
2014-12-10 20:35 - 2014-12-10 20:36 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\Loni\Desktop\procexp.exe
2014-12-10 20:35 - 2014-12-10 20:35 - 01111040 _____ (Farbar) C:\Users\Loni\Desktop\FRST.exe
2014-12-10 20:34 - 2014-12-10 20:34 - 01707646 _____ (Thisisu) C:\Users\Loni\Desktop\JRT.exe
2014-12-10 20:31 - 2014-12-10 20:31 - 02166272 _____ () C:\Users\Loni\Desktop\AdwCleaner.exe
2014-12-10 20:17 - 2014-12-10 20:17 - 01435975 _____ () C:\Users\Loni\Desktop\piano.rar
2014-12-10 18:28 - 2014-12-10 18:28 - 00000000 ____D () C:\Users\Loni\Desktop\piano
2014-12-10 18:04 - 2014-12-10 18:04 - 00072444 _____ () C:\Users\Loni\Desktop\OTL.Txt
2014-12-10 16:11 - 2014-12-10 16:11 - 01685080 _____ (BitTorrent Inc.) C:\Users\Loni\Downloads\BitTorrent (1).exe
2014-12-09 19:14 - 2014-12-09 19:16 - 2147483648 _____ () C:\Users\Loni\Documents\projects
2014-12-09 18:51 - 2014-12-09 18:51 - 00602112 _____ (OldTimer Tools) C:\Users\Loni\Desktop\OTL.exe
2014-12-09 16:49 - 2014-12-09 16:49 - 06731033 _____ () C:\Users\Loni\Downloads\pidgin-otr-4.0.1 (1).exe
2014-12-09 16:49 - 2014-12-09 16:49 - 00000000 ____D () C:\Users\Loni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pidgin-otr
2014-12-09 16:49 - 2014-12-09 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pidgin-otr
2014-12-09 16:49 - 2014-12-09 16:49 - 00000000 ____D () C:\Program Files\pidgin-otr
2014-12-09 12:34 - 2014-12-09 12:35 - 06731033 _____ () C:\Users\Loni\Downloads\pidgin-otr-4.0.1.exe
2014-12-09 12:27 - 2014-12-09 22:59 - 00000000 ____D () C:\Users\Loni\AppData\Roaming\.purple
2014-12-09 12:26 - 2014-12-09 12:26 - 00000949 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk
2014-12-09 12:26 - 2014-12-09 12:26 - 00000937 _____ () C:\Users\Public\Desktop\Pidgin.lnk
2014-12-09 12:25 - 2014-12-09 16:49 - 00000000 ____D () C:\Program Files\Pidgin
2014-12-09 12:24 - 2014-12-09 12:25 - 09670472 _____ () C:\Users\Loni\Downloads\pidgin-2.10.11.exe
2014-12-08 00:10 - 2014-12-08 00:10 - 00000000 ____D () C:\Users\Loni\Desktop\Friday (1995)
2014-12-07 23:56 - 2014-12-07 23:56 - 00134783 _____ () C:\Users\Loni\Desktop\Portfolio.rar
2014-12-07 23:26 - 2014-12-07 23:26 - 00000000 __SHD () C:\Users\Loni\AppData\Local\EmieBrowserModeList
2014-12-07 21:49 - 2014-12-07 21:49 - 00091615 _____ () C:\Users\Loni\Downloads\Les 10(2).pptx
2014-12-07 13:15 - 2014-12-10 20:48 - 00001470 _____ () C:\Windows\PFRO.log
2014-12-07 00:53 - 2014-12-10 16:17 - 00000000 ____D () C:\Users\Loni\Desktop\Book, tools
2014-12-06 22:16 - 2014-12-06 23:02 - 1047700332 _____ () C:\Users\Loni\Desktop\Fury.2014.576p.DVDSCR.999MB.ShAaNiG.mkv
2014-12-06 21:45 - 2014-12-10 20:49 - 00000868 _____ () C:\Windows\error.log
2014-12-06 21:45 - 2014-12-10 20:48 - 00000189 _____ () C:\Windows\errord.log
2014-12-06 21:45 - 2014-12-06 21:45 - 00000073 _____ () C:\Windows\Crypkey.ini
2014-12-06 21:45 - 2008-05-08 00:29 - 00122880 _____ (CrypKey (Canada) Ltd.) C:\Windows\system32\Crypserv.exe
2014-12-06 21:45 - 2008-03-17 17:45 - 00019584 _____ () C:\Windows\system32\Ckldrv.sys
2014-12-06 21:45 - 1999-06-18 21:49 - 00165888 _____ (Kenonic Controls) C:\Windows\Ckconfig.exe
2014-12-06 21:45 - 1996-05-03 17:21 - 00027648 ____R () C:\Windows\Setup_ck.exe
2014-12-06 21:45 - 1996-05-03 15:36 - 00018432 _____ () C:\Windows\Setup_ck.dll
2014-12-06 21:45 - 1995-07-04 18:33 - 00011776 _____ () C:\Windows\Ckrfresh.exe
2014-12-06 20:35 - 2014-12-06 20:35 - 00002045 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-06 20:35 - 2014-12-06 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-06 20:34 - 2014-10-29 17:54 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-05 19:23 - 2014-12-07 16:57 - 00000000 ____D () C:\Users\Loni\AppData\Roaming\asoftech
2014-12-05 19:23 - 2014-12-05 19:24 - 02572304 _____ (File Recovery Ltd. ) C:\Users\Loni\Downloads\undelete-360-setup.exe
2014-12-05 19:23 - 2014-12-05 19:23 - 00000000 ____D () C:\Program Files\Asoftech
2014-12-05 19:22 - 2014-12-05 19:22 - 04311560 _____ (Asoftech Photo Recovery ) C:\Users\Loni\Downloads\apr.exe
2014-12-05 18:37 - 2014-12-05 19:15 - 00000000 ____D () C:\ProgramData\TEMP
2014-12-05 18:37 - 2014-12-05 18:37 - 00000000 ____D () C:\Log
2014-12-05 18:36 - 2014-12-05 18:36 - 05979488 _____ (Stellar Information Technology Pvt Ltd. ) C:\Users\Loni\Downloads\StellarPhoenixWindowsDataRecovery-Professional.exe
2014-12-05 01:16 - 2014-12-05 01:16 - 00000000 ____D () C:\Users\Loni\Desktop\TreeBook
2014-12-04 00:40 - 2014-12-04 00:40 - 00000000 ____D () C:\Users\Loni\AppData\Roaming\ICSharpCode
2014-12-01 12:30 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-11-30 18:52 - 2014-11-30 18:52 - 00049760 _____ () C:\Users\Loni\Downloads\Les 9(3).pptx
2014-11-30 18:07 - 2014-11-30 18:07 - 00063488 _____ () C:\Users\Loni\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-30 13:54 - 2014-11-05 18:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-30 13:54 - 2014-11-05 18:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-30 13:54 - 2014-11-05 18:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-30 13:54 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-30 13:54 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-11-30 13:54 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-11-30 13:54 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-11-30 13:53 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-11-30 13:41 - 2014-12-10 20:48 - 00004424 _____ () C:\Windows\setupact.log
2014-11-30 13:41 - 2014-11-30 13:41 - 00294400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-30 13:41 - 2014-11-30 13:41 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-30 03:25 - 2014-11-30 03:26 - 00000040 _____ () C:\Users\Loni\Desktop\test.txt
2014-11-30 03:16 - 2014-11-30 13:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-11-30 03:15 - 2014-11-30 13:42 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-30 03:15 - 2014-11-30 03:16 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-11-30 03:15 - 2014-11-30 03:15 - 00000000 ____D () C:\Program Files\Adobe
2014-11-30 03:14 - 2014-11-30 03:27 - 00000000 ____D () C:\Users\Loni\AppData\Local\Adobe
2014-11-27 23:10 - 2014-11-27 23:10 - 00011466 _____ () C:\Users\Loni\Downloads\Cijfer AD1 1e test (2) (1).xlsx
2014-11-27 23:09 - 2014-11-27 23:09 - 00011466 _____ () C:\Users\Loni\Downloads\Cijfer AD1 1e test (2).xlsx
2014-11-25 17:25 - 2014-11-25 17:25 - 01355734 _____ () C:\Users\Loni\Downloads\PP_SchrijvenWeb_141121.pptx
2014-11-25 00:17 - 2014-11-25 00:53 - 00000000 ____D () C:\Program Files\Recuva
2014-11-25 00:17 - 2014-11-25 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2014-11-25 00:16 - 2014-11-25 00:16 - 04210920 _____ (Piriform Ltd) C:\Users\Loni\Downloads\rcsetup151.exe
2014-11-23 18:31 - 2014-11-23 18:31 - 00057170 _____ () C:\Users\Loni\Downloads\Les 8(1).pptx
2014-11-23 14:24 - 2014-11-23 14:27 - 00000000 ____D () C:\Users\Loni\VirtualBox VMs
2014-11-23 14:23 - 2014-11-23 15:37 - 00000000 ____D () C:\Users\Loni\.VirtualBox
2014-11-23 14:22 - 2014-11-23 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2014-11-23 14:22 - 2014-11-23 14:22 - 00000000 ____D () C:\Program Files\Oracle
2014-11-23 14:22 - 2014-11-21 15:16 - 00744520 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-11-23 14:22 - 2014-11-21 15:16 - 00104384 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-11-23 14:18 - 2014-11-23 14:20 - 110585544 _____ (Oracle Corporation) C:\Users\Loni\Downloads\VirtualBox-4.3.20-96996-Win.exe
2014-11-23 03:09 - 2014-11-28 22:35 - 00000000 ____D () C:\Users\Loni\Downloads\rufus_files
2014-11-23 01:44 - 2014-11-23 01:44 - 01275392 _____ () C:\Users\Loni\Downloads\defcon-16-brading.ppt
2014-11-22 23:57 - 2014-11-22 23:57 - 00640424 _____ (Akeo Consulting (
http://akeo.ie)) C:\Users\Loni\Downloads\rufus-1.4.12.exe
2014-11-22 23:56 - 2014-11-23 00:40 - 3147300864 _____ () C:\Users\Loni\Downloads\kali-linux-1.0.9a-i386.iso
2014-11-21 15:16 - 2014-11-21 15:16 - 00174888 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2014-11-21 15:16 - 2014-11-21 15:16 - 00126496 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2014-11-21 15:16 - 2014-11-21 15:16 - 00116184 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2014-11-19 14:33 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 14:33 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 20:03 - 2014-11-18 20:03 - 00447849 _____ () C:\Users\Loni\Downloads\Les 7(2).pptx
2014-11-14 21:53 - 2014-11-14 21:54 - 17738910 _____ () C:\Users\Loni\Downloads\creating-it-business-relevance-with-non-it-stakeholders--2.pptx
2014-11-14 13:54 - 2014-11-14 13:54 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-13 23:59 - 2014-11-13 23:59 - 00076173 _____ () C:\Users\Loni\Downloads\les 6.pptx
2014-11-13 02:27 - 2014-11-13 02:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
2014-11-13 02:27 - 2014-11-13 02:27 - 00000000 ____D () C:\Program Files\Windows Phone Silverlight Kits
2014-11-13 02:25 - 2014-12-08 03:40 - 00000000 ____D () C:\Users\Loni\Documents\Visual Studio 2013
2014-11-13 02:24 - 2014-11-13 02:24 - 00000000 ____D () C:\Program Files\Microsoft XDE
2014-11-13 02:15 - 2014-11-13 02:15 - 00000000 ____D () C:\Program Files\AppInsights
2014-11-13 01:39 - 2014-11-13 01:39 - 00000000 ____D () C:\Program Files\Application Verifier
2014-11-13 01:38 - 2014-11-13 02:19 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit
2014-11-13 01:18 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-11-13 01:06 - 2014-11-13 01:06 - 00000000 ____D () C:\Program Files\Windows Phone Kits
2014-11-13 00:56 - 2014-11-13 01:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2014-11-13 00:39 - 2014-11-13 02:08 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 12.0
2014-11-13 00:36 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 00:36 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 00:36 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 00:36 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 00:36 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 00:36 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-13 00:36 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 00:36 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-13 00:36 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-13 00:35 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 00:35 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 00:35 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-13 00:35 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 00:35 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-13 00:35 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-13 00:35 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-13 00:35 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-13 00:34 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 00:34 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-13 00:34 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-13 00:34 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 00:34 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 00:34 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-13 00:34 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-13 00:34 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-13 00:34 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-13 00:34 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 00:34 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 00:34 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 00:34 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 00:34 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 00:34 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-13 00:34 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 00:34 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 00:34 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-13 00:34 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 00:34 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 00:33 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-13 00:33 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-13 00:33 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 00:33 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 00:33 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-13 00:33 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 00:33 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-13 00:33 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 00:33 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 00:33 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 00:33 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 00:33 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 00:33 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-13 00:33 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 00:33 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 00:24 - 2014-11-13 00:24 - 01240624 _____ (Microsoft Corporation) C:\Users\Loni\Downloads\vs_community.exe
2014-11-11 17:29 - 2014-11-29 20:58 - 00000000 ____D () C:\Users\Loni\AppData\Local\CrashDumps
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-10 20:54 - 2014-08-01 16:59 - 01926981 _____ () C:\Windows\WindowsUpdate.log
2014-12-10 20:50 - 2014-08-04 22:27 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-10 20:48 - 2014-08-01 17:09 - 00001052 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-10 20:48 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-10 20:47 - 2009-07-14 05:34 - 00059872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-10 20:47 - 2009-07-14 05:34 - 00059872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-10 20:40 - 2014-09-15 23:46 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-10 20:32 - 2014-08-01 17:09 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-10 17:51 - 2014-08-02 23:17 - 00000000 ____D () C:\Users\Loni\AppData\Roaming\BitTorrent
2014-12-09 22:40 - 2014-09-15 23:46 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-09 22:40 - 2014-09-15 23:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-08 02:48 - 2014-08-01 22:21 - 00000000 ____D () C:\Users\Loni\Documents\Stuff
2014-12-08 00:48 - 2010-11-20 22:01 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-08 00:26 - 2014-09-01 14:03 - 00000000 ____D () C:\Users\Loni\AppData\Roaming\vlc
2014-12-07 20:34 - 2014-10-11 23:11 - 00000000 ____D () C:\Users\Loni\Desktop\Portfolio
2014-12-04 21:05 - 2014-10-11 23:25 - 00000000 ____D () C:\Users\Loni\AppData\Roaming\Notepad++
2014-12-04 17:33 - 2014-08-06 16:36 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-03 19:45 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-12-02 19:34 - 2014-08-04 22:26 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-02 19:34 - 2014-08-04 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-02 19:34 - 2014-08-04 22:26 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-12-02 00:37 - 2014-08-04 01:35 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-01 12:23 - 2014-09-06 00:38 - 00001576 _____ () C:\Windows\Sandboxie.ini
2014-11-30 13:49 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-11-30 03:27 - 2014-08-04 10:51 - 00000000 ____D () C:\Users\Loni\AppData\Roaming\Adobe
2014-11-28 23:08 - 2014-09-10 18:20 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-11-28 18:10 - 2014-08-01 17:03 - 00000000 ____D () C:\Users\Loni
2014-11-26 19:34 - 2014-08-01 17:10 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-24 14:04 - 2014-08-01 17:20 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-23 13:49 - 2014-08-01 17:09 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-21 11:56 - 2014-08-01 17:09 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-21 06:14 - 2014-08-04 22:26 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-08-04 22:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2014-08-04 22:26 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-15 20:15 - 2014-08-01 19:14 - 00000000 ____D () C:\Users\Loni\Documents\Visual Studio 2012
2014-11-14 13:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-13 19:04 - 2014-08-01 19:06 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-11-13 18:59 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-11-13 18:56 - 2014-08-01 18:59 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-13 10:25 - 2014-10-21 22:17 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-11-13 02:24 - 2014-08-01 19:06 - 00000000 ____D () C:\Program Files\Microsoft SDKs
2014-11-13 02:14 - 2014-10-21 22:10 - 00000000 ____D () C:\Program Files\IIS Express
2014-11-13 01:53 - 2014-10-21 22:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-13 01:39 - 2014-08-01 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-11-13 01:34 - 2014-08-01 19:11 - 00000000 ____D () C:\Program Files\Common Files\Merge Modules
2014-11-13 01:30 - 2014-10-21 22:11 - 00000000 ____D () C:\Program Files\Microsoft ASP.NET
2014-11-13 01:25 - 2014-10-29 01:27 - 00000000 ____D () C:\Program Files\Microsoft Web Tools
2014-11-13 01:22 - 2014-10-29 01:54 - 00000000 ____D () C:\Program Files\NuGet
2014-11-13 01:22 - 2014-10-21 22:09 - 00000000 ____D () C:\Program Files\Microsoft WCF Data Services
2014-11-13 01:15 - 2014-08-01 19:06 - 00000000 ____D () C:\Windows\system32\1033
2014-11-13 01:06 - 2014-08-01 19:08 - 00000000 ____D () C:\Program Files\Windows Kits
2014-11-13 01:05 - 2014-08-01 19:06 - 00000000 ____D () C:\Program Files\Microsoft Help Viewer
2014-11-13 00:49 - 2014-08-01 19:02 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-11-13 00:33 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\MSBuild
2014-11-11 03:08 - 2014-10-21 21:46 - 00000000 ____D () C:\Windows\Minidump
Some content of TEMP:
====================
C:\Users\Loni\AppData\Local\Temp\Quarantine.exe
C:\Users\Loni\AppData\Local\Temp\sqlite3.dll
C:\Users\Loni\AppData\Local\Temp\utt1E33.tmp.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-05 17:58
==================== End Of Log ============================
Addition:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-12-2014 01
Ran by Loni at 2014-12-10 21:06:08
Running from C:\Users\Loni\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Tools for .Net 3.5 (Version: 3.11.50727 - Microsoft Corporation) Hidden
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Nederlands (HKLM\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Android SDK Tools (HKLM\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Application Insights Tools for Visual Studio 2013 (Version: 2.4 - Microsoft Corporation) Hidden
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2206 - AVAST Software)
AzureTools.Notifications (Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 (Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio Add-in for Adobe FXG Import (Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Build Tools - x86 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (Version: 12.0.31101 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dotfuscator and Analytics Community Edition (Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition (Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM\...\{3F29268A-F53A-4387-9F2B-E9368A823178}) (Version: 11.1.30729.00 - Microsoft Corporation)
Euro Truck Simulator 2 (HKLM\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.13.3 - SCS Software)
Ezvid (HKLM\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0982 - Ezvid, inc.)
f.lux (HKU\S-1-5-21-1114357038-2612704853-781822362-1000\...\Flux) (Version: - )
FileZilla Server (HKLM\...\FileZilla Server) (Version: beta 0.9.48 - FileZilla Project)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Greenfoot (HKLM\...\{8C838B70-3A71-41E8-91A6-4ADCF2E483D0}) (Version: 2.4.0 - Greenfoot Team)
Gtk# for .Net 2.12.26 (HKLM\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
IIS 8.0 Express (HKLM\...\{B8FFB7D6-6ABD-47C3-8BAD-86FF5D8F3EDC}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Java 8 Update 20 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java SE Development Kit 8 Update 20 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180200}) (Version: 8.0.200.26 - Oracle Corporation)
Java 6 Update 39 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216039FF}) (Version: 6.0.390 - Oracle)
Java SE Development Kit 6 Update 39 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160390}) (Version: 1.6.0.390 - Oracle)
Kit SDK de vérification de Visual Studio 2012 - fra (Version: 12.0.30501 - Microsoft Corporation) Hidden
LocalESPC (Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us (Version: 8.59.25584 - Microsoft) Hidden
LocalESPCui for en-us Dev12 (Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Memory Profiler (Version: 12.0.31101 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0413-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{5EF1EBC5-4A40-4D1C-B02E-0C54BC93FD06}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{FE939060-416C-4ECD-890E-13776E2707C4}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{544ACD54-9FAA-4A60-A1E7-B2EC3AA75D24}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{79B49428-E9B0-4479-A0FA-3EFF8AFA9F07}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{E7654811-38F9-4225-9688-827FDA716582}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{4A1DEB7A-341B-453E-A3AF-7EA9902F9711}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{C340BAB2-9A21-41B9-A465-7AC7B1DF773E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 ENU (HKLM\...\{773AC1E4-5F27-4DF6-A932-7FDDE35C069D}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2013 with Update 4 (HKLM\...\{96a8b90c-0a91-4e76-ab34-730c23923d11}) (Version: 12.0.31101 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Professional 2012 (HKLM\...\{c93c1c16-fd12-4b07-8926-2a4af46b6597}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{D58573E7-F82D-41E4-B10B-3041202A51D2}) (Version: 3.1237.1763 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{1F4DF099-EA5C-482D-9901-C0A8B539B417}) (Version: 4.0.1622 - Microsoft Corporation)
Mono for Windows 3.2.3 (HKLM\...\{afbbbda2-1dd7-11e3-ae37-080027022fbf}_is1) (Version: 3.2.3 - Mono)
MonoGame (HKLM\...\MonoGame) (Version: 3.0 - MonoGame)
Mozilla Firefox 32.0.3 (x86 nl) (HKLM\...\Mozilla Firefox 32.0.3 (x86 nl)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
OpenVPN 2.3.4-I001 (HKLM\...\OpenVPN) (Version: 2.3.4-I001 - )
Oracle VM VirtualBox 4.3.20 (HKLM\...\{3ACD85F2-BD6D-44FE-8CAE-5C1C3757ED7E}) (Version: 4.3.20 - Oracle Corporation)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF4819}) (Version: 4.0.3 - dotPDN LLC)
Pidgin (HKLM\...\Pidgin) (Version: 2.10.11 - )
pidgin-otr 4.0.1 (HKLM\...\pidgin-otr) (Version: 4.0.1 - Cypherpunks CA)
PowreShellIntegration.Notifications (Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Python Tools Redirection Template (Version: 1.3 - Microsoft Corporation) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Sandboxie 4.12 (32-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
SDK de comprobación de Visual Studio 2012 - esn (Version: 12.0.30501 - Microsoft Corporation) Hidden
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SmartAssembly 6 (HKLM\...\{B0BAB8FE-6DDE-44ED-8816-05C080842E4C}) (Version: 6.8.0.121 - Red Gate Software Ltd)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Explorer for Microsoft Visual Studio 2013 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Toolwiz File Recovery FREE (HKLM\...\Toolwiz File Recovery FREE_is1) (Version: 1.3.0.0 - Toolwiz)
Toolwiz Time Freeze 2014 (HKLM\...\{3A74D01E-3AEF-4DF4-8404-0056150C97A3}) (Version: 2.2.0.6000 - Toolwiz)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TypeScript Power Tool (Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (Version: 1.0.5.0 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2012 Update 4 (KB2707250) (HKLM\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Visual Studio 2013 Update 4 (KB2829760) (HKLM\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VS Update core components (Version: 12.0.31101 - Microsoft Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WindowsFormsApplication1 (HKU\S-1-5-21-1114357038-2612704853-781822362-1000\...\d03da06cd506d783) (Version: 1.0.0.0 - WindowsFormsApplication1)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Wireshark 1.12.1 (32-bit) (HKLM\...\Wireshark) (Version: 1.12.1 - The Wireshark developer community,
http://www.wireshark.org)
Xamarin (HKLM\...\{B1A107B3-BB77-4679-A65F-C99410C018F3}) (Version: 3.7.230.0 - Xamarin)
Xamarin Studio 5.5.2 (HKLM\...\{CF37A44C-9D58-4BDE-AB4C-21C892E1E30C}) (Version: 5.5.2.0 - Xamarin)
Xamarin Universal Installer (HKLM\...\{7ddf1364-61e0-4079-80f4-e4bb3e49d7c0}) (Version: 3.5.0.0 - Xamarin, Inc)
XAMPP (HKLM\...\xampp) (Version: 1.8.3-5 - Bitnami)
Пакет Visual Studio 2012 Verification SDK - rus (Version: 12.0.30501 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1114357038-2612704853-781822362-1000_Classes\CLSID\{5852F5ED-8BF4-11D4-A245-0080C6F74284}\InprocServer32 -> C:\Program Files\Greenfoot\jdk\jre\bin\wsdetect.dll (Oracle Corporation)
==================== Restore Points =========================
06-12-2014 19:33:13 avast! antivirus system restore point
07-12-2014 15:56:56 Removed Asoftech Photo Recovery
09-12-2014 10:52:33 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {24FA6BDF-FD32-47AA-8E8D-E8DB3B7E8C2F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-29] (AVAST Software)
Task: {62B6ADC4-80DA-4D5A-83FE-DADE9C6CAD19} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {7D9B3C4C-753D-49AC-AB44-BA45FBF4982F} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {97575D21-242C-4BD8-92B5-608C0ED66401} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {9D2F5149-7473-4421-9C57-6E80C7A8AB73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-01] (Google Inc.)
Task: {9F177585-CF64-4285-93EF-C145A6134DE6} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {BB7A4FE1-FF6A-4B57-8662-BADF62A3E1AF} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {BE813682-5C47-4193-9EBB-9B26B7CF4868} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {EBA7F2D1-74CE-4DDE-9862-F527C1D1A756} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {FD99E309-3EBC-4794-942A-DFAE1F67D188} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-01] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-12-10 20:14 - 2014-12-10 20:14 - 02905088 _____ () C:\Program Files\AVAST Software\Avast\defs\14121001\algo.dll
2014-10-29 17:54 - 2014-10-29 17:54 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2014-11-26 19:34 - 2014-11-25 07:39 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-11-26 19:34 - 2014-11-25 07:39 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-11-26 19:34 - 2014-11-25 07:39 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-11-26 19:34 - 2014-11-25 07:39 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:D5FBE8F9
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-1114357038-2612704853-781822362-500 - Administrator - Disabled)
Guest (S-1-5-21-1114357038-2612704853-781822362-501 - Limited - Disabled)
Loni (S-1-5-21-1114357038-2612704853-781822362-1000 - Administrator - Enabled) => C:\Users\Loni
==================== Faulty Device Manager Devices =============
Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Pentium® Dual-Core CPU T4200 @ 2.00GHz
Percentage of memory in use: 42%
Total physical RAM: 3069.19 MB
Available physical RAM: 1772.79 MB
Total Pagefile: 6136.67 MB
Available Pagefile: 4507.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1915.47 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:137.59 GB) (Free:20.86 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:11.46 GB) (Free:1.87 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (VS2012_WDX_ENU) (CDROM) (Total:0.59 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 0CF1D19B)
Partition 1: (Active) - (Size=137.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=11.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Procex:
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
armsvc.exe 840 K 2.900 K 2488 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
atieclxx.exe 1.296 K 4.272 K 1332 AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
atiesrxx.exe 812 K 2.956 K 864 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
chrome.exe 30.520 K 51.692 K 2408 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 29.028 K 51.060 K 3792 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 65.848 K 98.272 K 4284 Google Chrome Google Inc. (Verified) Google Inc
Crypserv.exe 2.088 K 3.584 K 2920 CrypKey License Service CrypKey (Canada) Ltd. (No signature was present in the subject) CrypKey (Canada) Ltd.
dllhost.exe 1.236 K 4.084 K 4836 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
IpOverUsbSvc.exe 8.144 K 8.444 K 3484 Microsoft Corporation (Verified) Microsoft Corporation
itype.exe 4.492 K 1.776 K 360 IType.exe Microsoft Corporation (Verified) Microsoft Corporation
jucheck.exe 3.076 K 10.096 K 2508 Java Update Checker Oracle Corporation (Verified) Oracle America
jusched.exe 1.432 K 6.548 K 2012 Java Update Scheduler Oracle Corporation (Verified) Oracle America
lsass.exe 3.452 K 8.340 K 564 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
lsm.exe 1.344 K 2.972 K 572 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
mbamscheduler.exe 3.688 K 7.696 K 3560 Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
mbamservice.exe 182.944 K 87.576 K 3656 Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
mDNSResponder.exe 1.592 K 4.412 K 2628 Bonjour Service Apple Inc. (No signature was present in the subject) Apple Inc.
SbieSvc.exe 1.376 K 3.204 K 1224 Sandboxie Service Sandboxie Holdings, LLC (Verified) Invincea
SearchFilterHost.exe 1.632 K 4.492 K 2312 Microsoft Windows Search Filter Host Microsoft Corporation (Verified) Microsoft Windows
services.exe 4.668 K 9.648 K 540 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
smss.exe 268 K 800 K 304 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 4.364 K 7.788 K 1860 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
sppsvc.exe 5.076 K 4.492 K 424 Microsoft Software Protection Platform Service Microsoft Corporation (Verified) Microsoft Windows
sqlwriter.exe 1.292 K 4.324 K 3804 SQL Server VSS Writer Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe 3.736 K 6.688 K 3016 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1.148 K 3.964 K 4960 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1.224 K 4.192 K 3836 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 16.000 K 14.236 K 940 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 8.312 K 11.068 K 1008 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2.808 K 7.192 K 692 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 11.824 K 9.588 K 1936 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3.068 K 5.968 K 812 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 32.856 K 17.200 K 2412 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1.236 K 4.216 K 1116 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
ToolwizTimeFreeze.exe 5.384 K 9.040 K 108 Toolwiz Toolwiz (Verified) XII CNC Inc.
unsecapp.exe 1.156 K 4.060 K 1136 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 928 K 3.268 K 492 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 1.744 K 4.980 K 736 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 1.848 K 4.712 K 4892 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 5.752 K 9.160 K 320 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
wuauclt.exe 1.384 K 5.068 K 1272 Windows Update Microsoft Corporation (Verified) Microsoft Windows
hpservice.exe < 0.01 956 K 3.456 K 1200 HpService Hewlett-Packard Company (Verified) Microsoft Windows Hardware Compatibility Publisher
SearchProtocolHost.exe 0.01 1.828 K 6.364 K 4348 Microsoft Windows Search Protocol Host Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 0.01 23.480 K 12.048 K 4072 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
ipoint.exe 0.01 4.120 K 1.984 K 2072 IPoint.exe Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe 0.02 12.900 K 12.216 K 1380 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.02 19.868 K 32.500 K 1032 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 0.05 1.364 K 3.360 K 416 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.06 59.648 K 62.356 K 980 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.09 87.972 K 110.628 K 2232 Google Chrome Google Inc. (Verified) Google Inc
avastui.exe 0.09 11.876 K 14.216 K 2000 avast! Antivirus AVAST Software (Verified) AVAST Software a.s.
AvastSvc.exe 0.11 66.108 K 40.960 K 1520 avast! Service AVAST Software (Verified) AVAST Software a.s.
FileZilla Server.exe 0.12 1.232 K 3.564 K 3204 FileZilla Server FileZilla Project (No signature was present in the subject) FileZilla Project
taskhost.exe 0.13 10.500 K 10.248 K 1868 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.13 69.852 K 108.012 K 1852 Google Chrome Google Inc. (Verified) Google Inc
SbieCtrl.exe 0.22 2.712 K 9.124 K 332 Sandboxie Control Sandboxie Holdings, LLC (Verified) Invincea
explorer.exe 0.30 20.424 K 34.224 K 2996 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
flux.exe 0.40 28.212 K 14.896 K 2044 f.lux Flux Software LLC (Verified) Michael Herf
chrome.exe 0.72 55.424 K 97.968 K 1504 Google Chrome Google Inc. (Verified) Google Inc
mbam.exe 0.98 28.808 K 34.944 K 3768 Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
System 1.25 44 K 944 K 4
csrss.exe 2.89 2.548 K 7.400 K 504 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
Interrupts 3.60 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 4.57 30.860 K 29.300 K 1612 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
procexp.exe 29.24 23.328 K 39.520 K 4488 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
System Idle Process 55.00 0 K 24 K 0