Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Probably a malware.


  • This topic is locked This topic is locked
26 replies to this topic

#1 lizzardoni

lizzardoni

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:41 AM

Posted 19 May 2014 - 09:52 AM

hello,

 

thank you in advance for helping me with this problem.

 

The company that i host a site of mine, reported that my ftp account has been hacked and that i should check my computer for malware. I already run microsoft security essential that shows no error. Could you please help me out?

 

thank you!!

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 10.51.2
Run by Nikos at 17:37:33 on 2014-05-19
Microsoft Windows 7 Home Premium   6.1.7601.1.1253.30.1032.18.3950.1698 [GMT 3:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\lxebcoms.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe
C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Apoint\Apvfb.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
C:\Program Files (x86)\CounterPath\X-Lite\X-Lite.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\CounterPath\X-Lite\awesomium_process
C:\Users\Nikos\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.mycosmos.gr/mycosmos/login.aspx
uProxyOverride = <local>;*.local
BHO: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Βοηθός εισόδου στο λογαριασμό Microsoft: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Lexmark Printable Web: {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
uRun: [Google Update] "C:\Users\Nikos\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [Lexmark Pro200-S500 Series] "C:\Program Files (x86)\Lexmark Pro200-S500 Series\fm3032.exe" /s
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: EnableSecureUIAPath = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D1E1F7ED622A0E5D.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
TCP: Interfaces\{94B113B0-D2D7-49FD-A797-97AFE4406C3F} : NameServer = 62.38.0.81,62.38.1.81
TCP: Interfaces\{94B113B0-D2D7-49FD-A797-97AFE4406C3F}\059647379647379616 : NameServer = 192.168.2.1
TCP: Interfaces\{94B113B0-D2D7-49FD-A797-97AFE4406C3F}\059647379647379616 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{94B113B0-D2D7-49FD-A797-97AFE4406C3F}\4586F6D637F6E6544414131343 : NameServer = 192.168.2.1
TCP: Interfaces\{94B113B0-D2D7-49FD-A797-97AFE4406C3F}\4586F6D637F6E6544414131343 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{94B113B0-D2D7-49FD-A797-97AFE4406C3F}\7596E64602759664960234C435733657 : NameServer = 192.168.2.1
TCP: Interfaces\{94B113B0-D2D7-49FD-A797-97AFE4406C3F}\7596E64602759664960234C435733657 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{94B113B0-D2D7-49FD-A797-97AFE4406C3F}\84F4C40214C4550275C414E4 : NameServer = 192.168.2.1
TCP: Interfaces\{94B113B0-D2D7-49FD-A797-97AFE4406C3F}\84F4C40214C4550275C414E4 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{94B113B0-D2D7-49FD-A797-97AFE4406C3F}\84F4C41303 : NameServer = 192.168.2.1
TCP: Interfaces\{94B113B0-D2D7-49FD-A797-97AFE4406C3F}\84F4C41303 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{94B113B0-D2D7-49FD-A797-97AFE4406C3F}\84F4D454359435B4 : NameServer = 192.168.2.1
TCP: Interfaces\{94B113B0-D2D7-49FD-A797-97AFE4406C3F}\84F4D454359435B4 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{94B113B0-D2D7-49FD-A797-97AFE4406C3F}\E45647641637475625029414440282053545E492 : NameServer = 192.168.2.1
TCP: Interfaces\{94B113B0-D2D7-49FD-A797-97AFE4406C3F}\E45647641637475625029414440282053545E492 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{A3BBF46B-A159-4BF4-B070-5D52FC44EA02} : DHCPNameServer = 192.168.2.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
x64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [lxebmon.exe] "C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe"
x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe"
x64-Run: [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\u41gigb5.default\
FF - prefs.js: browser.startup.homepage - hxxp://spreadthelink.com/
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Nikos\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\u41gigb5.default\extensions\2020Player_IKEA@2020Technologies.com\plugins\NP_2020Player_IKEA.dll
FF - plugin: C:\Users\Nikos\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Nikos\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-3-22 678384]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-3-22 28656]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-10-8 202752]
R2 Giraffic;Veoh Giraffic Video Accelerator;C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe --service --> C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe --service [?]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-3-22 15344]
R2 lxeb_device;lxeb_device;C:\Windows\System32\lxebcoms.exe -service --> C:\Windows\System32\lxebcoms.exe -service [?]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-3-11 133928]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-6-1 367456]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2013-7-12 73216]
R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2010-10-14 78848]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-6 662232]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-11-28 4150112]
R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-12-6 104960]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-6 2320920]
R2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-12-6 575856]
R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-12-6 836608]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2010-12-6 19968]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-6-4 56344]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-6-2 12032]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2012-1-25 398112]
S2 ADExchange;ArcSoft Exchange Service;C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe --> C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 lxebCATSCustConnectService;lxebCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\lxebserv.exe [2011-9-8 45736]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2010-12-6 342056]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-12-6 39464]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-1-27 1431888]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-4-1 57856]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-16 111616]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-10-14 158976]
S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-10-14 271872]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-5-31 7689216]
S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-12-6 18456]
S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-12-6 1229528]
S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-6-21 108400]
S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-6-18 423280]
S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-6-21 67952]
S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-1 289952]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-15 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-12-29 960160]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-12-21 550128]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-6-9 384880]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-8-26 101600]
S3 WatAdminSvc;Υπηρεσία Τεχνολογιών ενεργοποίησης των Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-7 1255736]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"
FileExt: .ini: Applications\Dreamweaver.exe="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\dreamweaver.exe", "%1" [UserChoice]
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2014-05-19 14:01:11    10651704    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CC90D52F-0F66-49CC-A4F9-7F06F5487025}\mpengine.dll
2014-05-18 13:00:08    --------    d-----w-    C:\Users\Nikos\Doctor Web
2014-05-17 19:04:06    10651704    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-05-16 08:48:17    1031560    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DAB93718-9EB7-49E3-8803-8E83A4422537}\gapaengine.dll
2014-05-14 07:20:20    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-05-14 07:20:20    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-05-14 07:07:44    477184    ----a-w-    C:\Windows\System32\aepdu.dll
2014-05-14 07:07:43    424448    ----a-w-    C:\Windows\System32\aeinv.dll
2014-05-14 07:07:01    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-05-13 20:03:18    1031560    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-05-12 18:46:38    --------    d-----w-    C:\Program Files (x86)\Microsoft Security Client
2014-05-12 18:46:16    --------    d-----w-    C:\Program Files\Microsoft Security Client
2014-05-09 14:46:03    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FE61EE4B-455F-432F-862A-5139071F5C1D}\offreg.dll
2014-05-09 07:32:06    10651704    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FE61EE4B-455F-432F-862A-5139071F5C1D}\mpengine.dll
2014-05-08 13:48:42    227704    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
2014-05-08 07:22:48    --------    d-sh--w-    C:\Users\Nikos\AppData\Local\EmieUserList
2014-05-08 07:22:48    --------    d-sh--w-    C:\Users\Nikos\AppData\Local\EmieSiteList
2014-04-30 05:07:24    --------    d-s---w-    C:\Windows\System32\CompatTel
2014-04-21 17:43:54    --------    d-----w-    C:\ProgramData\AVAST Software
.
==================== Find3M  ====================
.
2014-05-14 09:19:15    70832    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 09:19:15    692400    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-08 07:33:59    111016    ----a-w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2014-04-16 13:15:59    83968    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-04-16 13:15:59    48128    ----a-w-    C:\Windows\System32\imgutil.dll
2014-04-16 13:15:59    13824    ----a-w-    C:\Windows\System32\mshta.exe
2014-04-15 18:04:40    175616    ----a-w-    C:\Windows\System32\msclmd.dll
2014-04-15 18:04:40    152576    ----a-w-    C:\Windows\SysWow64\msclmd.dll
2014-04-14 14:00:24    119512    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-04-12 02:22:05    95680    ----a-w-    C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05    155072    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38    29184    ----a-w-    C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38    136192    ----a-w-    C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37    28160    ----a-w-    C:\Windows\System32\secur32.dll
2014-04-12 02:19:05    31232    ----a-w-    C:\Windows\System32\lsass.exe
2014-04-12 02:12:06    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-04-06 09:01:14    267264    --sha-r-    C:\Windows\SysWow64\RASMMJ.dll
2014-03-31 19:46:48    130712    ----a-w-    C:\Windows\SysWow64\MSSTDFMT.DLL
2014-03-31 19:46:48    1070232    ----a-w-    C:\Windows\SysWow64\MSCOMCTL.OCX
2014-03-31 06:35:08    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2014-03-11 06:52:30    133928    ----a-w-    C:\Windows\System32\drivers\NisDrvWFP.sys
2014-03-06 14:12:01    164112    ----a-w-    C:\Windows\System32\olepro32.dll
2014-03-06 13:56:58    94208    ----a-w-    C:\Windows\System32\msstkprp.dll
2014-03-06 13:56:58    1388544    ----a-w-    C:\Windows\System32\msvbvm60.dll
2014-03-06 13:56:56    608448    ----a-w-    C:\Windows\System32\comctl32.ocx
2014-03-06 13:56:56    140488    ----a-w-    C:\Windows\System32\comdlg32.ocx
2014-03-06 09:31:33    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-03-06 08:59:04    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-03-06 08:57:34    548352    ----a-w-    C:\Windows\System32\vbscript.dll
2014-03-06 08:57:20    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-03-06 08:29:40    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-03-06 08:29:14    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-03-06 08:28:15    752640    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-03-06 08:15:54    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41    5784064    ----a-w-    C:\Windows\System32\jscript9.dll
2014-03-06 08:02:34    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-03-06 08:02:33    455168    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-03-06 08:01:01    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43    38400    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36    4254720    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-03-06 07:38:13    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40    592896    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43    32256    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15    2043904    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-03-06 06:40:39    1967104    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40    2260480    ----a-w-    C:\Windows\System32\wininet.dll
2014-03-06 05:41:49    1789440    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-03-04 09:47:01    5550016    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2014-03-04 09:44:21    362496    ----a-w-    C:\Windows\System32\wow64win.dll
2014-03-04 09:44:21    243712    ----a-w-    C:\Windows\System32\wow64.dll
2014-03-04 09:44:21    13312    ----a-w-    C:\Windows\System32\wow64cpu.dll
2014-03-04 09:44:20    39936    ----a-w-    C:\Windows\System32\wincredprovider.dll
2014-03-04 09:44:10    210944    ----a-w-    C:\Windows\System32\wdigest.dll
2014-03-04 09:44:08    86528    ----a-w-    C:\Windows\System32\TSpkg.dll
2014-03-04 09:44:06    340992    ----a-w-    C:\Windows\System32\schannel.dll
2014-03-04 09:44:03    722944    ----a-w-    C:\Windows\System32\objsel.dll
2014-03-04 09:44:03    314880    ----a-w-    C:\Windows\System32\msv1_0.dll
2014-03-04 09:44:03    16384    ----a-w-    C:\Windows\System32\ntvdm64.dll
2014-03-04 09:44:00    728064    ----a-w-    C:\Windows\System32\kerberos.dll
2014-03-04 09:44:00    424960    ----a-w-    C:\Windows\System32\KernelBase.dll
2014-03-04 09:43:56    57344    ----a-w-    C:\Windows\System32\cngprovider.dll
2014-03-04 09:43:56    52736    ----a-w-    C:\Windows\System32\dpapiprovider.dll
2014-03-04 09:43:56    44544    ----a-w-    C:\Windows\System32\dimsroam.dll
2014-03-04 09:43:56    22016    ----a-w-    C:\Windows\System32\credssp.dll
2014-03-04 09:43:55    56832    ----a-w-    C:\Windows\System32\adprovider.dll
2014-03-04 09:43:55    53760    ----a-w-    C:\Windows\System32\capiprovider.dll
2014-03-04 09:43:50    455168    ----a-w-    C:\Windows\System32\winlogon.exe
2014-03-04 09:20:11    3969984    ----a-w-    C:\Windows\SysWow64\ntkrnlpa.exe
2014-03-04 09:20:11    3914176    ----a-w-    C:\Windows\SysWow64\ntoskrnl.exe
2014-03-04 09:16:54    25600    ----a-w-    C:\Windows\SysWow64\setup16.exe
2014-03-04 09:16:18    5120    ----a-w-    C:\Windows\SysWow64\wow32.dll
2014-03-04 09:16:18    274944    ----a-w-    C:\Windows\SysWow64\KernelBase.dll
2014-03-04 08:09:30    7680    ----a-w-    C:\Windows\SysWow64\instnm.exe
2014-03-04 08:09:29    2048    ----a-w-    C:\Windows\SysWow64\user.exe
.
============= FINISH: 17:40:04,37 ===============
 

Attached Files


Edited by lizzardoni, 19 May 2014 - 09:53 AM.


BC AdBot (Login to Remove)

 


#2 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:41 AM

Posted 22 May 2014 - 05:32 AM

:welcome:

Hello lizzardoni,

my name is Jo and I will help you with your computer problems.



Please follow these guidelines:
  • Logs can take a while to research, so please be patient.
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


1. Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


2. Download OTL to your desktop.
  • Double click on the icon to run it.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    Note: These logs can be located in the OTL folder on your C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#3 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:41 AM

Posted 24 May 2014 - 04:25 AM


Hi,

it has been several days since I sent my last set of instructions to help with your computer problem.

Please let me know if you are having problems and still need help.

Note: Threads will be closed if no response after 3 days.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#4 lizzardoni

lizzardoni
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:41 AM

Posted 24 May 2014 - 10:58 AM

hello Jo,

 

thank you for your reply. I am sorry for the delay in my answer. I was on a business trip.

 

 

the contents from the checkup.txt:

 

 

 Results of screen317's Security Check version 0.99.83  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Secunia PSI (3.0.0.9016)   
 Java 7 Update 51  
 Java version out of Date!
 Adobe Flash Player 13.0.0.214  
 Adobe Reader XI  
 Mozilla Firefox (29.0.1)
 Google Chrome 34.0.1847.131  
 Google Chrome 34.0.1847.137  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
 



#5 lizzardoni

lizzardoni
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:41 AM

Posted 24 May 2014 - 11:32 AM

otl.txt:

 

 

OTL logfile created on: 24/05/2014 19:24:54 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Nikos\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000809 | Country: Ελλάδα | Language: ELL | Date Format: d/M/yyyy
 
3.86 Gb Total Physical Memory | 2.34 Gb Available Physical Memory | 60.72% Memory free
7.71 Gb Paging File | 5.94 Gb Available in Paging File | 77.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 221.58 Gb Total Space | 98.27 Gb Free Space | 44.35% Space Free | Partition Type: NTFS
Drive D: | 61.19 Gb Total Space | 17.97 Gb Free Space | 29.36% Space Free | Partition Type: NTFS
 
Computer Name: NIKOS-VAIO | User Name: Nikos | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Nikos\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe (Giraffic)
PRC - C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe (Giraffic)
PRC - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe ()
PRC - C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe ()
PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1e5e19d119e04b93da3d45153abd60fd\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\0bedc417d3c5dcb1c9a5f15dd733c556\System.ServiceModel.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\EPOEMDll.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\epstring.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\EPWizRes.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\Epwizard.DLL ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\customui.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\Epfunct.DLL ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\Eputil.DLL ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\Imagutil.DLL ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebDRS.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebscw.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebdatr.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\iptk.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcaps.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebptp.dll ()
MOD - C:\Windows\SysWOW64\LXEBsmr.dll ()
MOD - C:\Windows\SysWOW64\LXEBsm.dll ()
MOD - C:\Program Files\Lexmark Tools for Office\CustomOfficeRibbon.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV:64bit: - (SpfService) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (VSNService) -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV:64bit: - (lxeb_device) -- C:\Windows\SysNative\lxebcoms.exe ( )
SRV:64bit: - (lxebCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxebserv.exe ()
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Giraffic) -- C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe (Giraffic)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (lxebCATSCustConnectService) -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxebserv.exe ()
SRV - (lxeb_device) -- C:\Windows\SysWOW64\lxebcoms.exe ( )
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys (Secunia)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwsw00.sys (Intel Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (iaStorF) -- C:\Windows\SysNative\drivers\iaStorF.sys (Intel Corporation)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimspe64.sys (REDC)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mycosmos.gr/mycosmos/login.aspx
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{21268798-9430-4C28-8670-CBFFD9D2E150}: "URL" = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SVEE_el
IE - HKCU\..\SearchScopes\{C14622EB-20BA-471E-B366-B2942E1E42E6}: "URL" = http://rover.ebay.com/rover/1//4?satitle={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://spreadthelink.com/"
FF - prefs.js..extensions.enabledAddons: testpilot%40labs.mozilla.com:1.2.3
FF - prefs.js..extensions.enabledAddons: %7Bc45c406e-ab73-11d8-be73-000a95be3b12%7D:1.2.5
FF - prefs.js..extensions.enabledAddons: 2020Player_IKEA%402020Technologies.com:5.0.94.1
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131118
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.5.2: C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.5.2: C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Nikos\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Nikos\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nikos\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nikos\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/05/10 18:50:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/14 10:31:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014/04/21 20:18:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/05/10 18:50:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/14 10:31:44 | 000,000,000 | ---D | M]
 
[2011/05/08 03:23:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nikos\AppData\Roaming\mozilla\Extensions
[2014/05/18 15:33:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nikos\AppData\Roaming\mozilla\Firefox\Profiles\u41gigb5.default\extensions
[2014/04/17 14:55:23 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Nikos\AppData\Roaming\mozilla\Firefox\Profiles\u41gigb5.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2014/02/05 01:01:13 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Nikos\AppData\Roaming\mozilla\Firefox\Profiles\u41gigb5.default\extensions\2020Player_IKEA@2020Technologies.com
[2013/11/21 11:12:58 | 000,619,291 | ---- | M] () (No name found) -- C:\Users\Nikos\AppData\Roaming\mozilla\firefox\profiles\u41gigb5.default\extensions\testpilot@labs.mozilla.com.xpi
[2013/05/05 22:14:51 | 001,360,435 | ---- | M] () (No name found) -- C:\Users\Nikos\AppData\Roaming\mozilla\firefox\profiles\u41gigb5.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
[2014/05/01 16:58:35 | 000,957,880 | ---- | M] () (No name found) -- C:\Users\Nikos\AppData\Roaming\mozilla\firefox\profiles\u41gigb5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/05/10 18:50:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2014/05/10 18:50:04 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/05/10 18:50:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014/05/10 18:50:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://ibankretail.nbg.gr/sts/Account/Login/web
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: MicrosoftΒ® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Nikos\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Nikos\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows LiveΒ™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Αναζήτηση Google = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: Ξ ΞΏΟτοφΟλι Google = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014/05/18 16:22:27 | 000,000,876 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe ()
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [lxebmon.exe] C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe ()
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Lexmark Pro200-S500 Series] C:\Program Files (x86)\Lexmark Pro200-S500 Series\fm3032.exe ()
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D1E1F7ED622A0E5D.dll/cmsidewiki.html File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D1E1F7ED622A0E5D.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 11.5.2)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 1.7.0_51)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 11.5.2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 1.7.0_51)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 1.7.0_51)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94B113B0-D2D7-49FD-A797-97AFE4406C3F}: NameServer = 62.38.0.81,62.38.1.81
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A3BBF46B-A159-4BF4-B070-5D52FC44EA02}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/01/27 12:43:44 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2014/04/08 21:05:07 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/05/24 18:52:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Nikos\Desktop\OTL.exe
[2014/05/22 00:20:36 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/05/21 09:49:23 | 000,000,000 | ---D | C] -- C:\Users\Nikos\Desktop\slider-front
[2014/05/19 19:55:52 | 000,000,000 | ---D | C] -- C:\Users\Nikos\AppData\Roaming\chc
[2014/05/18 16:00:08 | 000,000,000 | ---D | C] -- C:\Users\Nikos\Doctor Web
[2014/05/15 18:24:56 | 027,769,568 | ---- | C] (Microsoft Corporation) -- C:\Users\Nikos\Desktop\Windows-KB890830-x64-V5.12.exe
[2014/05/14 10:20:21 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/05/14 10:20:21 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/05/14 10:07:44 | 000,477,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/05/14 10:07:43 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/05/14 10:07:01 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/05/14 10:06:59 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/05/14 10:06:59 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/05/14 10:06:58 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/05/14 10:06:58 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014/05/14 10:06:58 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/05/14 10:06:57 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014/05/14 10:06:57 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/05/14 10:06:55 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014/05/14 10:06:55 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014/05/14 10:06:55 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014/05/14 10:06:55 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014/05/14 10:06:55 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014/05/14 10:06:55 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014/05/14 10:06:55 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014/05/14 10:06:55 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014/05/14 10:06:55 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014/05/14 10:06:55 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014/05/14 10:06:54 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/05/14 10:06:54 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014/05/14 10:06:54 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014/05/14 10:06:54 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/05/14 10:06:54 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/05/12 21:46:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2014/05/12 21:46:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2014/05/10 18:50:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/05/08 10:34:16 | 000,313,256 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014/05/08 10:34:06 | 000,191,400 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014/05/08 10:34:06 | 000,190,888 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014/05/08 10:22:48 | 000,000,000 | -HSD | C] -- C:\Users\Nikos\AppData\Local\EmieUserList
[2014/05/08 10:22:48 | 000,000,000 | -HSD | C] -- C:\Users\Nikos\AppData\Local\EmieSiteList
[2014/05/02 15:17:00 | 000,000,000 | ---D | C] -- C:\Users\Nikos\Desktop\new spreadthelink
[2014/04/30 08:07:24 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/04/24 19:38:54 | 000,000,000 | ---D | C] -- C:\Users\Nikos\Documents\ViberDownloads
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/24 19:19:04 | 000,001,194 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2730824447-2197223683-4253413979-1000UA.job
[2014/05/24 18:58:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/24 18:53:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nikos\Desktop\OTL.exe
[2014/05/24 18:48:58 | 000,854,367 | ---- | M] () -- C:\Users\Nikos\Desktop\SecurityCheck.exe
[2014/05/24 18:48:31 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/24 18:48:31 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/24 18:45:55 | 001,501,602 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/05/24 18:45:55 | 000,658,438 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/05/24 18:45:55 | 000,611,280 | ---- | M] () -- C:\Windows\SysNative\perfh008.dat
[2014/05/24 18:45:55 | 000,123,748 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/05/24 18:45:55 | 000,112,882 | ---- | M] () -- C:\Windows\SysNative\perfc008.dat
[2014/05/24 18:39:34 | 000,001,194 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/24 18:39:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/24 18:39:02 | 3106,488,320 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/23 22:39:17 | 000,001,198 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/22 09:00:36 | 005,485,720 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/05/21 16:54:05 | 000,001,456 | ---- | M] () -- C:\Users\Nikos\AppData\Local\Adobe Save for Web 12.0 Prefs
[2014/05/21 11:19:01 | 000,001,142 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2730824447-2197223683-4253413979-1000Core.job
[2014/05/21 10:14:17 | 000,001,731 | ---- | M] () -- C:\Users\Nikos\Desktop\Photoshop.lnk
[2014/05/18 16:22:27 | 000,000,876 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/05/17 13:00:01 | 000,000,853 | ---- | M] () -- C:\Users\Nikos\Desktop\µTorrent.lnk
[2014/05/16 18:03:04 | 000,131,759 | ---- | M] () -- C:\Users\Nikos\Desktop\Invoice_665409.pdf
[2014/05/15 18:25:25 | 027,769,568 | ---- | M] (Microsoft Corporation) -- C:\Users\Nikos\Desktop\Windows-KB890830-x64-V5.12.exe
[2014/05/14 12:19:15 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/05/14 12:19:15 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/12 21:47:00 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/05/09 09:14:03 | 000,477,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/05/09 09:11:23 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/05/08 10:33:59 | 000,111,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014/05/08 10:33:54 | 000,313,256 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014/05/08 10:33:54 | 000,191,400 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014/05/08 10:33:54 | 000,190,888 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014/05/08 10:32:20 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/05/06 06:00:47 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/05/06 05:10:52 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/05/24 18:48:50 | 000,854,367 | ---- | C] () -- C:\Users\Nikos\Desktop\SecurityCheck.exe
[2014/05/21 10:14:17 | 000,001,731 | ---- | C] () -- C:\Users\Nikos\Desktop\Photoshop.lnk
[2014/05/21 10:06:52 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk
[2014/05/21 10:05:25 | 000,001,211 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
[2014/05/21 10:00:57 | 000,001,266 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
[2014/05/16 18:03:00 | 000,131,759 | ---- | C] () -- C:\Users\Nikos\Desktop\Invoice_665409.pdf
[2014/05/14 10:35:49 | 000,001,125 | ---- | C] () -- C:\Users\Nikos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2014/05/12 21:46:51 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2014/04/06 12:01:14 | 000,267,264 | RHS- | C] () -- C:\Windows\SysWow64\RASMMJ.dll
[2013/09/15 13:10:00 | 000,000,024 | ---- | C] () -- C:\Windows\SysWow64\amfx.dll
[2013/07/04 13:15:03 | 000,004,608 | ---- | C] () -- C:\Users\Nikos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/12 16:50:30 | 000,000,218 | ---- | C] () -- C:\Users\Nikos\AppData\Local\recently-used.xbel
[2012/10/03 15:38:58 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2012/10/03 15:38:58 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012/07/01 21:33:42 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012/06/27 20:23:43 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/06/27 20:23:43 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/08/09 10:54:47 | 000,000,132 | ---- | C] () -- C:\Users\Nikos\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/07/17 14:00:57 | 000,000,000 | ---- | C] () -- C:\Users\Nikos\AppData\Local\{2A483E9C-F1E4-43D9-B158-91F2E441C93D}
[2011/05/28 16:19:40 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/05/23 18:21:17 | 000,000,000 | ---- | C] () -- C:\Users\Nikos\AppData\Local\{2D283CA4-0541-4A23-BE8A-10C3E8B36DCF}
[2011/05/13 15:24:39 | 000,001,456 | ---- | C] () -- C:\Users\Nikos\AppData\Local\Adobe Save for Web 12.0 Prefs
 
========== ZeroAccess Check ==========
 
[2009/07/14 07:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 05:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 05:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 04:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 04:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012/06/26 20:37:18 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\2monkeys
[2013/04/12 16:07:36 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\AnvSoft
[2014/03/03 21:51:46 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\AppMinis
[2012/04/10 15:25:25 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Ashampoo
[2013/08/28 12:24:41 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Audacity
[2011/05/20 20:41:43 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Auslogics
[2014/03/06 17:37:20 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Autodesk
[2013/07/04 14:08:22 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\avidemux
[2014/02/27 15:37:28 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Boomzap
[2014/05/19 19:55:52 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\chc
[2011/05/18 12:46:31 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/07/26 15:30:13 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\com.adobe.dmp.contentviewer
[2011/11/01 23:26:50 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/05/15 15:00:39 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\DAEMON Tools Pro
[2014/03/02 21:50:00 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Elephant Games
[2014/05/22 00:36:16 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\FileZilla
[2014/03/02 20:28:46 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Fugazo
[2013/06/25 15:13:14 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\GardenGnomeSoftware
[2012/01/09 15:59:48 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\GAS Softwares
[2014/04/14 15:26:05 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\GSA Auto Website Submitter
[2011/05/29 16:03:40 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\IcoFX
[2014/05/19 17:54:58 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\IcoFX2
[2013/06/05 10:26:47 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\IcoFX2X
[2011/05/08 05:23:50 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\InfraRecorder
[2013/04/19 17:47:22 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\JPEXS
[2012/08/07 01:17:12 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Jubler
[2013/07/12 14:09:24 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Leadertech
[2012/10/14 16:51:30 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\LG Electronics
[2012/05/13 16:51:49 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\MatchWare
[2013/02/17 13:18:02 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\NetBeans
[2014/04/15 18:52:07 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Oracle
[2013/04/12 16:23:38 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Participatory Culture Foundation
[2012/07/05 13:03:00 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\PlayFirst
[2011/09/08 10:18:30 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Pro200-S500 Series
[2012/04/29 16:55:46 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\SendBlaster2
[2011/05/17 11:48:16 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\SWiSH Max3
[2012/11/29 14:53:25 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\TeamViewer
[2013/06/29 21:42:50 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\UBot Studio
[2014/05/24 18:59:21 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\uTorrent
[2011/10/17 13:49:40 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\WinAVI
[2011/05/13 15:30:17 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Windows Live Writer
[2013/04/12 15:57:20 | 000,000,000 | ---D | M] -- C:\Users\Nikos\AppData\Roaming\Xilisoft
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 185 bytes -> C:\ProgramData\TEMP:9D0A16E4
@Alternate Data Stream - 182 bytes -> C:\ProgramData\TEMP:CB959782
@Alternate Data Stream - 179 bytes -> C:\ProgramData\TEMP:3ED5E595
@Alternate Data Stream - 177 bytes -> C:\ProgramData\TEMP:2DE5673D
@Alternate Data Stream - 167 bytes -> C:\ProgramData\TEMP:02DD996C
@Alternate Data Stream - 162 bytes -> C:\ProgramData\TEMP:4B6A9FDA
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:2CB9631F
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:DED17083
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:8F30A02C
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:CDE1EE2A

< End of report >
 

 

 

 

 

 

extras.txt

 

 

 

 

 

OTL Extras logfile created on: 24/05/2014 19:01:23 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Nikos\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000809 | Country: Ελλάδα | Language: ELL | Date Format: d/M/yyyy
 
3.86 Gb Total Physical Memory | 2.66 Gb Available Physical Memory | 69.08% Memory free
7.71 Gb Paging File | 6.07 Gb Available in Paging File | 78.73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 221.58 Gb Total Space | 98.29 Gb Free Space | 44.36% Space Free | Partition Type: NTFS
Drive D: | 61.19 Gb Total Space | 17.97 Gb Free Space | 29.36% Space Free | Partition Type: NTFS
 
Computer Name: NIKOS-VAIO | User Name: Nikos | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0110A834-CE36-48CA-98A8-87286531F783}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{01755364-FDE5-45BB-8A13-35CA57F213E8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0AF77618-FF52-43B5-8893-3FD62716981E}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{120968F4-D0C4-4560-8A06-79904546B203}" = lport=445 | protocol=6 | dir=in | app=system |
"{12DFBB08-1610-4489-8C0E-B6EED0CE7E97}" = rport=137 | protocol=17 | dir=out | app=system |
"{1BB1E7F6-9899-4F69-9A92-9B3DB223137C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{259C10D9-0234-465B-BD89-676B0FC09A0E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2BF710C5-F896-47A6-B972-C624B27C5C2D}" = lport=139 | protocol=6 | dir=in | app=system |
"{2C274701-36EF-4D35-BA0B-89B08E51EC0B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2EE0BFDF-7590-408A-B8BB-8874B22A04CB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{546F0B3C-8B36-4B07-A1DE-E75E9432A892}" = lport=2869 | protocol=6 | dir=in | app=system |
"{54E893CA-1343-442B-8E1F-D20E8255F52B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5DA0C2AB-1F23-40D8-9D5D-19D307ACBEF8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6A7F3FC3-4117-4C88-983B-912C98CF0384}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6C972F61-91B9-4DA3-9406-4832C2047955}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{76419725-6EF6-4195-BE57-92892C858612}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{78379FBB-38CD-47E0-AE0C-895D054EE06C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7F7D4B8F-BA39-4EC9-8FD0-30B86D026E78}" = lport=3880 | protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe |
"{8128C585-D36A-4C98-B0CC-EB5A9FB562F6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{905D015F-0776-4E3C-BA2A-0D0196E5B698}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{90CFAEA0-57ED-418C-839F-0A198CE8A772}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{95A72E7F-BF2F-448E-8DA6-0697411A0695}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{96BB916E-41D9-421A-94DE-F46F2161B542}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{9FC3F409-2704-4BBB-9AF2-4C03E3000747}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{A291A09D-B162-43B2-99DE-1FFCF85BF079}" = rport=445 | protocol=6 | dir=out | app=system |
"{A2C16D74-D28A-45B0-8F31-47791EFC7337}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A4FC415C-1D00-4891-A644-916C3E6C8901}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A5F5F1D6-87D5-4C1D-B01C-4A9345D014D8}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A813C96A-4732-4D29-BEA5-E3B9B5D46F93}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{A99B8998-33D9-4C4C-9509-D1FB6153E4F6}" = lport=3888 | protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe |
"{AB7C37AE-E196-4DB2-86DB-F778175A5367}" = lport=3888 | protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe |
"{B609B9E3-691B-4B43-B029-941155BA7B1B}" = lport=2799 | protocol=6 | dir=in | name=altova license metering port (tcp) |
"{B7385A95-361D-4399-B8DD-EDBD46149EB7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BF4867DA-5EC6-484B-A8F9-07D7F2702D03}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C5264F8C-FA0E-497A-A36E-C2FC74783868}" = lport=138 | protocol=17 | dir=in | app=system |
"{C70E0048-19D3-4C3A-9B2E-837560ED7251}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D36A3F66-526F-4369-AE6E-1C5A51FBC0ED}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D752BCA7-EB7F-4989-B605-72ACF2A6DDCA}" = rport=139 | protocol=6 | dir=out | app=system |
"{D7F9DCB2-8F66-4D40-8C01-14004C2D9DB7}" = lport=137 | protocol=17 | dir=in | app=system |
"{F547FC9A-369B-4D75-B778-EF0595212189}" = lport=2799 | protocol=17 | dir=in | name=altova license metering port (udp) |
"{F6CBE256-F42F-4017-880D-556F1D88CC5C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{F9D41E64-377C-43FD-8AE1-A6F77F210319}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FBF564AD-BEB2-4C6E-83EA-1D7AEAF9920B}" = rport=138 | protocol=17 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07C4C248-D351-4AF4-8893-DADF321592E3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{132F1ECA-5A2F-4E22-93A0-6375DE3B0A43}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{177E8EB1-A041-4468-ADD3-4C31EF5A415F}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{1F5D0FD3-1886-490A-A5DD-9B1E61BD6391}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{2C6F6F3D-C05E-47EE-8554-B31AC08D3BF4}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{2F191A04-5B65-4A63-BFB0-85012A193900}" = protocol=6 | dir=in | app=c:\program files (x86)\giraffic\veoh_girafficwatchdog.exe |
"{34C00D27-B63D-47CD-8FA1-9871DB1B8ED6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{388B681A-8502-4E11-8558-21DE7E00AE62}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{395ABB8C-72EE-43AA-AEC6-318FBDC07B04}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{3B5B1915-6869-4A95-8276-7D0BA8BEFCC8}" = protocol=6 | dir=in | app=c:\users\nikos\appdata\roaming\utorrent\utorrent.exe |
"{3E3AE01B-E1A3-447F-9618-B78618489A5E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.439\agent.exe |
"{4640399D-FE88-4A93-B9C2-F4FC492B8DBF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{47B58896-E048-449B-AF51-ACE472D6158D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{4DA00391-7C82-4E2C-9566-E1E5F5B436FF}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{4F46D059-BABB-4C0E-9628-8FE95009B94A}" = dir=in | app=c:\windows\system32\lxebcoms.exe |
"{57C98B84-2C25-4B9B-9C98-3DAFFA7745C1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.516\agent.exe |
"{5B466C33-4091-4B5C-84D4-C209E2FB0002}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5C193835-5B29-47AC-87F2-087F5C28697C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5D4DF6D6-FB83-4DC8-A16C-5B51DF2AF635}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{63E219BB-F766-4F62-A46F-C979B471630A}" = protocol=17 | dir=in | app=c:\program files (x86)\giraffic\veoh_giraffic.exe |
"{69B351B5-D5B0-4BA1-A260-D19C2A97576E}" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{6C42BECA-5ED0-48B2-8BD7-ADFC2BCA3974}" = protocol=17 | dir=in | app=c:\users\nikos\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{6E147901-B2AB-471E-869F-7D1D70DFFF89}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.440\agent.exe |
"{71663B4A-0AB6-4211-844F-A8555CB21231}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{7679EF6B-FB2B-4CBB-8B8E-8B37FD9A2702}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{78238E93-8949-4FAC-B7FF-456548C29988}" = protocol=17 | dir=in | app=c:\program files (x86)\giraffic\veoh_girafficwatchdog.exe |
"{7A6761D0-B8C2-41E4-A8EB-6A342C798888}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7DFD2E0A-1003-4475-9C3F-33927621FA01}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{81400616-1071-4254-A8A6-A72165C61D64}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{84BBDE34-A0BE-44FD-9CBA-951F9CDA51B0}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{8520C86A-7672-4E31-A25F-41F610DE9008}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{87A0D2C8-529D-42E0-9B16-1A698A1AF656}" = dir=in | app=c:\windows\system32\lxebcoms.exe |
"{880ECD41-2D1D-4C36-8AFD-2DF64687B40C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8B64ACD3-0D61-4CFE-BF3F-C16D6474DCB7}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{8B84A1E7-9868-4675-9818-253C8ACF2344}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8BD555E7-0C3B-45EC-961E-F0F3F0055FF6}" = protocol=6 | dir=in | app=c:\users\nikos\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{8E00EED4-C93B-4698-A61F-97B3BCE766BC}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{926C1EF8-3CB2-4EBA-AA8A-DAF7AA9F6D9C}" = dir=in | app=c:\users\nikos\appdata\local\microsoft\skydrive\skydrive.exe |
"{96D9A74B-EE12-4817-B876-DD855D8DB800}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9E41E23E-0877-4B01-ADD9-728F4B6EDEAB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{9E846F0B-E092-4DD0-A694-06F0B8BD2817}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A22C46E1-31AA-4580-9A77-29B07D8B645A}" = protocol=6 | dir=in | app=c:\users\nikos\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{A51A8CA7-005C-4474-A787-B2D1B2F69979}" = dir=in | app=c:\windows\system32\lxebcoms.exe |
"{AB598EF4-3BA7-49AC-AB3D-204F612ADAD6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{AC499A8E-617A-4497-BE51-EAF0E79FBF73}" = dir=in | app=c:\windows\system32\lxebcoms.exe |
"{AC6B8D7B-5B5D-42B9-BD59-790F568D7092}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AE901A9B-0A95-49F8-BD38-E520D74DB954}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark pro200-s500 series\lxebfax.exe |
"{AE94C0F8-A1B2-4193-A213-457F7BA1638E}" = protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio transfer support\vaiotransfer.exe |
"{B5417C06-0CB3-4BE8-9322-005F532F6F14}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B870A27B-032B-4CEB-8110-097506D9198D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B9429705-C51F-4B8B-B4E8-98C86CD607AC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BBC3A8D4-BB1F-47BD-97A5-6FF06106D6EA}" = protocol=17 | dir=in | app=c:\users\nikos\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{C443661B-58EC-418A-921D-8CD68B10FFFC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C533A10D-6256-4992-961D-CD0590389A66}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C7115600-CA4E-4434-BBBC-9C5A57B28042}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C8BDD16D-F10B-4EB0-907D-F8D077BA9F66}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark pro200-s500 series\lxebfax.exe |
"{CCCBFBB4-90DA-40E0-B774-B875867A02E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CE5F2D3D-FAFE-4938-99F9-4251C35C79FE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D34152D6-4EED-486E-B68F-3B62009FCA85}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{D43FAFE6-E25D-47BB-9D75-2309490CB6DB}" = dir=in | app=c:\windows\system32\lxebcoms.exe |
"{D5658057-55A7-40C4-B7EC-DC09D674999C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DA5C3FC4-C87B-4B7C-ACB5-8254981F95BF}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{DC681406-B58D-4FC6-89E0-82FF3CE6B6A0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.516\agent.exe |
"{DD5E2BBA-FD5F-4CA9-84F8-C7E759B4B431}" = protocol=6 | dir=out | app=system |
"{DF1834E7-FF08-4D6A-B002-53E927038D9E}" = protocol=17 | dir=in | app=c:\users\nikos\appdata\roaming\utorrent\utorrent.exe |
"{DF8DD693-FF44-4CD6-99FA-DF4FAED7A5CF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{E1788E65-A869-47D3-AD03-8A7BCA238659}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio transfer support\vaiotransfer.exe |
"{E25729B7-53F3-409A-9407-DD2D110E5F35}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{E2CCBBA8-ED35-4CB3-B637-752B8A27F0D5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.440\agent.exe |
"{E3550D62-129E-471C-8D59-07B3647F1479}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{E472B55D-8393-400B-9815-1C02619E15F7}" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{E502C566-E795-4D0C-B88F-9EFAA2C3B43C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{E802E8C8-7ADF-4FA0-A78C-9FAB8E5A5F2E}" = protocol=17 | dir=in | app=c:\users\nikos\appdata\roaming\utorrent\utorrent.exe |
"{EBB3685F-517F-41E9-A8A0-A28DA781CF74}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.439\agent.exe |
"{EF400F66-DA21-4E12-9920-3A7CFD420691}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F339102E-3FC1-4DD9-990F-3FEB0144FEF3}" = protocol=6 | dir=in | app=c:\program files (x86)\giraffic\veoh_giraffic.exe |
"{FC5BA360-BA90-4AE3-A49C-B2519BC3C4D2}" = protocol=6 | dir=in | app=c:\users\nikos\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{42EF47D3-6E1F-4F6A-9AE8-F37314D5AD20}C:\program files (x86)\counterpath\x-lite\x-lite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counterpath\x-lite\x-lite.exe |
"TCP Query User{4ACEA673-2186-4423-9F16-FF326DBE422C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{4E0195A9-5C30-4DF8-9EBC-7FBB8E3F9736}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"TCP Query User{532475DA-5102-4CB0-A1CF-A2F70C1ACB98}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{61CD95CF-EDF9-4584-9557-38F2E25CADBE}C:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe |
"TCP Query User{7EA59260-1125-4E59-8214-E8B2D81E1ABE}C:\program files (x86)\counterpath\x-lite 4\x-lite4.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counterpath\x-lite 4\x-lite4.exe |
"TCP Query User{8DEC8CEC-3AC1-41BC-8AE3-084EDA98F238}C:\program files\java\jre6\launch4j-tmp\jubler.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\jubler.exe |
"TCP Query User{B1651100-FF91-423E-AC6C-5F18FE0164E6}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{BAFCD6FE-C735-4AC3-BFCB-066B347A1239}C:\users\nikos\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\nikos\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{BDB75124-6BE3-4251-B578-D5C9203AA5DD}C:\program files (x86)\counterpath\x-lite 4\x-lite4.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counterpath\x-lite 4\x-lite4.exe |
"TCP Query User{C2AD904A-BEAA-4563-A54F-58ADF37ADF37}C:\xampp\filezillaftp\filezillaserver.exe" = protocol=6 | dir=in | app=c:\xampp\filezillaftp\filezillaserver.exe |
"TCP Query User{C8ADC0DF-3EF9-491D-A376-6A4DCDFECAAD}C:\program files (x86)\diablo iii beta\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"TCP Query User{D5C31A1C-586A-4188-AB75-6E1CD5B406E6}C:\xampp\filezillaftp\filezilla server.exe" = protocol=6 | dir=in | app=c:\xampp\filezillaftp\filezilla server.exe |
"TCP Query User{D7DD8D3D-20E3-47A8-B13A-775CCDA8ECAA}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{F54456AC-1C71-4C7B-BA7C-03B39ACEFC01}C:\program files (x86)\counterpath\x-lite\x-lite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counterpath\x-lite\x-lite.exe |
"UDP Query User{045E7E26-C06C-4C24-8348-F7F52EE42853}C:\program files (x86)\counterpath\x-lite 4\x-lite4.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counterpath\x-lite 4\x-lite4.exe |
"UDP Query User{2CD77193-7BAA-4836-9415-7587C24DC975}C:\program files (x86)\counterpath\x-lite 4\x-lite4.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counterpath\x-lite 4\x-lite4.exe |
"UDP Query User{4ECEFF34-6A11-40D2-A580-E9B1235CCD2A}C:\program files\java\jre6\launch4j-tmp\jubler.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\jubler.exe |
"UDP Query User{58E3E7F4-DA2B-47F4-BB42-FDDB7E51C3EC}C:\program files (x86)\diablo iii beta\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"UDP Query User{71FFFE0C-00DC-4B17-A531-5FFD8401C348}C:\xampp\filezillaftp\filezilla server.exe" = protocol=17 | dir=in | app=c:\xampp\filezillaftp\filezilla server.exe |
"UDP Query User{7F36A6E4-DA54-46DA-A37D-855A613B72D2}C:\program files (x86)\counterpath\x-lite\x-lite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counterpath\x-lite\x-lite.exe |
"UDP Query User{8D4A50DD-64AF-43F1-BC2B-A2B72C12DAAF}C:\users\nikos\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\nikos\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{925DA50A-831A-4A70-A4A5-C76E5995D634}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{934E0B4F-E276-4C31-8B4E-DB3A82B53726}C:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe |
"UDP Query User{AB3CAA73-B0B9-4DF3-A102-16100EBB597D}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{B209ADAA-DCCF-4C6B-89CB-7C34F1A03789}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{B99C9394-1CD3-4F77-BD42-08B44BFD0ACD}C:\xampp\filezillaftp\filezillaserver.exe" = protocol=17 | dir=in | app=c:\xampp\filezillaftp\filezillaserver.exe |
"UDP Query User{C32D14CD-1AA6-4BE4-8F6B-DEC7A0D75BC9}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{C386AADA-2281-4DC5-B149-06E3919EF004}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{FE6CFF3D-28FB-46B6-9555-9D906ACAAA4A}C:\program files (x86)\counterpath\x-lite\x-lite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counterpath\x-lite\x-lite.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{087B6521-1326-340D-830C-E8CEA1AE55D3}" = Microsoft .NET Framework 4.5.1 (ELL)
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
"{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PlayMemories Home Plug-in
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{202B76AB-1B21-434E-A289-788D767D3A7C}" = Media Gallery
"{23170F69-40C1-2702-0922-000001000000}" = 7-Zip 9.22 (x64 edition)
"{259FD439-13B0-0136-D0A0-FA89BB05831D}" = ccc-utility64
"{26A24AE4-039D-4CA4-87B4-2F86417051FF}" = Java 7 Update 51 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86418005FF}" = Java 8 Update 5 (64-bit)
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.7.0 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel® Rapid Storage Technology
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5783F2D7-A001-0409-0102-0060B0CE6BBA}" = AutoCAD 2012 - English
"{5783F2D7-A001-0409-1102-0060B0CE6BBA}" = AutoCAD 2012 Language Pack - English
"{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}" = VAIO Media plus
"{5BC83141-83DD-07BE-C940-04B385540F04}" = ATI Catalyst Install Manager
"{5EB368A4-562A-41B6-A5B3-06054A27F5A6}" = Intel® Rapid Storage Technology
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{7F05E704-30A6-421A-97A7-8EEB1C7FF011}" = Corel Shell Extension - 64Bit
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1032" = Microsoft .NET Framework 4.5.1 (Ελληνικά)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036" = Microsoft .NET Framework 4.5.1 (Français)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A3D964A6-411A-4817-9D58-5CB8808F494E}" = VAIO Media plus
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BFAE8D5B-F918-486F-B74E-90762DF11C5C}" = Microsoft Security Client
"{C22759DB-BA8B-30E7-99EE-8B47DB43AE56}" = Microsoft .NET Framework 4.5.1 (FRA)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D16A2127-B927-4379-B153-3DEC091E4EEB}" = Intel® PROSet/Wireless WiFi Software
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{E3047FA0-2D6B-4BD6-8CD4-599955F1CE9D}" = Microsoft Mouse and Keyboard Center
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"AutoCAD 2012 - English" = AutoCAD 2012 - English
"CCleaner" = CCleaner
"Lexmark Pro200-S500 Series" = Lexmark Pro200-S500 Series
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"Microsoft Security Client" = Microsoft Security Essentials
"ProInst" = Intel PROSet Wireless
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW® Graphics Suite X4 - Windows Shell Extension
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{07441A52-E208-478A-92B7-5C337CA8C131}" = Remote Play with PlayStation®3
"{07B7598E-1FB8-1A95-7A30-F534A55726B4}" = CCC Help Czech
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A3925EA-5B0E-401B-A189-7419149747B2}" = Adobe AIR
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{1156777B-3307-4E6B-8EF5-10ED8E43D48B}" = X-Lite 4
"{13EC74A6-4707-4D26-B9B9-E173403F3B08}" = Quick Web Access
"{159E5135-4BEA-52B7-8CDC-823F1ED6D8A5}" = CCC Help Spanish
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{177AF091-7854-4615-8327-AC7518F62782}" = VAIO Media plus
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{1ECB521A-CC82-40AD-B13D-71A5328519A2}" = HotelPlan
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20536917-E2DF-45D9-B41F-9AC0CAFFE48A}" = Media Gallery
"{217CEB43-6D22-3E1F-A311-DC0D7BFEE0A2}" = Google Talk Plugin
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{265F0D95-A883-7162-0458-B78085B6B693}" = Catalyst Control Center Graphics Light
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 51
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{2F9D63BE-A891-4E39-AFB3-7402D486800C}" = VAIO Hardware Diagnostics
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{35111E7A-03B9-25EC-F434-A1CD976907FC}" = CCC Help Chinese Traditional
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3DB5EA77-4A14-4EC9-8BFC-73BC848BDE73}" = Media Gallery
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{427E8AD0-A4B1-D225-836E-CCB6068B490A}" = CCC Help French
"{44D25B45-5C0E-2187-6739-E2FA0E8AFE1D}" = CCC Help Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9DA746-5AE1-4BA0-9087-BDB162242890}" = VAIO Media plus
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E6DF745-C99E-909F-BCF0-B7C24A51E56E}" = CCC Help Japanese
"{52F9CDDA-26F6-4499-90E0-6DDDE6D2259C}" = VAIO Media plus
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5736590B-36C7-4881-5EBE-F9B390F00774}" = Catalyst Control Center Core Implementation
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support
"{61F569A3-1647-B6F4-08C8-40A011831827}" = CCC Help English
"{62BBCDDC-4979-4E59-9D97-5B8E874C3191}" = Movie Maker
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A3F204B-323C-7E32-F890-A7308768728D}" = CCC Help Russian
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6AA8FB9F-A36E-4232-A1ED-86B2A177C35E}" = PlayMemories Home/PMB VAIO Edition Plug-in 3D Theme Data
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{7002773F-2A53-E9F2-E161-DB3DDA0F05BE}" = CCC Help Hungarian
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72DFDA9F-C07B-40B6-BA5C-C4C04AFF883D}" = Windows Live Family Safety
"{734B6C6C-4740-476F-BB0C-F7AF469EDBB2}" = Remote Play with PlayStation 3
"{73669388-1011-4B57-A90F-8B0415093AB2}" = Windows Live Writer
"{76DECE17-BCF5-9640-2854-3CA049834A40}" = CCC Help Chinese Standard
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A63F0C4-6B2B-694C-ED72-D0670612BC29}" = CCC Help Swedish
"{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{8211C280-5B02-4E7E-B55F-845A207249BA}" = VAIO Data Restore Tool
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{857CC5F0-040E-1016-A173-D55ADD80C260}" = Adobe InDesign CS5.5
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{88001121-87E2-2104-F9F5-ECC15DFCA1E0}" = Catalyst Control Center Graphics Full Existing
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E23260B-52B7-42DD-80A0-76EB90E3CB8B}" = Free Address Book
"{8EB34C0B-AF54-F265-844C-3E6FA9AE2FCD}" = CCC Help German
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1" = Ashampoo Burning Studio 6 FREE v.6.84
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95140000-007A-0408-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{989889A7-D13D-4DA4-B059-B250784DFABC}" = Photo Common
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9B4D3AFE-8679-4704-AA4C-BAB0E41870EF}" = Windows Live Essentials
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C73041C-AB71-995D-EEC7-B4E940F93F36}" = CCC Help Finnish
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A19A8C25-272A-4CD6-8BA8-3772321A021B}" = Συλλογή φωτογραφιών
"{A20548C1-4B08-C41D-A3A8-FE8C933C2A00}" = Catalyst Control Center InstallProxy
"{A58FCEF4-3191-466C-8949-0FFFFFB7631D}" = Windows Live Writer Resources
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" =
"{A8D53A4E-77A1-E23E-A396-6D9C86A2F273}" = Catalyst Control Center Graphics Full New
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{ADE1F206-1365-4B14-9A24-4B1A7DD58BAC}" = Windows Live UX Platform Language Pack
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B67B2671-2981-466B-BA14-25538AA871DC}" = Windows Live Messenger
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
"{B941F34C-F36A-4A6F-A97C-50B5948E451F}" = VAIO Media plus
"{BFF37C6E-D735-4487-390C-271E030AA62C}" = CCC Help Italian
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C2E171F6-9B58-4CE1-7B8B-B69FA04EBAB8}" = Catalyst Control Center Graphics Previews Vista
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C459D829-0FF0-C210-B2BF-83DB63FC1D61}" = CCC Help Korean
"{C5529BC1-C2BF-44E8-B62A-01913D70081C}" = Catalyst Control Center - Branding
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO Manual
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" =
"{C79312BD-3E76-4474-A10C-1435D1856A4B}" = Adobe Dreamweaver CS5
"{C83B7CBB-C736-BF46-9832-7A9D07E9D94C}" = CCC Help Polish
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW® Graphics Suite X4 - Windows Shell Extension
"{CFC9F871-7C40-40B6-BE4A-B98A5B309716}" = Adobe Flash Professional CS5
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D4391042-9FA0-4A8C-B197-4DDC452DEFAD}" = Viva Fax
"{D49989B0-7BC2-F7F1-8017-3257F617347A}" = Catalyst Control Center Graphics Previews Common
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver
"{D6DEC295-88A0-5CFA-0B29-C8FDF091FFD3}" = CCC Help Dutch
"{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{D8FF4505-5977-4116-8DE4-2AF7174E70AC}" = Media Gallery
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = VAIO - Media Gallery
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{DF693121-40C0-3020-D655-612E51616423}" = CCC Help Danish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1845F1C-068C-F8F4-D31D-D3540D47C453}" = Adobe Download Assistant
"{E570053D-8ABC-4938-9E23-C634E08E7490}" = Windows Live Mail
"{EBDDC3CC-343A-C0DD-79BA-8A12D0A2CA10}" = CCC Help Turkish
"{ECF0D151-BCA0-8E6D-62DB-5D44DB4A3836}" = CCC Help Thai
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1B95046-E9DA-CFEC-42A8-C8224646AA32}" = ccc-core-static
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F30FE437-0E45-D409-F629-5D86960A6591}" = CCC Help Norwegian
"{F5CC9A13-6C57-4948-75A8-3A2C92A3183B}" = Catalyst Control Center Localization All
"{F67C14C0-D73E-C55B-E132-B1904A1A709C}" = CCC Help Greek
"{F7E8DD1D-9BFD-38BB-86A5-BEF313B00C51}" = Catalyst Control Center InstallProxy
"{F9395F3D-4198-476C-8C41-63D0B5B51E35}" = PlayMemories Home/PMB VAIO Edition Plug-in Ver.2.2 Upgrade Program
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FE041B02-234C-4AAA-9511-80DF6482A458}" = RICOH Media Driver v2.15.17.02
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileHippo.com" = FileHippo.com Update Checker
"FileZilla Client" = FileZilla Client 3.8.0
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Giraffic" = Veoh Giraffic Video Accelerator
"Google Chrome" = Google Chrome
"GSA Auto Website Submitter_is1" = GSA Auto Website Submitter v5.07
"HotelDesk1.0.5" = HotelDesk 1.0.5
"HotelPlan_is1" = HotelPlan
"IcoFX 2_is1" = IcoFX 2.6
"IcoFX_is1" = IcoFX 2.0
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{6AA8FB9F-A36E-4232-A1ED-86B2A177C35E}" = PlayMemories Home/PMB VAIO Edition Plug-in 3D Theme Data
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{F9395F3D-4198-476C-8C41-63D0B5B51E35}" = VAIO - PlayMemories Home Plug-in
"Marvell Miniport Driver" = Marvell Miniport Driver
"Mozilla Firefox 29.0.1 (x86 en-US)" = Mozilla Firefox 29.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Secunia PSI" = Secunia PSI (3.0.0.9016)
"splashtop" = Quick Web Access
"TeamViewer 8" = TeamViewer 8
"VAIO Help and Support" =
"VAIO screensaver" = VAIO screensaver
"WinLiveSuite" = Windows Live Essentials
"XviD_is1" = XviD 1.1 final uninstall
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive
"uTorrent" = µTorrent
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 21/05/2014 12:53:46 | Computer Name = Nikos-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1107
 
Error - 21/05/2014 12:53:46 | Computer Name = Nikos-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1107
 
Error - 21/05/2014 13:46:38 | Computer Name = Nikos-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 21/05/2014 13:46:38 | Computer Name = Nikos-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3173715
 
Error - 21/05/2014 13:46:38 | Computer Name = Nikos-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3173715
 
Error - 21/05/2014 13:55:29 | Computer Name = Nikos-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 21/05/2014 13:55:29 | Computer Name = Nikos-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1108
 
Error - 21/05/2014 13:55:29 | Computer Name = Nikos-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1108
 
Error - 21/05/2014 17:20:34 | Computer Name = Nikos-VAIO | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Δεν ήταν δυνατός ο τερματισμός της εφαρμογής ή υπηρεσίας 'Plugin Container
 for Firefox'.
 
Error - 24/05/2014 11:41:46 | Computer Name = Nikos-VAIO | Source = Application Hang | ID = 1002
Description = Το πρόγραμμα firefox.exe έκδοση 29.0.1.5239 σταμάτησε να αλληλεπιδρά
 με τα Windows και έκλεισε. Για να δείτε αν υπάρχουν διαθέσιμες περισσότερες πληροφορίες
 για το πρόβλημα, ελέγξτε το ιστορικό του προβλήματος στον πίνακα ελέγχου του Κέντρου
 ενεργειών.    Αναγνωριστικό διεργασίας: e08    Ώρα έναρξης: 01cf77666df0cf8d    Ώρα τερματισμού:
 16    Διαδρομή εφαρμογής: C:\Program Files (x86)\Mozilla Firefox\firefox.exe    Αναγνωριστικό
 αναφοράς: e23081ea-e359-11e3-a1d7-18f46ae8ddc0  
 
[ System Events ]
Error - 23/05/2014 12:26:39 | Computer Name = Nikos-VAIO | Source = Service Control Manager | ID = 7009
Description = Το χρονικό όριο αναμονής ξεπεράστηκε (30000 χιλιοστά του δευτερολέπτου)
 κατά την αναμονή για τη σύνδεση της υπηρεσίας lxebCATSCustConnectService.
 
Error - 23/05/2014 12:26:39 | Computer Name = Nikos-VAIO | Source = Service Control Manager | ID = 7000
Description = Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας lxebCATSCustConnectService
 εξαιτίας του ακόλουθου σφάλματος:   %%1053
 
Error - 23/05/2014 12:31:50 | Computer Name = Nikos-VAIO | Source = Service Control Manager | ID = 7009
Description = Το χρονικό όριο αναμονής ξεπεράστηκε (30000 χιλιοστά του δευτερολέπτου)
 κατά την αναμονή για τη σύνδεση της υπηρεσίας lxebCATSCustConnectService.
 
Error - 23/05/2014 12:31:50 | Computer Name = Nikos-VAIO | Source = Service Control Manager | ID = 7000
Description = Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας lxebCATSCustConnectService
 εξαιτίας του ακόλουθου σφάλματος:   %%1053
 
Error - 23/05/2014 14:41:55 | Computer Name = Nikos-VAIO | Source = Service Control Manager | ID = 7009
Description = Το χρονικό όριο αναμονής ξεπεράστηκε (30000 χιλιοστά του δευτερολέπτου)
 κατά την αναμονή για τη σύνδεση της υπηρεσίας lxebCATSCustConnectService.
 
Error - 23/05/2014 14:41:55 | Computer Name = Nikos-VAIO | Source = Service Control Manager | ID = 7000
Description = Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας lxebCATSCustConnectService
 εξαιτίας του ακόλουθου σφάλματος:   %%1053
 
Error - 23/05/2014 16:08:47 | Computer Name = Nikos-VAIO | Source = Service Control Manager | ID = 7009
Description = Το χρονικό όριο αναμονής ξεπεράστηκε (30000 χιλιοστά του δευτερολέπτου)
 κατά την αναμονή για τη σύνδεση της υπηρεσίας lxebCATSCustConnectService.
 
Error - 23/05/2014 16:08:47 | Computer Name = Nikos-VAIO | Source = Service Control Manager | ID = 7000
Description = Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας lxebCATSCustConnectService
 εξαιτίας του ακόλουθου σφάλματος:   %%1053
 
Error - 24/05/2014 11:39:41 | Computer Name = Nikos-VAIO | Source = Service Control Manager | ID = 7009
Description = Το χρονικό όριο αναμονής ξεπεράστηκε (30000 χιλιοστά του δευτερολέπτου)
 κατά την αναμονή για τη σύνδεση της υπηρεσίας lxebCATSCustConnectService.
 
Error - 24/05/2014 11:39:41 | Computer Name = Nikos-VAIO | Source = Service Control Manager | ID = 7000
Description = Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας lxebCATSCustConnectService
 εξαιτίας του ακόλουθου σφάλματος:   %%1053
 
 
< End of report >
 



#6 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:41 AM

Posted 24 May 2014 - 11:40 AM

Hello lizzardoni,

Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#7 lizzardoni

lizzardoni
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:41 AM

Posted 24 May 2014 - 12:31 PM

hello again,

 

Malwarebytes Anti-Rootkit fould no threats.

 

Niki



#8 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:41 AM

Posted 25 May 2014 - 01:40 AM

Did you ran AdwCleaner?
Please post the log.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#9 lizzardoni

lizzardoni
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:41 AM

Posted 25 May 2014 - 02:21 AM

hello,

 

how long will the AdwCleaner take? i am running it over 12 hours and it still says "Pending. Please uncheck elements you do not want to remove".

 

what should i do?



#10 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:41 AM

Posted 25 May 2014 - 02:26 AM

Hi,

AdwCleaner is ready,
click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#11 lizzardoni

lizzardoni
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:41 AM

Posted 25 May 2014 - 02:55 AM

hi again,

the report from the adwcleaner:

 

 

# AdwCleaner v3.210 - Report created 24/05/2014 at 20:32:15
# Updated 19/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Nikos - NIKOS-VAIO
# Running from : C:\Users\Nikos\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0.1 (en-US)

[ File : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\u41gigb5.default\prefs.js ]


-\\ Google Chrome v34.0.1847.137

[ File : C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://www1.delta-search.com/?mntrId=60F70026C7F8E239&babsrc=SP_ss&affID=121562&q={searchTerms}

*************************

AdwCleaner[R0].txt - [1102 octets] - [24/05/2014 20:32:15]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1162 octets] ##########
 


Edited by lizzardoni, 25 May 2014 - 02:56 AM.


#12 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:41 AM

Posted 25 May 2014 - 03:08 AM

Hello lizzardoni,

AdwCleaner scan normally takes < 10 min.

Double click on AdwCleaner.exe to run the tool again.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove". Look through the scan results and uncheck any entries that you do not wish to remove.
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

***


Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.


***


Run OTL again.
  • Double click on the icon to run it.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • don't check the boxes beside LOP Check and Purity Check this time.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window OTL.Txt.
  • Please copy (Edit->Select All, Edit->Copy) the content of the file and post it with your next reply.

***


How the computer is running now?


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#13 lizzardoni

lizzardoni
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:41 AM

Posted 25 May 2014 - 03:22 AM

hello again Jo,

 

the adwcleaner results

 

 

# AdwCleaner v3.210 - Report created 25/05/2014 at 11:15:50
# Updated 19/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Nikos - NIKOS-VAIO
# Running from : C:\Users\Nikos\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0.1 (en-US)

[ File : C:\Users\Nikos\AppData\Roaming\Mozilla\Firefox\Profiles\u41gigb5.default\prefs.js ]


-\\ Google Chrome v34.0.1847.137

[ File : C:\Users\Nikos\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www1.delta-search.com/?mntrId=60F70026C7F8E239&babsrc=SP_ss&affID=121562&q={searchTerms}

*************************

AdwCleaner[R0].txt - [1242 octets] - [24/05/2014 20:32:15]
AdwCleaner[R1].txt - [1302 octets] - [25/05/2014 11:15:20]
AdwCleaner[S0].txt - [1231 octets] - [25/05/2014 11:15:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1291 octets] ##########
 



#14 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:41 AM

Posted 25 May 2014 - 07:58 AM

hello again,

may I ask for the other logs (Junkware Removal Tool and OTL)?

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#15 lizzardoni

lizzardoni
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:41 AM

Posted 26 May 2014 - 08:45 AM

hello Jo,

 

the results from the Junkware Removal Tool

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Nikos on ƒ¬ 26/05/2014 at 16:37:49,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Nikos\AppData\Roaming\mozilla\firefox\profiles\u41gigb5.default\minidumps [10 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ƒ¬ 26/05/2014 at 16:44:59,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users