Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

on windows startup a CMD is run, firefox opens gameharbor.org


  • This topic is locked This topic is locked
10 replies to this topic

#1 draickin

draickin

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 16 September 2014 - 05:39 AM

Hello BC!

I hope I've provided you with the appropriate attachments, it took me a while to go through some of the other issues and figure out how to post this...
 

If I may describe my issue, I fire up my pc, then when my desktop appears I see a command window running for a couple of seconds. After that, my firefox starts up on its own loading the gamesharbor webpage.
Could be from a downloaded video game, but in truth I have no clue.

 

Thank you in advance for any help you could provide with this issue, and please inform me if my attachments are indeed wrong.

Attached Files



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 PM

Posted 16 September 2014 - 07:51 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 

 

 

Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.

  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 draickin

draickin
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 17 September 2014 - 01:52 AM

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-09-17 09:48:47
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Samsung_SSD_840_EVO_120GB rev.EXT0BB6Q 111.79GB
Running: w9153tbl.exe; Driver: C:\Users\Panos\AppData\Local\Temp\kgloapog.sys


---- Devices - GMER 2.1 ----

Device   \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0                                                                                                                                                                              fffffa80069c42c0
Device   \Driver\atapi \Device\Ide\IdePort0                                                                                                                                                                                       fffffa80069c42c0
Device   \Driver\atapi \Device\Ide\IdePort1                                                                                                                                                                                       fffffa80069c42c0
Device   \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-3                                                                                                                                                                              fffffa80069c42c0
Device   \Driver\atapi \Device\Ide\IdePort2                                                                                                                                                                                       fffffa80069c42c0
Device   \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-2                                                                                                                                                                              fffffa80069c42c0
Device   \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1                                                                                                                                                                              fffffa80069c42c0
Device   \Driver\atapi \Device\Ide\IdePort3                                                                                                                                                                                       fffffa80069c42c0
Device   \Driver\aci0apxj \Device\Scsi\aci0apxj1Port4Path0Target1Lun0                                                                                                                                                             fffffa80081322c0
Device   \Driver\aci0apxj \Device\Scsi\aci0apxj1Port4Path0Target0Lun0                                                                                                                                                             fffffa80081322c0
Device   \Driver\aci0apxj \Device\Scsi\aci0apxj1                                                                                                                                                                                  fffffa80081322c0
Device   \FileSystem\Ntfs \Ntfs                                                                                                                                                                                                   fffffa80073352c0
Device   \Driver\usbehci \Device\USBPDO-1                                                                                                                                                                                         fffffa80080c22c0
Device   \Driver\cdrom \Device\CdRom0                                                                                                                                                                                             fffffa8007b7f2c0
Device   \Driver\cdrom \Device\CdRom1                                                                                                                                                                                             fffffa8007b7f2c0
Device   \Driver\cdrom \Device\CdRom2                                                                                                                                                                                             fffffa8007b7f2c0
Device   \Driver\usbehci \Device\USBFDO-0                                                                                                                                                                                         fffffa80080c22c0
Device   \Driver\NetBT \Device\NetBT_Tcpip_{DFEBB04B-E3C9-4A15-937F-AC54BDA42575}                                                                                                                                                 fffffa8007cc92c0
Device   \Driver\usbehci \Device\USBFDO-1                                                                                                                                                                                         fffffa80080c22c0
Device   \Driver\NetBT \Device\NetBt_Wins_Export                                                                                                                                                                                  fffffa8007cc92c0
Device   \Driver\atapi \Device\ScsiPort0                                                                                                                                                                                          fffffa80069c42c0
Device   \Driver\usbehci \Device\USBPDO-0                                                                                                                                                                                         fffffa80080c22c0
Device   \Driver\atapi \Device\ScsiPort1                                                                                                                                                                                          fffffa80069c42c0
Device   \Driver\atapi \Device\ScsiPort2                                                                                                                                                                                          fffffa80069c42c0
Device   \Driver\atapi \Device\ScsiPort3                                                                                                                                                                                          fffffa80069c42c0
Device   \Driver\aci0apxj \Device\ScsiPort4                                                                                                                                                                                       fffffa80081322c0
Device   \Driver\NetBT \Device\NetBT_Tcpip_{6C769958-0364-4E9E-953C-DC7218FF7DD2}                                                                                                                                                 fffffa8007cc92c0

---- Trace I/O - GMER 2.1 ----

Trace    ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa80069c42c0]<< sptd.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys                                                                                                  fffffa80069c42c0
Trace    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007aed060]                                                                                                                                                          fffffa8007aed060
Trace    3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800750e060]                                                                                                                fffffa800750e060
Trace    \Driver\atapi[0xfffffa80074abbd0] -> IRP_MJ_CREATE -> 0xfffffa80069c42c0                                                                                                                                                 fffffa80069c42c0

---- Modules - GMER 2.1 ----

Module   \SystemRoot\System32\Drivers\aci0apxj.SYS                                                                                                                                                                                fffff880045b2000-fffff880045fe000 (311296 bytes)

---- Threads - GMER 2.1 ----

Thread   C:\Program Files\Windows Media Player\wmpnetwk.exe [5148:5860]                                                                                                                                                           000007fefb362bf8
Thread   C:\Program Files\Windows Media Player\wmpnetwk.exe [5148:5876]                                                                                                                                                           000007fee2184830
Thread   C:\Program Files\Windows Media Player\wmpnetwk.exe [5148:6904]                                                                                                                                                           000007fef0f75124
Thread   C:\Windows\System32\svchost.exe [2272:6688]                                                                                                                                                                              000007feda789688
---- Processes - GMER 2.1 ----

Library  C:\Users\Panos\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (*** suspicious ***) @ C:\Windows\Explorer.EXE [3532] (TODO: <File description>/TODO: <Company name>)(2014-04-02 13:32:26)  0000000010000000
Library  C:\Users\Panos\AppData\Roaming\Spark\plugins\flashing\lib\FlashWindow.dll (*** suspicious ***) @ C:\Program Files (x86)\Spark\Spark.exe [3100](2014-03-29 10:12:53)                                                      0000000005f10000
Library  C:\Users\Panos\AppData\Local\Temp\jna8630624290484470178.dll (*** suspicious ***) @ C:\Program Files (x86)\Spark\Spark.exe [3100] (JNA native library/Java(TM) Native Access (JNA))(2014-09-17 06:32:07)                 0000000007f90000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04                                                                                                                                         
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0                                                                                                                                      C:\Program Files (x86)\Alcohol Soft\Alcohol 120\
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                                                                                                      0
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                                                                                                                   0xFA 0x6D 0x2F 0x46 ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001                                                                                                                                
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0                                                                                                                             0xA0 0x02 0x00 0x00 ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew                                                                                                                          0x84 0x03 0x86 0x59 ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40                                                                                                                         
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew                                                                                                                   0x06 0x95 0xCC 0xD7 ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41                                                                                                                         
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41@ujdew                                                                                                                   0x07 0xEB 0xF4 0x1B ...
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)                                                                                                                     
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0                                                                                                                                          C:\Program Files (x86)\Alcohol Soft\Alcohol 120\
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                                                                                                          0
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                                                                                                                       0xFA 0x6D 0x2F 0x46 ...
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)                                                                                                            
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0                                                                                                                                 0xA0 0x02 0x00 0x00 ...
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew                                                                                                                              0x84 0x03 0x86 0x59 ...
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)                                                                                                     
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew                                                                                                                       0x06 0x95 0xCC 0xD7 ...
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41 (not active ControlSet)                                                                                                     
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41@ujdew                                                                                                                       0x07 0xEB 0xF4 0x1B ...

---- EOF - GMER 2.1 ----


#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 PM

Posted 18 September 2014 - 08:33 AM

Disable CD Emulation with DeFogger

Please download DeFogger to your desktop.

Double click DeFogger to run the tool.

  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers.
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK


IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

Do not re-enable these drivers until otherwise instructed.

 

 

 

Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe


When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 draickin

draickin
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 19 September 2014 - 09:40 AM

ComboFix 14-09-18.01 - Panos 19/09/2014  17:31:38.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.8079.5911 [GMT 3:00]
Running from: c:\users\Panos\Desktop\ComboFix.exe
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personal firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Panos\AppData\Local\assembly\tmp
c:\users\Panos\AppData\Roaming\PANOS-PC
c:\users\Panos\AppData\Roaming\PANOS-PC\coinutil.dll
c:\users\Panos\AppData\Roaming\PANOS-PC\cryp.dll
c:\users\Panos\AppData\Roaming\PANOS-PC\miner.dll
c:\users\Panos\AppData\Roaming\PANOS-PC\mpir.dll
c:\users\Panos\AppData\Roaming\PANOS-PC\PANOS-PC.exe
c:\users\Panos\AppData\Roaming\PANOS-PC\scrypt.cl
c:\users\Panos\AppData\Roaming\PANOS-PC\usft_ext.dll
c:\windows\SysWow64\SET2EC7.tmp
c:\windows\SysWow64\SET332B.tmp
c:\windows\SysWow64\SET354E.tmp
c:\windows\SysWow64\SET3D0D.tmp
c:\windows\SysWow64\SET3DAA.tmp
c:\windows\SysWow64\SET3E47.tmp
c:\windows\SysWow64\SET3F60.tmp
c:\windows\SysWow64\SET401D.tmp
c:\windows\SysWow64\SET40BA.tmp
c:\windows\SysWow64\SET7966.tmp
c:\windows\SysWow64\SET88F6.tmp
c:\windows\SysWow64\SETA9AB.tmp
c:\windows\SysWow64\SETAC5A.tmp
c:\windows\SysWow64\SETAEAC.tmp
c:\windows\SysWow64\SETB11D.tmp
c:\windows\SysWow64\SETB35F.tmp
c:\windows\SysWow64\SETB5A1.tmp
c:\windows\SysWow64\SETB7A5.tmp
c:\windows\SysWow64\SETB9C8.tmp
c:\windows\SysWow64\SETCC50.tmp
I:\install.exe
.
.
(((((((((((((((((((((((((   Files Created from 2014-08-19 to 2014-09-19  )))))))))))))))))))))))))))))))
.
.
2014-09-19 14:35 . 2014-09-19 14:35	--------	d-----w-	c:\users\ReportServer\AppData\Local\temp
2014-09-19 14:35 . 2014-09-19 14:35	--------	d-----w-	c:\users\MSSQLServerOLAPService\AppData\Local\temp
2014-09-19 12:04 . 2014-09-19 12:04	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2014-09-19 12:03 . 2014-09-13 20:13	613696	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2014-09-19 11:31 . 2014-09-04 19:14	38048	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2014-09-19 11:31 . 2014-09-04 19:14	32416	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2014-09-16 09:54 . 2014-09-16 10:27	--------	d-----w-	C:\FRST
2014-09-11 07:26 . 2014-09-11 07:43	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2014-09-10 06:17 . 2014-06-27 02:08	2777088	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2014-09-10 06:17 . 2014-06-27 01:45	2285056	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-10 06:16 . 2014-07-07 02:06	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-09-10 06:16 . 2014-07-07 02:06	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-09-10 06:16 . 2014-07-07 01:40	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-09-10 06:16 . 2014-07-07 01:40	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-09-10 06:16 . 2014-07-07 01:39	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-09-10 06:16 . 2014-08-01 11:53	1031168	----a-w-	c:\windows\system32\TSWorkspace.dll
2014-09-10 06:16 . 2014-08-01 11:35	793600	----a-w-	c:\windows\SysWow64\TSWorkspace.dll
2014-09-10 06:16 . 2014-06-24 03:29	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2014-09-10 06:16 . 2014-06-24 02:59	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2014-08-30 19:50 . 2014-08-30 19:50	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-08-29 15:02 . 2014-08-29 15:02	--------	d-----w-	c:\users\Panos\AppData\Local\Foxit PhantomPDF
2014-08-29 14:53 . 2014-08-29 15:03	--------	d-----w-	c:\users\Public\Foxit Software
2014-08-28 06:13 . 2014-08-23 02:07	404480	----a-w-	c:\windows\system32\gdi32.dll
2014-08-28 06:13 . 2014-08-23 01:45	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-08-28 06:13 . 2014-08-23 00:59	3163648	----a-w-	c:\windows\system32\win32k.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-19 14:23 . 2014-03-29 00:47	21492	----a-w-	c:\users\Panos\IP_Log_Data.js
2014-09-19 14:00 . 2014-03-29 01:00	202657	----a-w-	c:\users\Panos\Network_Meter_Data.js
2014-09-17 02:13 . 2014-06-21 18:11	1291280	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2014-09-17 02:13 . 2014-05-15 06:47	2193560	----a-w-	c:\windows\SysWow64\nvspcap.dll
2014-09-17 02:12 . 2014-05-15 06:47	2799784	----a-w-	c:\windows\system32\nvspcap64.dll
2014-09-17 02:12 . 2014-06-21 18:11	1715224	----a-w-	c:\windows\system32\nvspbridge64.dll
2014-09-13 23:48 . 2014-05-15 06:47	73872	----a-w-	c:\windows\system32\OpenCL.dll
2014-09-13 23:48 . 2014-05-15 06:47	60560	----a-w-	c:\windows\SysWow64\OpenCL.dll
2014-09-13 23:48 . 2014-05-15 06:46	984424	----a-w-	c:\windows\system32\nvumdshimx.dll
2014-09-13 23:48 . 2014-05-15 06:46	3223120	----a-w-	c:\windows\system32\nvapi64.dll
2014-09-13 23:48 . 2014-05-15 06:46	2838424	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-09-13 23:48 . 2014-05-15 06:46	20589536	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-09-13 23:48 . 2014-05-15 06:46	18106152	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2014-09-13 23:48 . 2014-05-15 06:46	16875856	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-09-13 21:53 . 2014-05-15 06:47	6890696	----a-w-	c:\windows\system32\nvcpl.dll
2014-09-13 21:53 . 2014-05-15 06:47	3529872	----a-w-	c:\windows\system32\nvsvc64.dll
2014-09-13 21:53 . 2014-05-15 06:47	934216	----a-w-	c:\windows\system32\nvvsvc.exe
2014-09-13 21:53 . 2014-05-15 06:47	62608	----a-w-	c:\windows\system32\nvshext.dll
2014-09-13 21:53 . 2014-05-15 06:47	385168	----a-w-	c:\windows\system32\nvmctray.dll
2014-09-11 15:37 . 2014-05-15 06:47	3961833	----a-w-	c:\windows\system32\nvcoproc.bin
2014-09-04 19:14 . 2014-03-28 19:18	34976	----a-w-	c:\windows\system32\nvaudcap64v.dll
2014-08-15 13:48 . 2014-03-29 09:26	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-15 13:48 . 2014-03-29 09:26	699568	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-24 23:35 . 2014-07-24 23:35	875688	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 20:47 . 2014-07-24 20:47	869544	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2014-07-16 03:23 . 2014-08-14 13:31	2048	----a-w-	c:\windows\system32\tzres.dll
2014-07-16 02:46 . 2014-08-14 13:31	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-07-14 02:02 . 2014-08-14 13:31	1216000	----a-w-	c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-14 13:31	664064	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2014-07-09 02:03 . 2014-08-14 13:31	7168	----a-w-	c:\windows\system32\KBDYAK.DLL
2014-07-09 02:03 . 2014-08-14 13:31	7168	----a-w-	c:\windows\system32\KBDTAT.DLL
2014-07-09 02:03 . 2014-08-14 13:31	7168	----a-w-	c:\windows\system32\KBDRU1.DLL
2014-07-09 02:03 . 2014-08-14 13:31	6656	----a-w-	c:\windows\system32\KBDRU.DLL
2014-07-09 02:03 . 2014-08-14 13:31	7168	----a-w-	c:\windows\system32\KBDBASH.DLL
2014-07-09 01:31 . 2014-08-14 13:31	7168	----a-w-	c:\windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31 . 2014-08-14 13:31	6656	----a-w-	c:\windows\SysWow64\KBDBASH.DLL
2014-07-05 10:53 . 2014-03-30 15:51	2561504	----a-w-	c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2014-07-02 20:48 . 2014-07-30 10:23	1890080	----a-w-	c:\windows\system32\nvdispco6434052.dll
2014-07-02 20:48 . 2014-07-30 10:23	1539928	----a-w-	c:\windows\system32\nvdispgenco6434052.dll
2014-06-30 22:24 . 2014-08-14 13:34	8856	----a-w-	c:\windows\system32\icardres.dll
2014-06-30 22:14 . 2014-08-14 13:34	8856	----a-w-	c:\windows\SysWow64\icardres.dll
2014-06-25 02:05 . 2014-08-14 13:31	14175744	----a-w-	c:\windows\system32\shell32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 18:38	1720976	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 18:38	1720976	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 18:38	1720976	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Babakan"="if %date:~6" [X]
"P17RunE"="P17RunE.dll" [2008-03-28 14848]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Ozone Strike Pro Driver"="c:\program files (x86)\Ozone Strike Pro Driver\Monitor.exe" [2013-08-19 479232]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SQL Server Distributed Replay Client;SQL Server Distributed Replay Client;c:\program files (x86)\Microsoft SQL Server\110\Tools\DReplayClient\DReplayClient.exe;c:\program files (x86)\Microsoft SQL Server\110\Tools\DReplayClient\DReplayClient.exe [x]
R3 SQL Server Distributed Replay Controller;SQL Server Distributed Replay Controller;c:\program files (x86)\Microsoft SQL Server\110\Tools\DReplayController\DReplayController.exe;c:\program files (x86)\Microsoft SQL Server\110\Tools\DReplayController\DReplayController.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [x]
R4 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x]
R4 RsFx0201;RsFx0201 Driver;c:\windows\system32\DRIVERS\RsFx0201.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0201.sys [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 MsDtsServer110;SQL Server Integration Services 11.0;c:\program files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe;c:\program files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe;c:\program files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe;c:\program files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-12 07:07	1096520	----a-w-	c:\program files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-09-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-29 13:48]
.
2014-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf6a3f3980a311.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-30 17:45]
.
2014-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf6a3f39a89e07.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-30 17:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 18:37	2322576	----a-w-	c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 18:37	2322576	----a-w-	c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 18:37	2322576	----a-w-	c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01UnsuppModule]
@="{AEB16659-2125-4ADA-A4AB-45EE21E86469}"
[HKEY_CLASSES_ROOT\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}]
2014-04-02 13:32	2765312	----a-w-	c:\users\Panos\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02SyncingModule]
@="{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}"
[HKEY_CLASSES_ROOT\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}]
2014-04-02 13:32	2765312	----a-w-	c:\users\Panos\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03SyncedModule]
@="{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}"
[HKEY_CLASSES_ROOT\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}]
2014-04-02 13:32	2765312	----a-w-	c:\users\Panos\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04ReadOnlyModule]
@="{A433C3E0-8B24-40EB-93C3-4B10D9959F58}"
[HKEY_CLASSES_ROOT\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}]
2014-04-02 13:32	2765312	----a-w-	c:\users\Panos\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-09-17 2460488]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-09-17 2799784]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\users\Panos\AppData\Roaming\Mozilla\Firefox\Profiles\jju3ited.default\
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
AddRemove-Yaiba Ninja Gaiden Z_is1 - f:\yaiba ninja gaiden z\unins000.exe
.
.
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ReportServerSharePoint:Service]
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-09-19  17:36:37
ComboFix-quarantined-files.txt  2014-09-19 14:36
.
Pre-Run: 42,218,311,680 bytes free
Post-Run: 42,596,950,016 bytes free
.
- - End Of File - - 5672D4417B08446507102B7AABA3424D
A36C5E4F47E84449FF07ED3517B43A31


#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 PM

Posted 22 September 2014 - 03:02 AM

Please create new logs with FRST and post them here.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 draickin

draickin
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 22 September 2014 - 09:26 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Panos (administrator) on PANOS-PC on 22-09-2014 17:23:36
Running from C:\Users\Panos\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Panos\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Ozone Strike Pro Driver\Monitor.EXE
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdhost.exe
() C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpn.exe
(Jive Software) C:\Program Files (x86)\Spark\Spark.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [P17RunE] => RunDll32 P17RunE.dll,RunDLLEntry
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Ozone Strike Pro Driver] => C:\Program Files (x86)\Ozone Strike Pro Driver\Monitor.exe [479232 2013-08-19] ()
HKLM-x32\...\Run: [Babakan] => cmd.exe /k if %date:~6,4%%date:~3,2%%date:~0,2% LEQ 20131027 (exit) else (start http://dinoraptzor.org && exit)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-4145006928-9390800-2354053957-1000\...\Run: [Spotify Web Helper] => C:\Users\Panos\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-21] (Spotify Ltd)
ShellIconOverlayIdentifiers: 01UnsuppModule -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Panos\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: 02SyncingModule -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Panos\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: 03SyncedModule -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Panos\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: 04ReadOnlyModule -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Panos\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Panos\AppData\Roaming\Mozilla\Firefox\Profiles\jju3ited.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Extension: Youtube Downloader - Media Downloader - C:\Users\Panos\AppData\Roaming\Mozilla\Firefox\Profiles\jju3ited.default\Extensions\paulsaintuzb@gmail.com.xpi [2014-06-07]
FF Extension: Adblock Plus - C:\Users\Panos\AppData\Roaming\Mozilla\Firefox\Profiles\jju3ited.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-28]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-03-29]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-03-29]

Chrome: 
=======
CHR Profile: C:\Users\Panos\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Panos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-30]
CHR Extension: (Google Drive) - C:\Users\Panos\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Panos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-03]
CHR Extension: (YouTube) - C:\Users\Panos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-30]
CHR Extension: (Google Search) - C:\Users\Panos\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-30]
CHR Extension: (Google Wallet) - C:\Users\Panos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-30]
CHR Extension: (Gmail) - C:\Users\Panos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-30]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S4 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-03-28] (Creative Labs) [File not signed]
S4 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-03-29] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 MsDtsServer110; C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [218816 2014-05-15] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [50368 2014-05-15] (Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [194240 2014-05-15] (Microsoft Corporation)
R2 MSSQLServerOLAPService; C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe [80044736 2014-05-15] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2454720 2014-05-15] (Microsoft Corporation)
S3 SQL Server Distributed Replay Client; C:\Program Files (x86)\Microsoft SQL Server\110\Tools\DReplayClient\DReplayClient.exe [137304 2012-02-11] (Microsoft Corporation)
S3 SQL Server Distributed Replay Controller; C:\Program Files (x86)\Microsoft SQL Server\110\Tools\DReplayController\DReplayController.exe [342104 2012-02-11] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2014-05-15] (Microsoft Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-24] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S4 RsFx0201; C:\Windows\System32\DRIVERS\RsFx0201.sys [337088 2014-05-15] (Microsoft Corporation)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2014-03-30] (Duplex Secure Ltd.)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 17:23 - 2014-09-22 17:23 - 00022511 _____ () C:\Users\Panos\Desktop\FRST.txt
2014-09-22 17:22 - 2014-09-16 12:53 - 02105856 _____ (Farbar) C:\Users\Panos\Desktop\FRST64.exe
2014-09-22 15:18 - 2014-09-22 15:45 - 00033673 _____ () C:\Users\Panos\Desktop\InfosetHelpDeskLog_Emerald.xlsx
2014-09-22 10:43 - 2014-09-22 17:04 - 00401920 _____ () C:\Users\Panos\Desktop\ML28695 Reconciliation 20140903.xls
2014-09-21 19:31 - 2014-09-21 19:31 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-21 19:31 - 2014-09-21 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-21 12:44 - 2014-09-21 12:44 - 00001805 _____ () C:\Users\Panos\Desktop\Spotify.lnk
2014-09-21 12:44 - 2014-09-21 12:44 - 00001791 _____ () C:\Users\Panos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-09-21 12:44 - 2014-09-21 12:44 - 00000000 ____D () C:\Users\Panos\AppData\Local\Spotify
2014-09-21 12:43 - 2014-09-22 09:15 - 00000000 ____D () C:\Users\Panos\AppData\Roaming\Spotify
2014-09-19 17:36 - 2014-09-19 17:36 - 00033437 _____ () C:\ComboFix.txt
2014-09-19 17:30 - 2014-09-19 17:36 - 00000000 ____D () C:\Qoobox
2014-09-19 17:30 - 2014-09-19 17:36 - 00000000 ____D () C:\ComboFix
2014-09-19 17:30 - 2014-09-19 17:35 - 00000000 ____D () C:\Windows\erdnt
2014-09-19 17:30 - 2011-06-26 09:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-19 17:30 - 2010-11-07 20:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-19 17:30 - 2009-04-20 07:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-19 17:30 - 2000-08-31 03:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-19 17:30 - 2000-08-31 03:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-19 17:30 - 2000-08-31 03:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-19 17:30 - 2000-08-31 03:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-19 17:30 - 2000-08-31 03:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-19 17:28 - 2014-09-19 17:28 - 05578824 ____R (Swearware) C:\Users\Panos\Desktop\ComboFix.exe
2014-09-19 17:27 - 2014-09-19 17:27 - 00000650 _____ () C:\Users\Panos\Desktop\defogger_disable.log
2014-09-19 17:27 - 2014-09-19 17:27 - 00000216 _____ () C:\Users\Panos\defogger_reenable
2014-09-19 17:26 - 2014-09-19 17:26 - 00050477 _____ () C:\Users\Panos\Desktop\Defogger.exe
2014-09-19 15:04 - 2014-09-19 15:04 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-09-19 15:03 - 2014-09-13 23:13 - 00613696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-09-19 15:02 - 2014-09-17 07:51 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-09-19 15:02 - 2014-09-17 07:51 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-09-19 15:02 - 2014-09-17 07:51 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 31887680 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 24552592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 19954520 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 14026304 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 13939272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 13157696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-09-19 15:02 - 2014-09-14 02:48 - 11392576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 11330776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 04287296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 04008592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434411.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434411.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 00957584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 00925896 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 00919240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 00894096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 00867528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 00501064 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 00417096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-09-19 15:02 - 2014-09-14 02:48 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-09-19 14:31 - 2014-09-04 22:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-19 14:31 - 2014-09-04 22:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-19 09:45 - 2014-09-19 09:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-18 11:35 - 2014-09-22 16:52 - 00018860 _____ () C:\Users\Panos\Desktop\InfosetHelpDeskLog_IPSOSYS.xlsx
2014-09-18 10:33 - 2014-09-19 17:08 - 00027986 _____ () C:\Users\Panos\Desktop\CTusers_EMERALD.xlsx
2014-09-17 19:39 - 2014-09-17 19:39 - 00001121 _____ () C:\Users\Panos\Desktop\DXHRDC - Shortcut.lnk
2014-09-17 09:48 - 2014-09-17 09:48 - 00015420 _____ () C:\Users\Panos\Desktop\ark.txt
2014-09-16 13:14 - 2014-09-16 13:24 - 00020345 _____ () C:\Users\Panos\Desktop\dds.txt
2014-09-16 13:14 - 2014-09-16 13:24 - 00017427 _____ () C:\Users\Panos\Desktop\attach.txt
2014-09-16 12:54 - 2014-09-22 17:23 - 00000000 ____D () C:\FRST
2014-09-15 15:50 - 2014-09-15 15:50 - 02107133 _____ () C:\Users\Panos\AppData\Local\debuggee.mdmp
2014-09-11 16:52 - 2014-09-11 16:52 - 00025439 _____ () C:\Users\Panos\Desktop\CERL080AGR03_MedDRa_coding.xlsx
2014-09-11 16:52 - 2014-09-11 16:52 - 00016840 _____ () C:\Users\Panos\Desktop\Copy of Myfortic III AE-SAE Coding by MedDRA-1.xlsx
2014-09-11 14:14 - 2014-09-11 14:14 - 00000165 ____H () C:\Users\Panos\Desktop\~$Investigators Emerald.xlsx
2014-09-11 10:26 - 2014-09-11 10:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-09-10 12:47 - 2014-09-10 12:47 - 00000900 _____ () C:\Users\Public\Desktop\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst.lnk
2014-09-10 12:47 - 2014-09-10 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst
2014-09-10 09:43 - 2014-09-10 09:43 - 00007606 _____ () C:\Users\Panos\AppData\Local\Resmon.ResmonCfg
2014-09-10 09:18 - 2014-08-19 21:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 09:18 - 2014-08-19 20:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 09:18 - 2014-08-19 02:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 09:18 - 2014-08-19 01:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 09:18 - 2014-08-19 01:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 09:18 - 2014-08-19 01:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 09:18 - 2014-08-19 01:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 09:18 - 2014-08-19 01:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 09:18 - 2014-08-19 01:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 09:18 - 2014-08-19 01:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 09:18 - 2014-08-19 01:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 09:18 - 2014-08-19 01:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 09:18 - 2014-08-19 01:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 09:18 - 2014-08-19 01:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 09:18 - 2014-08-19 01:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 09:18 - 2014-08-19 01:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 09:18 - 2014-08-19 01:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 09:18 - 2014-08-19 01:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 09:18 - 2014-08-19 01:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 09:18 - 2014-08-19 00:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 09:18 - 2014-08-19 00:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 09:18 - 2014-08-19 00:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 09:18 - 2014-08-19 00:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 09:18 - 2014-08-19 00:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 09:18 - 2014-08-19 00:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 09:18 - 2014-08-19 00:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 09:18 - 2014-08-19 00:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 09:18 - 2014-08-19 00:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 09:18 - 2014-08-19 00:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 09:18 - 2014-08-19 00:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 09:18 - 2014-08-19 00:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 09:18 - 2014-08-19 00:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 09:18 - 2014-08-19 00:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 09:18 - 2014-08-19 00:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 09:18 - 2014-08-19 00:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 09:18 - 2014-08-19 00:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 09:18 - 2014-08-19 00:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 09:18 - 2014-08-19 00:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 09:18 - 2014-08-19 00:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 09:18 - 2014-08-19 00:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 09:18 - 2014-08-19 00:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 09:18 - 2014-08-19 00:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 09:18 - 2014-08-19 00:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 09:18 - 2014-08-19 00:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 09:18 - 2014-08-19 00:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 09:18 - 2014-08-19 00:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 09:18 - 2014-08-19 00:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 09:18 - 2014-08-19 00:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 09:18 - 2014-08-19 00:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 09:18 - 2014-08-19 00:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 09:18 - 2014-08-19 00:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 09:18 - 2014-08-18 23:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 09:18 - 2014-08-18 23:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 09:18 - 2014-08-18 23:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 09:18 - 2014-08-18 23:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 09:18 - 2014-08-18 23:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 09:17 - 2014-06-27 05:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 09:17 - 2014-06-27 04:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 09:16 - 2014-08-01 14:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 09:16 - 2014-08-01 14:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 09:16 - 2014-07-07 05:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 09:16 - 2014-07-07 05:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 09:16 - 2014-07-07 04:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 09:16 - 2014-07-07 04:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 09:16 - 2014-07-07 04:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 09:16 - 2014-06-24 06:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 09:16 - 2014-06-24 05:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-02 13:34 - 2014-09-02 15:10 - 00027648 _____ () C:\Users\Panos\Desktop\ΤΕΣΤ-1.xls
2014-08-29 18:03 - 2014-08-29 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2014-08-29 18:02 - 2014-08-29 18:02 - 00000000 ____D () C:\Users\Panos\AppData\Local\Foxit PhantomPDF
2014-08-29 17:53 - 2014-08-29 18:03 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-08-29 17:53 - 2014-08-29 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-08-28 09:13 - 2014-08-23 05:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 09:13 - 2014-08-23 04:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 09:13 - 2014-08-23 03:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 17:23 - 2014-09-22 17:23 - 00022511 _____ () C:\Users\Panos\Desktop\FRST.txt
2014-09-22 17:23 - 2014-09-16 12:54 - 00000000 ____D () C:\FRST
2014-09-22 17:18 - 2014-03-30 18:51 - 00000000 ____D () C:\Users\Panos\Documents\Visual Studio 2010
2014-09-22 17:18 - 2014-03-29 12:43 - 00000000 ____D () C:\Users\Panos\AppData\Local\CloudStation
2014-09-22 17:07 - 2014-05-08 00:56 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6a3f39a89e07.job
2014-09-22 17:04 - 2014-09-22 10:43 - 00401920 _____ () C:\Users\Panos\Desktop\ML28695 Reconciliation 20140903.xls
2014-09-22 17:00 - 2014-03-29 04:00 - 00204311 _____ () C:\Users\Panos\Network_Meter_Data.js
2014-09-22 16:52 - 2014-09-18 11:35 - 00018860 _____ () C:\Users\Panos\Desktop\InfosetHelpDeskLog_IPSOSYS.xlsx
2014-09-22 16:37 - 2014-03-29 12:26 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-22 15:45 - 2014-09-22 15:18 - 00033673 _____ () C:\Users\Panos\Desktop\InfosetHelpDeskLog_Emerald.xlsx
2014-09-22 14:25 - 2014-03-29 13:43 - 00000000 ____D () C:\Users\Panos\AppData\Roaming\uTorrent
2014-09-22 13:16 - 2014-04-28 12:57 - 00000132 _____ () C:\Users\Panos\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-09-22 10:10 - 2014-03-29 12:45 - 00000000 ___RD () C:\Users\Panos\Common
2014-09-22 10:10 - 2014-03-29 12:45 - 00000000 ___RD () C:\Users\Panos\CloudStation
2014-09-22 09:19 - 2009-07-14 08:13 - 01077098 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-22 09:16 - 2009-07-14 07:45 - 00021808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-22 09:16 - 2009-07-14 07:45 - 00021808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-22 09:15 - 2014-09-21 12:43 - 00000000 ____D () C:\Users\Panos\AppData\Roaming\Spotify
2014-09-22 09:11 - 2014-04-04 09:14 - 00004958 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Panos-PC-Panos Panos-PC
2014-09-22 09:11 - 2014-03-29 13:54 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-09-22 09:11 - 2014-03-29 03:47 - 00021830 _____ () C:\Users\Panos\IP_Log_Data.js
2014-09-22 09:11 - 2014-03-29 03:11 - 01914841 _____ () C:\Windows\WindowsUpdate.log
2014-09-22 09:10 - 2014-05-15 09:47 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-22 09:10 - 2014-05-08 00:56 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6a3f3980a311.job
2014-09-22 09:10 - 2014-04-10 15:49 - 00000000 ____D () C:\Users\Panos\AppData\Local\TSVNCache
2014-09-22 09:10 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-22 09:10 - 2009-07-14 07:51 - 00132763 _____ () C:\Windows\setupact.log
2014-09-22 01:12 - 2014-03-28 22:07 - 00000027 _____ () C:\Users\Panos\AppData\Roaming\Network Meter_Usage.ini
2014-09-22 01:11 - 2014-03-29 01:29 - 00000000 ____D () C:\Users\Panos\AppData\Roaming\Skype
2014-09-21 19:59 - 2014-03-28 23:05 - 00000000 ____D () C:\Users\Panos\AppData\Local\dxhr
2014-09-21 19:31 - 2014-09-21 19:31 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-21 19:31 - 2014-09-21 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-21 19:31 - 2014-03-29 01:29 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-21 19:31 - 2014-03-29 01:29 - 00000000 ____D () C:\ProgramData\Skype
2014-09-21 17:59 - 2014-03-28 22:35 - 00000000 ____D () C:\Users\Panos\AppData\Roaming\vlc
2014-09-21 12:44 - 2014-09-21 12:44 - 00001805 _____ () C:\Users\Panos\Desktop\Spotify.lnk
2014-09-21 12:44 - 2014-09-21 12:44 - 00001791 _____ () C:\Users\Panos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-09-21 12:44 - 2014-09-21 12:44 - 00000000 ____D () C:\Users\Panos\AppData\Local\Spotify
2014-09-19 18:00 - 2010-11-21 06:47 - 00030156 _____ () C:\Windows\PFRO.log
2014-09-19 17:36 - 2014-09-19 17:36 - 00033437 _____ () C:\ComboFix.txt
2014-09-19 17:36 - 2014-09-19 17:30 - 00000000 ____D () C:\Qoobox
2014-09-19 17:36 - 2014-09-19 17:30 - 00000000 ____D () C:\ComboFix
2014-09-19 17:35 - 2014-09-19 17:30 - 00000000 ____D () C:\Windows\erdnt
2014-09-19 17:35 - 2009-07-14 05:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-19 17:28 - 2014-09-19 17:28 - 05578824 ____R (Swearware) C:\Users\Panos\Desktop\ComboFix.exe
2014-09-19 17:27 - 2014-09-19 17:27 - 00000650 _____ () C:\Users\Panos\Desktop\defogger_disable.log
2014-09-19 17:27 - 2014-09-19 17:27 - 00000216 _____ () C:\Users\Panos\defogger_reenable
2014-09-19 17:27 - 2014-03-29 03:10 - 00000000 ____D () C:\Users\Panos
2014-09-19 17:26 - 2014-09-19 17:26 - 00050477 _____ () C:\Users\Panos\Desktop\Defogger.exe
2014-09-19 17:23 - 2014-03-30 19:08 - 00000000 ____D () C:\Users\MSSQLFDLauncher
2014-09-19 17:23 - 2014-03-29 03:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-19 17:22 - 2014-03-31 20:07 - 00026957 _____ () C:\Users\Panos\Desktop\Investigators Emerald.xlsx
2014-09-19 17:08 - 2014-09-18 10:33 - 00027986 _____ () C:\Users\Panos\Desktop\CTusers_EMERALD.xlsx
2014-09-19 15:04 - 2014-09-19 15:04 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-09-19 15:04 - 2014-05-15 09:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-09-19 15:03 - 2014-03-28 22:19 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-19 14:31 - 2014-03-28 22:17 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-19 09:45 - 2014-09-19 09:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-18 09:20 - 2014-03-30 19:08 - 00000000 ____D () C:\Users\MsDtsServer110
2014-09-17 19:39 - 2014-09-17 19:39 - 00001121 _____ () C:\Users\Panos\Desktop\DXHRDC - Shortcut.lnk
2014-09-17 18:15 - 2014-04-05 19:04 - 00002292 ____H () C:\Users\Panos\Documents\Default.rdp
2014-09-17 09:48 - 2014-09-17 09:48 - 00015420 _____ () C:\Users\Panos\Desktop\ark.txt
2014-09-17 07:51 - 2014-09-19 15:02 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-09-17 07:51 - 2014-09-19 15:02 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-09-17 07:51 - 2014-09-19 15:02 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-09-17 05:13 - 2014-06-21 21:11 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-09-17 05:13 - 2014-05-15 09:47 - 02193560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-09-17 05:12 - 2014-06-21 21:11 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-09-17 05:12 - 2014-05-15 09:47 - 02799784 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-09-16 19:52 - 2014-03-31 20:08 - 00027443 _____ () C:\Users\Panos\Desktop\SqlQuery_1.sql
2014-09-16 14:22 - 2014-03-30 19:08 - 00000000 ____D () C:\Users\Panos\Documents\SQL Server Management Studio
2014-09-16 13:24 - 2014-09-16 13:14 - 00020345 _____ () C:\Users\Panos\Desktop\dds.txt
2014-09-16 13:24 - 2014-09-16 13:14 - 00017427 _____ () C:\Users\Panos\Desktop\attach.txt
2014-09-16 12:53 - 2014-09-22 17:22 - 02105856 _____ (Farbar) C:\Users\Panos\Desktop\FRST64.exe
2014-09-15 16:38 - 2014-08-16 21:33 - 00000000 ____D () C:\Users\Panos\AppData\Local\Adobe
2014-09-15 15:50 - 2014-09-15 15:50 - 02107133 _____ () C:\Users\Panos\AppData\Local\debuggee.mdmp
2014-09-14 02:48 - 2014-09-19 15:02 - 31887680 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 24552592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 19954520 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 14026304 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 13939272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 13157696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-09-14 02:48 - 2014-09-19 15:02 - 11392576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 11330776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 04287296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 04008592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434411.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434411.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 00957584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 00925896 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 00919240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 00894096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 00867528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 00501064 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 00417096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-09-14 02:48 - 2014-09-19 15:02 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-09-14 02:48 - 2014-05-15 09:47 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-09-14 02:48 - 2014-05-15 09:47 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-09-14 02:48 - 2014-05-15 09:46 - 20589536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-09-14 02:48 - 2014-05-15 09:46 - 18106152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-09-14 02:48 - 2014-05-15 09:46 - 16875856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-09-14 02:48 - 2014-05-15 09:46 - 03223120 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-09-14 02:48 - 2014-05-15 09:46 - 02838424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-09-14 02:48 - 2014-05-15 09:46 - 00984424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-09-14 02:48 - 2014-05-15 09:46 - 00026956 _____ () C:\Windows\system32\nvinfo.pb
2014-09-14 00:53 - 2014-05-15 09:47 - 06890696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-09-14 00:53 - 2014-05-15 09:47 - 03529872 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-09-14 00:53 - 2014-05-15 09:47 - 00934216 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-09-14 00:53 - 2014-05-15 09:47 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-09-14 00:53 - 2014-05-15 09:47 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-09-13 23:13 - 2014-09-19 15:03 - 00613696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-09-12 10:08 - 2014-03-30 20:46 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-11 18:37 - 2014-05-15 09:47 - 03961833 _____ () C:\Windows\system32\nvcoproc.bin
2014-09-11 18:26 - 2014-03-29 12:34 - 00000000 ____D () C:\Users\Panos\AppData\Roaming\Guild Wars 2
2014-09-11 16:52 - 2014-09-11 16:52 - 00025439 _____ () C:\Users\Panos\Desktop\CERL080AGR03_MedDRa_coding.xlsx
2014-09-11 16:52 - 2014-09-11 16:52 - 00016840 _____ () C:\Users\Panos\Desktop\Copy of Myfortic III AE-SAE Coding by MedDRA-1.xlsx
2014-09-11 14:14 - 2014-09-11 14:14 - 00000165 ____H () C:\Users\Panos\Desktop\~$Investigators Emerald.xlsx
2014-09-11 10:43 - 2014-09-11 10:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-09-11 04:41 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\rescache
2014-09-10 20:57 - 2014-03-28 23:58 - 00000000 ____D () C:\Users\Panos\AppData\Local\SKIDROW
2014-09-10 12:47 - 2014-09-10 12:47 - 00000900 _____ () C:\Users\Public\Desktop\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst.lnk
2014-09-10 12:47 - 2014-09-10 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst
2014-09-10 09:43 - 2014-09-10 09:43 - 00007606 _____ () C:\Users\Panos\AppData\Local\Resmon.ResmonCfg
2014-09-10 09:18 - 2014-03-28 22:19 - 01069220 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-08 16:44 - 2014-04-07 17:16 - 00000000 ____D () C:\Users\Panos\Desktop\MYFORTICIII
2014-09-08 11:00 - 2014-03-31 20:11 - 00000000 ___RD () C:\Users\Panos\Desktop\infoset
2014-09-04 22:14 - 2014-09-19 14:31 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-04 22:14 - 2014-09-19 14:31 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-04 22:14 - 2014-03-28 22:18 - 00034976 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-09-02 15:10 - 2014-09-02 13:34 - 00027648 _____ () C:\Users\Panos\Desktop\ΤΕΣΤ-1.xls
2014-09-01 17:59 - 2014-07-15 19:23 - 00010498 _____ () C:\Users\Panos\Desktop\New Text Document.txt
2014-08-30 20:07 - 2014-03-28 22:37 - 00000000 ____D () C:\Users\Panos\AppData\Roaming\Foxit Software
2014-08-29 18:03 - 2014-08-29 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2014-08-29 18:03 - 2014-08-29 17:53 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-08-29 18:02 - 2014-08-29 18:02 - 00000000 ____D () C:\Users\Panos\AppData\Local\Foxit PhantomPDF
2014-08-29 18:02 - 2014-03-30 13:36 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-29 18:02 - 2014-03-28 22:37 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-08-29 17:53 - 2014-08-29 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-08-29 17:30 - 2014-04-10 14:56 - 00000000 ____D () C:\Users\Panos\Documents\Visual Studio 2012
2014-08-28 09:14 - 2009-07-14 07:45 - 05069488 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-23 05:07 - 2014-08-28 09:13 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 04:45 - 2014-08-28 09:13 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 03:59 - 2014-08-28 09:13 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

Files to move or delete:
====================
C:\Users\Panos\IP_Log_Data.js
C:\Users\Panos\Network_Meter_Data.js


Some content of TEMP:
====================
C:\Users\Panos\AppData\Local\Temp\jna3008049726660906989.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 09:50

==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Panos at 2014-09-22 17:23:58
Running from C:\Users\Panos\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
"Thief" (HKLM-x32\...\{7CEA3557-5E36-49EE-9CBF-504EEA99E0DE}_is1) (Version: 1.3.4118.5 (Update 4) - )
"Tomb Raider" (HKLM-x32\...\{1EE9D482-3C07-4EE1-8968-6B364238FFE4}_is1) (Version: 1.1.748.0 - )
"Watch_Dogs" (HKLM-x32\...\{4F01FAA4-5688-4B10-B243-F8C67D279FA5}_is1) (Version: 0.1.0.1 (Update 1) - )
"XCOM - Enemy Within" (HKLM-x32\...\{EE377223-72A9-4995-B3B6-8A056CA4CE5D}_is1) (Version: 1.0.0.926 - )
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
ABCpdf .NET 9.1 (HKLM-x32\...\{34931C36-3964-475E-A174-32CA9F789A0E}) (Version: 9.10.2 - WebSupergoo)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.63.1071 - AB Team, d.o.o.)
Child of Light (HKLM-x32\...\Q2hpbGRvZkxpZ2h0_is1) (Version: 1 - )
Contents (x32 Version: 16.1.0.45 - Corel Corporation) Hidden
Corel VideoStudio Pro X6 (HKLM-x32\...\_{6688A246-F6E8-48AD-9806-8D5832E9F15D}) (Version: 16.1.0.45 - Corel Corporation)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.43 - Creative Technology Limited)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - )
Critical Update for Microsoft Visual Studio 2010 Ultimate - ENU (KB2938807) (HKLM-x32\...\{BC0464FA-A0BA-3E38-85BF-DC5B3A401F48}.KB2938807) (Version: 1 - Microsoft Corporation)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
Darksiders II (HKLM-x32\...\Darksiders II_is1) (Version: Darksiders II - )
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{1AA5BD63-6614-44B2-88A7-605191EDB835}) (Version: 5.0.2500.0 - PreEmptive Solutions)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Smart Security (HKLM\...\{F7C525E7-659A-47F6-A25A-7A63FA10E767}) (Version: 7.0.302.26 - ESET, spol s r. o.)
FastStone Image Viewer 5.1 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.1 - FastStone Soft)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit PhantomPDF Standard (HKLM-x32\...\{A652C696-8733-4681-820C-95465A19512B}) (Version: 6.2.1.618 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.2.802 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
ICA (x32 Version: 16.1.0.45 - Corel Corporation) Hidden
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IPM_VS_Pro (x32 Version: 16.0 - Corel Corporation) Hidden
Killer is Dead (HKLM-x32\...\Killer is Dead_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (x32 Version: 3.0.30710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (x32 Version: 1.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (Version:  - ) Hidden
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{DC5602AF-666C-4A56-92C3-B8D675003775}) (Version: 11.1.2818.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{E4A1FDA3-689D-44DA-9B39-86BD2270F522}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{3965C9F9-9B9A-4391-AC4B-8388210D3AA0}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Policies  (HKLM-x32\...\{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 RS Add-in for SharePoint  (HKLM\...\{9EA8AC07-9E3E-40D2-AA75-8AFEEF90E019}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 RsFx Driver (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{977887EC-1C9B-47FA-8489-88E5E7F43D5E}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{3D3F1CCD-2C87-4DDD-9B8C-CC0EB429E04D}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{E721A8AA-2632-4798-B439-6D4C8A689BB8}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM\...\{CC8B009A-98C9-497F-99AF-CEBE35D8C0CF}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32\...\{F3BBC56F-2282-4464-952F-A89772181F30}) (Version: 10.3.20116.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{DEB263CA-0386-4648-8382-FB78DBFA2C5F}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++  Compilers 2010 Standard - enu - x64 (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Performance Collection Tools SP1 - ENU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 SharePoint Developer Tools (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Shell (Integrated) - ENU (HKLM-x32\...\{012D26C3-E12A-3BDA-8ECE-DF14E721A507}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{20fc1ec7-3058-48d4-80f8-e1cfd52391c7}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x64 Runtime 3.0 (HKLM\...\{F14401A9-F0A0-33CC-8444-F60823A60DEB}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Developer Tools - Visual Studio 2012 (x32 Version: 1.0.30710.0 - Microsoft Corporation) Hidden
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
mIRC (HKLM-x32\...\mIRC) (Version: 7.34 - mIRC Co. Ltd.)
Mozilla Firefox 32.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 en-US)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 31.1.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.1.1 (x86 en-US)) (Version: 31.1.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst_is1) (Version: v1.0.0.0 - Black Beard)
NVIDIA 3D Vision Controller Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.11 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.11 - NVIDIA Corporation)
NVIDIA Control Panel 344.11 (Version: 344.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.14.0702 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
OpenVPN 2.3.2-I003  (HKLM\...\OpenVPN) (Version: 2.3.2-I003 - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Ozone Strike Pro Driver (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 1.0 - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Perl (x64) (HKLM\...\{13088604-3B4D-4C5A-AE0F-6DE82273F1C4}) (Version: 5.20.0 - HexChat)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
Primordia (HKLM-x32\...\GOGPACKPRIMORDIA_is1) (Version: 2.0.0.2 - GOG.com)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Resident Evil 4 (HKLM-x32\...\UmVzaWRlbnRFdmlsNA==_is1) (Version: 1 - )
Resident Evil 6 (HKLM-x32\...\Resident Evil 6_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.4.0 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SAP Crystal Reports runtime engine for .NET Framework (64-bit) (HKLM\...\{F9B436DD-8D48-430E-BA89-F85DFA452C55}) (Version: 13.0.9.1312 - SAP)
SAP Crystal Reports, version for Microsoft Visual Studio (HKLM-x32\...\{70594B11-7134-4C23-9408-8550115DC257}) (Version: 13.0.9.1312 - SAP)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for SQL Server 2012 (KB2958429) (64-bit) (HKLM\...\KB2958429) (Version: 11.2.5058.0 - Microsoft Corporation)
Setup (x32 Version: 16.1.0.45 - Corel Corporation) Hidden
Share (x32 Version: 16.1.0.45 - Corel Corporation) Hidden
Share64 (Version: 16.1.0.45 - Corel Corporation) Hidden
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.6 - SmartSound Software Inc.) Hidden
Spark 2.6.3.12555 (HKLM-x32\...\Spark 2.6.3.12555) (Version:  - Jive Software)
Spotify (HKCU\...\Spotify) (Version: 0.9.13.24.g5dbb3103 - Spotify AB)
SQL Server 2012 Analysis Services (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 BI Development Studio (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Client Tools (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality client (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality service (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality service (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Distributed Replay (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Distributed Replay (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Documentation Components (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Full text search (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Integration Services (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Master Data Services (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 RS_SharePoint_SharedService (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 SQL Data Quality Common (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.2.5058.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Steins;Gate version 1.0 (HKLM\...\{2A05A52B-BDD8-4FD5-A65A-687CB10D98DF}_is1) (Version: 1.0 - JAST USA)
Synology Cloud Station (remove only) (HKCU\...\Synology CloudStation) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
The Longest Journey (HKLM-x32\...\The Longest Journey_is1) (Version:  - GOG.com)
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\The Witcher 2 - Assassins of Kings Enhanced Edition_is1) (Version:  - GOG.com)
TortoiseSVN 1.8.5.25224 (64 bit) (HKLM\...\{57FCA88C-D94A-490A-B8C6-8ECC3A9A48D2}) (Version: 1.8.25224 - TortoiseSVN)
Transistor (HKLM-x32\...\Transistor_is1) (Version:  - )
Ultra Street Fighter IV (HKLM-x32\...\VWx0cmFTdHJlZXRGaWdodGVySVY=_is1) (Version: 1 - )
Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.8514.0 - Microsoft Corporation) Hidden
VisualSVN 4.0.6 (HKLM-x32\...\{EE182FEF-C6A4-47B1-B16A-7C91192EDD7D}) (Version: 4.0.6.0 - VisualSVN Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VSClassic (x32 Version: 16.1.0.45 - Corel Corporation) Hidden
VSHelp (x32 Version: 16.1.0.45 - Corel Corporation) Hidden
VSPro (x32 Version: 16.1.0.45 - Corel Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Windows App Certification Kit Native Components (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
Windows Runtime Intellisense Content - en-us (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Yaiba Ninja Gaiden Z, âåðñèÿ 1.0.0.0 (HKLM-x32\...\Yaiba Ninja Gaiden Z_is1) (Version: 1.0.0.0 - RePack by SEYTER)
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2013 - Ελληνικά (HKLM\...\{90150000-001F-0408-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4145006928-9390800-2354053957-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4145006928-9390800-2354053957-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Panos\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-4145006928-9390800-2354053957-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Panos\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-4145006928-9390800-2354053957-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Panos\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-4145006928-9390800-2354053957-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Panos\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-4145006928-9390800-2354053957-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Panos\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)

==================== Restore Points  =========================

18-09-2014 01:32:47 Scheduled Checkpoint
19-09-2014 11:31:41 Installed DirectX

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:34 - 2014-09-19 17:35 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {058EB1E4-46B7-441A-B51E-D46FD15EA335} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {415F242B-F26F-4452-81FC-FE8BA019ACA8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {4E8A2682-977E-42B2-825E-0F823C2F7D16} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-15] (Adobe Systems Incorporated)
Task: {8F6D3D15-02A6-4262-B65F-AA6D6758F9BB} - System32\Tasks\GoogleUpdateTaskMachineCore1cf6a3f3980a311 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-30] (Google Inc.)
Task: {8F72476B-997E-4F58-BBD1-3EFC9A7E5AB7} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Panos-PC-Panos Panos-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {ADF19A2B-EB87-45ED-9DF6-0DB768DE3FCE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {AF090AE7-B28D-4E61-B83F-1CC4E713AC47} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-03-29] ()
Task: {B2D420AF-8A16-4A2B-B20E-8E0EE8AD2D3A} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6a3f39a89e07 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-30] (Google Inc.)
Task: {F1C29F8B-3CEF-466D-9812-2238AC71319B} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-05-19] (Samsung Electronics.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6a3f3980a311.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6a3f39a89e07.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-15 09:47 - 2014-09-14 00:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-10-01 21:36 - 2012-10-01 21:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-02-18 21:16 - 2014-02-18 21:16 - 00076016 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2014-02-18 21:16 - 2014-02-18 21:16 - 00088816 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2014-04-02 16:32 - 2014-04-02 16:32 - 00909312 _____ () C:\Users\Panos\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\ContextMenu.dll
2014-06-02 22:02 - 2013-08-19 17:17 - 00479232 _____ () C:\Program Files (x86)\Ozone Strike Pro Driver\Monitor.EXE
2013-08-22 16:25 - 2013-08-22 16:25 - 00411960 _____ () C:\Program Files\OpenVPN\bin\openvpn-gui.exe
2013-08-22 16:25 - 2013-08-22 16:25 - 00199336 _____ () C:\Program Files\OpenVPN\bin\liblzo2-2.dll
2013-08-22 16:25 - 2013-08-22 16:25 - 00117464 _____ () C:\Program Files\OpenVPN\bin\libpkcs11-helper-1.dll
2014-03-29 03:53 - 2009-02-06 19:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2014-03-29 03:53 - 2009-07-10 10:07 - 00166912 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-06-02 22:02 - 2013-08-27 09:35 - 00057344 _____ () C:\Program Files (x86)\Ozone Strike Pro Driver\lan.dll
2014-06-02 22:02 - 2013-01-18 15:25 - 00061440 _____ () C:\Program Files (x86)\Ozone Strike Pro Driver\hiddriver.dll
2012-10-01 21:37 - 2012-10-01 21:37 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-02-18 20:32 - 2014-02-18 20:32 - 00065776 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2014-02-18 20:32 - 2014-02-18 20:32 - 00071920 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2014-03-29 13:12 - 2011-07-01 09:57 - 00159744 _____ () C:\Program Files (x86)\Spark\lib\windows\civil.dll
2014-03-29 13:12 - 2014-03-29 13:12 - 00019000 _____ () C:\Users\Panos\AppData\Roaming\Spark\plugins\flashing\lib\FlashWindow.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Creative ALchemy AL6 Licensing Service => 3
MSCONFIG\Services: Creative Audio Engine Licensing Service => 3
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupfolder: C:^Users^Panos^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk => C:\Windows\pss\Samsung Magician.lnk.Startup
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPDLR.exe => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Standard VGA Graphics Adapter
Description: Standard VGA Graphics Adapter
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard display types)
Service: vga
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/22/2014 09:12:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2014 09:10:52 AM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER) cannot connect to the report server database.

Error: (09/21/2014 00:21:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2014 00:20:08 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER) cannot connect to the report server database.

Error: (09/20/2014 11:08:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2014 11:06:42 AM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER) cannot connect to the report server database.

Error: (09/19/2014 06:02:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2014 06:00:27 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER) cannot connect to the report server database.

Error: (09/19/2014 05:29:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2014 05:28:01 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER) cannot connect to the report server database.


System errors:
=============
Error: (09/22/2014 03:09:58 PM) (Source: Schannel) (EventID: 4114) (User: Panos-PC)
Description: The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate.

Error: (09/22/2014 03:09:58 PM) (Source: Schannel) (EventID: 4120) (User: Panos-PC)
Description: The following fatal alert was generated: 48. The internal error state is 552.

Error: (09/22/2014 03:08:49 PM) (Source: Schannel) (EventID: 4114) (User: Panos-PC)
Description: The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate.

Error: (09/22/2014 03:08:49 PM) (Source: Schannel) (EventID: 4120) (User: Panos-PC)
Description: The following fatal alert was generated: 48. The internal error state is 552.

Error: (09/22/2014 03:06:12 PM) (Source: Schannel) (EventID: 4114) (User: Panos-PC)
Description: The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate.

Error: (09/22/2014 03:06:12 PM) (Source: Schannel) (EventID: 4120) (User: Panos-PC)
Description: The following fatal alert was generated: 48. The internal error state is 552.

Error: (09/22/2014 03:04:41 PM) (Source: Schannel) (EventID: 4114) (User: Panos-PC)
Description: The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate.

Error: (09/22/2014 03:04:41 PM) (Source: Schannel) (EventID: 4120) (User: Panos-PC)
Description: The following fatal alert was generated: 48. The internal error state is 552.

Error: (09/22/2014 03:00:59 PM) (Source: Schannel) (EventID: 4114) (User: Panos-PC)
Description: The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate.

Error: (09/22/2014 03:00:59 PM) (Source: Schannel) (EventID: 4120) (User: Panos-PC)
Description: The following fatal alert was generated: 48. The internal error state is 552.


Microsoft Office Sessions:
=========================
Error: (09/22/2014 09:12:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2014 09:10:52 AM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER)

Error: (09/21/2014 00:21:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2014 00:20:08 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER)

Error: (09/20/2014 11:08:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2014 11:06:42 AM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER)

Error: (09/19/2014 06:02:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2014 06:00:27 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER)

Error: (09/19/2014 05:29:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2014 05:28:01 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER)


CodeIntegrity Errors:
===================================
  Date: 2014-09-19 17:34:47.318
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-19 17:34:47.294
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 28%
Total physical RAM: 8079.24 MB
Available physical RAM: 5748.26 MB
Total Pagefile: 8277.42 MB
Available Pagefile: 5515.1 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:38.34 GB) NTFS
Drive e: () (Fixed) (Total:19.58 GB) (Free:6.6 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Fixed) (Total:234.37 GB) (Free:32.41 GB) NTFS
Drive g: () (Fixed) (Total:58.59 GB) (Free:21.17 GB) NTFS
Drive h: () (Fixed) (Total:57.64 GB) (Free:43.68 GB) NTFS
Drive i: () (Fixed) (Total:146.97 GB) (Free:27.16 GB) NTFS
Drive j: () (Fixed) (Total:10.81 GB) (Free:3.31 GB) NTFS
Drive k: () (Fixed) (Total:697.13 GB) (Free:550.83 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 2593ECA5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AE222179)
Partition 1: (Not Active) - (Size=234.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=697.1 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 2E942E93)
Partition 1: (Active) - (Size=19.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=278.5 GB) - (Type=OF Extended)

==================== End Of Log ============================


#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 PM

Posted 23 September 2014 - 07:11 AM

Your logs show obvious signs of having cracked software on your system. This is the main reason your computer is infected. Visiting cracksites/warezsites - and other questionable/illegal sites is always a risk.

Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, and System Restore.

If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.

Additionally, cracked programs are illegal. Referring to the Forum Rules which you should have read at the time of Registering at this forum, this forum does not support illegal activity. As such, be advised that any request for assistance in removing malware may go unanswered, or may be discontinued, if the cracked (illegal) software is still present on the machine

Having said that we can help you clean your machine this time BUT this would be a ONCE ONLY offer on the understanding that all cracks are removed. This would apply not only here but at many other Malware Support forums if you were to appear again with cracks onboard, as many of us analysts work at multiple support sites. Please remove all cracked software and illegally obtained copyrighted material you have on the system so we may continue with the clean up.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 draickin

draickin
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 23 September 2014 - 10:07 AM

Dear Marius,

Thank you for your assistance with regard to my problem thus far.

I am happy to inform you that my system is clean, thanks to, but not limited to your help on this board.

 

Kind regards, draickin



#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 PM

Posted 23 September 2014 - 10:13 AM

OK! :)


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 PM

Posted 23 September 2014 - 10:13 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users