Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"The User Profile Service service failed the logon. User profile cannot be loade


  • Please log in to reply
46 replies to this topic

#1 dimi1975

dimi1975

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:53 PM

Posted 25 September 2014 - 05:51 PM

Hello everyone,

 

I need your help as I cannot access my admin user. I have windows 7 and I have the current situation: I am able to start my pc and reach the place where I can see my 3 users' account but I can login only to one of them. To the others I had the message on the title:

 

"The User Profile Service service failed the logon. User profile cannot be loaded."

 

I had read this topic  and so I will write down here the content of the frst.txt:

(ask me any missing information)

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-09-2014 01
Ran by SYSTEM on MININT-RRT6B3I on 25-09-2014 23:49:20
Running from G:\
Platform: Windows 7 Professional (X86) OS Language: Ελληνικά (Ελλάδας)
Internet Explorer Version 11
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM\...\Run: [AVG_TRAY] => C:\Program Files\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SweetIM] => C:\Program Files\SweetIM\Messenger\SweetIM.exe [114992 2011-08-01] (SweetIM Technologies Ltd.)
HKLM\...\Run: [Browser companion helper] => C:\Program Files\BrowserCompanion\BCHelper.exe [187696 2011-12-16] (Blabbers Communications LTD)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2640408 2014-08-25] ()
HKLM\...\Run: [eTMonitor] => C:\Program Files\Aladdin\eToken\PKIClient\x32\PKIMonitor.exe [230752 2009-12-31] (Aladdin Knowledge Systems, Ltd.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKU\Dimitra\...\Run: [Facebook Update] => C:\Users\Dimitra\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-07-29] (Facebook Inc.)
HKU\nikos\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\nikos\...\Run: [Facebook Update] => C:\Users\nikos\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKU\nikos\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\nikos\...\Run: [Brother DCP-116C] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHLE.EXE [212480 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\UpdatusUser\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe [1262616 2013-05-29] (AVG Secure Search)
HKU\UpdatusUser\...\Run: [AVG-Secure-Search-Update_JUNE2013_HP] => C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_HP.exe [1266712 2013-06-07] (AVG Secure Search)
Startup: C:\Users\nikos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
ShortcutTarget: tbhcn.lnk ->  (No File)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
S2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [156160 2011-01-11] (SEIKO EPSON CORPORATION)
S2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [125440 2011-01-11] (SEIKO EPSON CORPORATION)
S2 eTSrv; C:\Program Files\Aladdin\eToken\PKIClient\x32\eTSrv.exe [12640 2009-12-31] (Aladdin Knowledge Systems, Ltd.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-12] (AVG Secure Search)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [48296 2008-07-29] (Aladdin Knowledge Systems, Ltd.)
S3 AKSUP; C:\Windows\System32\drivers\aksup.sys [34472 2008-07-29] (Aladdin Knowledge Systems, Ltd.)
S3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [142176 2012-12-10] (AVG Technologies CZ, s.r.o. )
S3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfilterx.sys [24144 2011-12-23] (AVG Technologies CZ, s.r.o. )
S0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
S3 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [17232 2011-12-23] (AVG Technologies CZ, s.r.o. )
S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [250080 2012-11-08] (AVG Technologies CZ, s.r.o.)
S1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [41040 2011-12-23] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [31952 2012-01-31] (AVG Technologies CZ, s.r.o.)
S1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [302368 2013-04-11] (AVG Technologies CZ, s.r.o.)
S1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-12] (AVG Technologies)
S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-25 23:49 - 2014-09-25 23:49 - 00000000 ____D () C:\FRST
2014-09-25 22:32 - 2014-09-25 22:33 - 01100800 _____ (Farbar) C:\Users\Leonidas\Downloads\FRST.exe
2014-09-25 22:25 - 2014-09-25 22:25 - 00688992 _____ (Swearware) C:\Users\Leonidas\Downloads\dds.com
2014-09-24 19:36 - 2014-09-24 19:36 - 00000000 ____D () C:\Users\Leonidas\AppData\Roaming\Epson
2014-09-24 19:30 - 2014-09-25 21:37 - 00000000 ____D () C:\users\TEMP.nikos-PC
2014-09-24 19:30 - 2013-01-31 15:58 - 00000000 ____D () C:\Users\TEMP.nikos-PC\AppData\Roaming\TuneUp Software
2014-09-24 05:51 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2014-09-24 05:47 - 2014-09-24 05:47 - 00000000 ____D () C:\Users\nikos\AppData\Local\{2ACE1DAE-ABBA-4CEC-829C-531E07C33576}
2014-09-23 15:11 - 2014-09-23 15:12 - 00000000 ____D () C:\Users\nikos\AppData\Local\{DCE7C296-3699-4622-988F-E1CF783354AE}
2014-09-22 21:05 - 2014-09-22 21:05 - 00000000 ____D () C:\Users\nikos\AppData\Local\{AADC0870-F410-491B-A011-19E825E2854B}
2014-09-22 05:51 - 2014-09-22 05:52 - 00000000 ____D () C:\Users\nikos\AppData\Local\{C7252B32-4A5F-4828-965C-2FB1BC210992}
2014-09-21 09:36 - 2014-09-21 09:36 - 00000000 ____D () C:\Users\nikos\AppData\Local\{CFFA1F17-C847-455A-861F-31DDADBE2ADF}
2014-09-20 16:43 - 2014-09-22 18:26 - 00001017 _____ () C:\Users\nikos\Desktop\Dropbox.lnk
2014-09-20 14:13 - 2014-09-20 14:13 - 00000000 ____D () C:\Users\nikos\AppData\Local\{6A149AFE-5205-4266-9860-2E3CEBAD8404}
2014-09-19 18:10 - 2014-09-19 18:10 - 00000000 ____D () C:\Users\nikos\AppData\Local\{23BAD97E-F7AD-4AB2-9A1B-72D4EA5AFDD8}
2014-09-19 06:02 - 2014-09-19 06:02 - 00000000 ____D () C:\Users\nikos\AppData\Local\{C18333B2-2849-41E4-8649-4889BEA6A831}
2014-09-18 13:28 - 2014-09-18 13:29 - 00000000 ____D () C:\Users\nikos\AppData\Local\{6773B9B2-FBA4-4AC8-B612-EF6F3A84B470}
2014-09-17 19:25 - 2014-09-17 19:25 - 00000000 ____D () C:\Users\nikos\AppData\Local\{2F745894-BD7D-4C94-A521-6EEA9DB1878C}
2014-09-17 06:14 - 2014-09-17 06:14 - 00000000 ____D () C:\Users\nikos\AppData\Local\{9F74BBDF-C306-4F5D-A1C4-C6737654CE48}
2014-09-16 14:42 - 2014-09-16 14:43 - 00000000 ____D () C:\Users\nikos\AppData\Local\{5790728B-7050-475B-95CC-36207565CA93}
2014-09-15 23:04 - 2014-09-15 23:04 - 00028281 _____ () C:\Users\nikos\Documents\αγγλικά πανελληνίων.odt
2014-09-15 22:37 - 2014-09-15 22:37 - 00000000 ____D () C:\Users\nikos\AppData\Local\{1ACBDC6C-5209-40EE-894A-6CB8389C0C22}
2014-09-15 06:50 - 2014-09-15 06:50 - 00000000 ____D () C:\Users\nikos\AppData\Local\{581FBE26-BF3F-404B-9527-B2FBA393FDE1}
2014-09-14 22:06 - 2014-09-14 22:06 - 00025383 _____ () C:\Users\nikos\Desktop\ευχή κατά βασκανίας.odt
2014-09-14 12:34 - 2014-09-14 12:34 - 00000077 _____ () C:\Users\nikos\Downloads\EPK1100101314090503551559_b.txt
2014-09-14 12:33 - 2014-09-14 12:33 - 00001549 _____ () C:\Users\nikos\Downloads\EPK1100101314090503551559_a.txt
2014-09-14 09:16 - 2014-09-14 09:16 - 00000000 ____D () C:\Users\nikos\AppData\Local\{371CE70F-0B31-4A10-AD79-FC4EC2C76D27}
2014-09-13 18:37 - 2014-09-13 18:37 - 00000000 ____D () C:\Users\nikos\AppData\Local\{4EBA6468-AEC8-40A1-8842-DD8C6615AB95}
2014-09-13 06:09 - 2014-09-13 06:09 - 00000000 ____D () C:\Users\nikos\AppData\Local\{2F35CD37-F175-4D19-B9B9-5ED680AF4FD5}
2014-09-12 12:35 - 2014-09-12 12:35 - 00000000 ____D () C:\Users\nikos\AppData\Local\{5008BC3E-687F-437C-A261-B33A3459863F}
2014-09-12 00:52 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-09-12 00:52 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-09-12 00:52 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-09-12 00:52 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-09-12 00:52 - 2014-08-18 23:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-09-12 00:52 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-09-12 00:52 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-09-12 00:52 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-09-12 00:52 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-09-12 00:52 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-09-12 00:52 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-09-12 00:52 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-09-12 00:52 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-09-12 00:52 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-09-12 00:52 - 2014-08-18 23:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-09-12 00:52 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-09-12 00:52 - 2014-08-18 23:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-09-12 00:52 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-09-12 00:52 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-09-12 00:52 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-09-12 00:52 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-09-12 00:52 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-09-12 00:52 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-09-12 00:52 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-09-12 00:52 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-09-12 00:52 - 2014-08-18 23:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-09-12 00:52 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-09-12 00:52 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-09-12 00:52 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-09-12 00:52 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-09-12 00:51 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2014-09-11 23:46 - 2014-09-05 03:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-09-11 23:46 - 2014-09-05 03:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-09-11 23:46 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\System32\TSWorkspace.dll
2014-09-11 23:46 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2014-09-11 23:46 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2014-09-11 23:46 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2014-09-11 21:46 - 2014-09-11 21:46 - 00000930 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2014-09-11 21:46 - 2011-08-09 23:00 - 00341504 _____ (Seiko Epson Corporation) C:\Windows\System32\esw2ud.dll
2014-09-11 21:46 - 2009-10-15 23:00 - 00132560 _____ (Seiko Epson Corporation) C:\Windows\System32\esdevapp.exe
2014-09-11 21:46 - 2009-10-15 23:00 - 00012800 _____ (Seiko Epson Corporation) C:\Windows\System32\escdev.dll
2014-09-11 21:41 - 2014-09-11 21:41 - 00000050 _____ () C:\Windows\System32\bridf05a.dat
2014-09-11 21:40 - 2014-09-11 21:43 - 00000000 ____D () C:\Program Files\Brother
2014-09-11 21:40 - 2014-09-11 21:40 - 00000000 ____D () C:\ProgramData\Brother
2014-09-11 21:39 - 2014-09-11 21:39 - 00000000 ____D () C:\Users\nikos\Downloads\mflpro
2014-09-11 21:37 - 2014-09-11 21:38 - 35913642 _____ (A.I.SOFT,INC.) C:\Users\nikos\Downloads\115-INST-WIN7-A.EXE
2014-09-11 12:54 - 2014-09-11 12:54 - 00000000 ____D () C:\Users\nikos\AppData\Local\{1000525E-8947-4A66-B66D-7973ACABA641}
2014-09-10 12:00 - 2014-09-10 12:00 - 00000000 ____D () C:\Users\nikos\AppData\Local\{4EDEF1EA-F817-4662-8E57-6C43320653E5}
2014-09-09 23:42 - 2014-09-09 23:43 - 00000000 ____D () C:\Users\nikos\AppData\Local\{1DFBE101-3B92-415B-A53D-C0561E0BFA50}
2014-09-09 06:12 - 2014-09-09 06:12 - 00000000 ____D () C:\Users\nikos\AppData\Local\{91B5FA7B-BBF1-4648-AB45-71E5A2DD581E}
2014-09-08 16:42 - 2014-09-08 16:44 - 74646008 _____ (DVDVideoSoft Ltd. ) C:\Users\nikos\Downloads\FreeStudio.exe
2014-09-08 12:50 - 2014-09-08 12:50 - 00000000 ____D () C:\Users\nikos\AppData\Local\{23443B71-2BE6-440A-A698-4DEDCF44DFEE}
2014-09-07 22:10 - 2014-09-07 22:10 - 00000000 ____D () C:\Users\nikos\AppData\Local\{DF7649A2-17D0-4BBD-9031-3BE856B5F0FC}
2014-09-07 10:03 - 2014-09-07 10:03 - 00000000 ____D () C:\Users\nikos\AppData\Local\{0E4D7C6F-D1E8-46F8-9E2F-2A9C935DECD4}
2014-09-07 01:05 - 2014-09-07 01:05 - 00000000 ____D () C:\Users\nikos\AppData\Local\Skype
2014-09-07 01:04 - 2014-09-07 01:04 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-07 01:03 - 2014-09-07 01:03 - 01678440 _____ (Skype Technologies S.A.) C:\Users\nikos\Downloads\SkypeSetup (1).exe
2014-09-06 22:02 - 2014-09-06 22:03 - 00000000 ____D () C:\Users\nikos\AppData\Local\{B2C674DD-A6E0-4BB0-BD06-0066F205D09C}
2014-09-06 06:53 - 2014-09-06 06:53 - 00000000 ____D () C:\Users\nikos\AppData\Local\{92FF930F-864E-4D30-B774-778B7213B8CF}
2014-09-05 14:34 - 2014-09-05 14:35 - 00000000 ____D () C:\Users\nikos\AppData\Local\{C3D6D988-F058-4166-98CD-2DFE37E1FE9D}
2014-09-04 20:26 - 2014-09-04 20:26 - 00000000 ____D () C:\Users\nikos\AppData\Local\{169F129B-BD41-40F6-9AFA-94DF2EF3F242}
2014-09-04 16:01 - 2014-09-04 16:01 - 00008441 _____ () C:\Users\nikos\Desktop\ΚΑΡΤΕΛΑ ΕΡΓΑΖΟΜΕΝΟΥ ΚΩΝΣΤΑΝΤΙΝΙΔΗΣ ΝΙΚΟΣ.xlsx
2014-09-04 16:01 - 2014-09-04 16:01 - 00000095 ____H () C:\Users\nikos\Desktop\.~lock.ΚΑΡΤΕΛΑ ΕΡΓΑΖΟΜΕΝΟΥ ΚΩΝΣΤΑΝΤΙΝΙΔΗΣ ΝΙΚΟΣ.xlsx#
2014-09-04 15:43 - 2014-09-04 15:43 - 00013992 _____ () C:\Users\nikos\Downloads\ΚΑΡΤΕΛΑ ΕΡΓΑΖΟΜΕΝΟΥ βαγγελη.xlsx
2014-09-04 08:25 - 2014-09-04 08:25 - 00000000 ____D () C:\Users\nikos\AppData\Local\{F877FCA6-FCE3-4E22-9DCA-8B3A5BF4A803}
2014-09-03 18:36 - 2014-09-03 18:36 - 00000000 ____D () C:\Users\nikos\AppData\Local\{E9EB6D4A-5F63-446E-9A31-50F55426D631}
2014-09-03 06:12 - 2014-09-03 06:13 - 00000000 ____D () C:\Users\nikos\AppData\Local\{82A6B83D-1DD1-44C6-A991-9835941645A0}
2014-09-03 00:12 - 2014-09-03 00:12 - 00000000 ____D () C:\Users\nikos\AppData\Roaming\Epson
2014-09-03 00:06 - 2014-09-03 00:06 - 00000000 ____D () C:\Users\nikos\AppData\Local\ABBYY
2014-09-03 00:05 - 2014-09-11 21:56 - 00000000 ____D () C:\Program Files\ABBYY FineReader 9.0 Sprint
2014-09-03 00:05 - 2014-09-03 00:05 - 00000000 ____D () C:\ProgramData\ABBYY
2014-09-03 00:05 - 2014-09-03 00:05 - 00000000 ____D () C:\Program Files\Common Files\ABBYY
2014-09-03 00:03 - 2014-09-03 00:03 - 00002113 _____ () C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
2014-09-03 00:03 - 2014-09-03 00:03 - 00000000 ____D () C:\ProgramData\UDL
2014-09-03 00:00 - 2014-09-03 00:01 - 00000306 _____ () C:\Windows\setup.iss
2014-09-02 23:59 - 2014-09-11 21:48 - 00002344 _____ () C:\Users\Public\Desktop\Οδηγός χρήσης σε δίκτυο EPSON SX235 Series.lnk
2014-09-02 23:59 - 2014-09-11 21:48 - 00002344 _____ () C:\Users\Public\Desktop\Οδηγίες χρήστη EPSON SX235 Series.lnk
2014-09-02 23:58 - 2014-09-11 21:46 - 00000000 ____D () C:\Program Files\EPSON
2014-09-02 23:58 - 2014-09-03 00:01 - 00000000 ____D () C:\Program Files\Epson Software
2014-09-02 23:57 - 2014-09-11 21:43 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-09-02 23:57 - 2014-09-02 23:57 - 00000000 ____D () C:\Users\nikos\AppData\Roaming\InstallShield
2014-09-02 23:57 - 2014-09-02 23:57 - 00000000 ____D () C:\Program Files\EpsonNet
2014-09-02 23:57 - 2011-08-30 12:39 - 00457780 _____ (SEIKO EPSON CORPORATION) C:\Windows\System32\ensppui.dll
2014-09-02 23:57 - 2011-08-30 12:39 - 00457780 _____ (SEIKO EPSON CORPORATION) C:\Windows\System32\enppui.dll
2014-09-02 23:57 - 2011-08-30 12:38 - 00475496 _____ (SEIKO EPSON CORPORATION) C:\Windows\System32\ensppmon.dll
2014-09-02 23:57 - 2011-08-30 12:38 - 00475496 _____ (SEIKO EPSON CORPORATION) C:\Windows\System32\enppmon.dll
2014-09-02 23:57 - 2011-08-01 17:24 - 00249344 _____ (SEIKO EPSON CORPORATION) C:\Windows\System32\enspres.dll
2014-09-02 23:57 - 2011-08-01 17:24 - 00249344 _____ (SEIKO EPSON CORPORATION) C:\Windows\System32\enpres.dll
2014-09-02 22:51 - 2014-09-11 21:57 - 00000000 ____D () C:\ProgramData\EPSON
2014-09-02 22:51 - 2014-09-02 23:57 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-09-02 22:51 - 2009-09-30 17:01 - 00063488 _____ (SEIKO EPSON CORPORATION) C:\Windows\System32\E_FD4BHLE.DLL
2014-09-02 22:51 - 2008-11-11 17:00 - 00093696 _____ (SEIKO EPSON CORPORATION) C:\Windows\System32\E_FLBHLE.DLL
2014-09-02 22:51 - 2007-04-09 15:06 - 00008192 _____ (SEIKO EPSON CORP.) C:\Windows\System32\E_DCINST.DLL
2014-09-02 17:55 - 2014-09-02 17:55 - 00000000 ____D () C:\Users\nikos\AppData\Local\{E860066B-158A-4F2A-8D5F-4BE2D524EEDB}
2014-09-02 17:48 - 2014-09-12 21:07 - 00000000 ____D () C:\users\TEMP
2014-09-02 17:48 - 2013-01-31 15:58 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\TuneUp Software
2014-09-02 05:52 - 2014-09-02 05:52 - 00000000 ____D () C:\Users\nikos\AppData\Local\{6644EEE6-7799-42FD-A4A4-303DB2AEC980}
2014-09-01 14:15 - 2014-09-01 14:15 - 00067584 _____ () C:\Users\nikos\Downloads\TIME_XRONOS.pps
2014-09-01 13:48 - 2014-09-01 13:48 - 00000000 ____D () C:\Users\nikos\AppData\Local\{99ECF4FF-7929-4D98-9898-96358EBD03A2}
2014-09-01 01:06 - 2014-09-01 01:06 - 00023939 _____ () C:\Users\Dimitra\Desktop\Χωρίς τίτλο 1.odt
2014-08-31 21:09 - 2014-08-31 21:09 - 00000000 ____D () C:\Users\nikos\AppData\Local\{EBF6A0EE-24D8-4B0D-9DAE-5A037397DBC3}
2014-08-28 18:59 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-08-28 18:59 - 2014-08-23 02:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-08-27 10:17 - 2014-08-27 10:18 - 00000000 ____D () C:\Users\nikos\AppData\Local\{6FD09382-A58E-44E5-877A-179C41AA3FF5}
2014-08-26 22:17 - 2014-08-26 22:17 - 00000000 ____D () C:\Users\nikos\AppData\Local\{E0F1DCFB-E219-4025-880A-55DC64435B84}
2014-08-26 19:35 - 2014-08-26 19:35 - 00000000 ____D () C:\Program Files\AVG Security Toolbar
2014-08-26 19:34 - 2014-08-26 19:34 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
2014-08-26 10:10 - 2014-08-26 10:12 - 00000000 ____D () C:\Users\nikos\AppData\Local\{1E44F18E-6381-4711-B80F-EEE1E86DB372}
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-25 23:49 - 2014-09-25 23:49 - 00000000 ____D () C:\FRST
2014-09-25 22:40 - 2011-06-24 18:04 - 02044324 _____ () C:\Windows\WindowsUpdate.log
2014-09-25 22:37 - 2011-06-24 21:24 - 01490280 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-09-25 22:37 - 2009-07-14 06:34 - 00028288 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-25 22:37 - 2009-07-14 06:34 - 00028288 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-25 22:36 - 2009-07-14 06:39 - 00272296 _____ () C:\Windows\setupact.log
2014-09-25 22:33 - 2014-09-25 22:32 - 01100800 _____ (Farbar) C:\Users\Leonidas\Downloads\FRST.exe
2014-09-25 22:25 - 2014-09-25 22:25 - 00688992 _____ (Swearware) C:\Users\Leonidas\Downloads\dds.com
2014-09-25 21:37 - 2014-09-24 19:30 - 00000000 ____D () C:\users\TEMP.nikos-PC
2014-09-25 21:37 - 2012-11-18 14:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-25 17:29 - 2011-07-02 02:07 - 00000000 ____D () C:\Windows\System32\Drivers\AVG
2014-09-24 21:00 - 2014-08-04 19:29 - 00000000 ____D () C:\Windows\rescache
2014-09-24 19:37 - 2014-02-05 20:07 - 00000000 ____D () C:\Users\Leonidas\AppData\Local\AVG Secure Search
2014-09-24 19:36 - 2014-09-24 19:36 - 00000000 ____D () C:\Users\Leonidas\AppData\Roaming\Epson
2014-09-24 06:21 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\System32\el-GR
2014-09-24 05:47 - 2014-09-24 05:47 - 00000000 ____D () C:\Users\nikos\AppData\Local\{2ACE1DAE-ABBA-4CEC-829C-531E07C33576}
2014-09-24 05:47 - 2011-12-09 15:41 - 00000000 ____D () C:\Users\nikos\Tracing
2014-09-24 05:46 - 2012-11-04 12:07 - 00000000 ____D () C:\Users\nikos\AppData\Roaming\BrowserCompanion
2014-09-23 22:10 - 2013-02-27 14:51 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2014-09-23 22:10 - 2011-11-08 12:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2014-09-23 16:57 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\System32\FxsTmp
2014-09-23 15:12 - 2014-09-23 15:11 - 00000000 ____D () C:\Users\nikos\AppData\Local\{DCE7C296-3699-4622-988F-E1CF783354AE}
2014-09-23 00:12 - 2012-03-13 22:43 - 00000000 ___RD () C:\Users\nikos\Dropbox
2014-09-23 00:06 - 2012-03-13 22:42 - 00000000 ____D () C:\Users\nikos\AppData\Roaming\Dropbox
2014-09-22 21:05 - 2014-09-22 21:05 - 00000000 ____D () C:\Users\nikos\AppData\Local\{AADC0870-F410-491B-A011-19E825E2854B}
2014-09-22 19:08 - 2013-01-28 15:47 - 00000000 ____D () C:\Users\nikos\AppData\Roaming\Skype
2014-09-22 18:26 - 2014-09-20 16:43 - 00001017 _____ () C:\Users\nikos\Desktop\Dropbox.lnk
2014-09-22 05:52 - 2014-09-22 05:51 - 00000000 ____D () C:\Users\nikos\AppData\Local\{C7252B32-4A5F-4828-965C-2FB1BC210992}
2014-09-21 22:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\System32\NDF
2014-09-21 09:36 - 2014-09-21 09:36 - 00000000 ____D () C:\Users\nikos\AppData\Local\{CFFA1F17-C847-455A-861F-31DDADBE2ADF}
2014-09-20 14:13 - 2014-09-20 14:13 - 00000000 ____D () C:\Users\nikos\AppData\Local\{6A149AFE-5205-4266-9860-2E3CEBAD8404}
2014-09-19 18:10 - 2014-09-19 18:10 - 00000000 ____D () C:\Users\nikos\AppData\Local\{23BAD97E-F7AD-4AB2-9A1B-72D4EA5AFDD8}
2014-09-19 06:02 - 2014-09-19 06:02 - 00000000 ____D () C:\Users\nikos\AppData\Local\{C18333B2-2849-41E4-8649-4889BEA6A831}
2014-09-18 13:29 - 2014-09-18 13:28 - 00000000 ____D () C:\Users\nikos\AppData\Local\{6773B9B2-FBA4-4AC8-B612-EF6F3A84B470}
2014-09-17 19:25 - 2014-09-17 19:25 - 00000000 ____D () C:\Users\nikos\AppData\Local\{2F745894-BD7D-4C94-A521-6EEA9DB1878C}
2014-09-17 06:14 - 2014-09-17 06:14 - 00000000 ____D () C:\Users\nikos\AppData\Local\{9F74BBDF-C306-4F5D-A1C4-C6737654CE48}
2014-09-16 14:43 - 2014-09-16 14:42 - 00000000 ____D () C:\Users\nikos\AppData\Local\{5790728B-7050-475B-95CC-36207565CA93}
2014-09-15 23:04 - 2014-09-15 23:04 - 00028281 _____ () C:\Users\nikos\Documents\αγγλικά πανελληνίων.odt
2014-09-15 22:37 - 2014-09-15 22:37 - 00000000 ____D () C:\Users\nikos\AppData\Local\{1ACBDC6C-5209-40EE-894A-6CB8389C0C22}
2014-09-15 06:50 - 2014-09-15 06:50 - 00000000 ____D () C:\Users\nikos\AppData\Local\{581FBE26-BF3F-404B-9527-B2FBA393FDE1}
2014-09-14 22:06 - 2014-09-14 22:06 - 00025383 _____ () C:\Users\nikos\Desktop\ευχή κατά βασκανίας.odt
2014-09-14 12:34 - 2014-09-14 12:34 - 00000077 _____ () C:\Users\nikos\Downloads\EPK1100101314090503551559_b.txt
2014-09-14 12:33 - 2014-09-14 12:33 - 00001549 _____ () C:\Users\nikos\Downloads\EPK1100101314090503551559_a.txt
2014-09-14 09:16 - 2014-09-14 09:16 - 00000000 ____D () C:\Users\nikos\AppData\Local\{371CE70F-0B31-4A10-AD79-FC4EC2C76D27}
2014-09-13 18:37 - 2014-09-13 18:37 - 00000000 ____D () C:\Users\nikos\AppData\Local\{4EBA6468-AEC8-40A1-8842-DD8C6615AB95}
2014-09-13 15:30 - 2014-02-05 20:11 - 00002135 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-13 06:09 - 2014-09-13 06:09 - 00000000 ____D () C:\Users\nikos\AppData\Local\{2F35CD37-F175-4D19-B9B9-5ED680AF4FD5}
2014-09-12 21:07 - 2014-09-02 17:48 - 00000000 ____D () C:\users\TEMP
2014-09-12 21:07 - 2014-02-05 20:07 - 00000000 ____D () C:\users\Leonidas
2014-09-12 12:35 - 2014-09-12 12:35 - 00000000 ____D () C:\Users\nikos\AppData\Local\{5008BC3E-687F-437C-A261-B33A3459863F}
2014-09-12 11:58 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-12 00:51 - 2013-07-19 22:39 - 00000000 ____D () C:\Windows\System32\MRT
2014-09-12 00:47 - 2014-05-06 16:40 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-09-12 00:47 - 2012-01-26 18:06 - 98758480 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-09-11 21:57 - 2014-09-02 22:51 - 00000000 ____D () C:\ProgramData\EPSON
2014-09-11 21:56 - 2014-09-03 00:05 - 00000000 ____D () C:\Program Files\ABBYY FineReader 9.0 Sprint
2014-09-11 21:48 - 2014-09-02 23:59 - 00002344 _____ () C:\Users\Public\Desktop\Οδηγός χρήσης σε δίκτυο EPSON SX235 Series.lnk
2014-09-11 21:48 - 2014-09-02 23:59 - 00002344 _____ () C:\Users\Public\Desktop\Οδηγίες χρήστη EPSON SX235 Series.lnk
2014-09-11 21:46 - 2014-09-11 21:46 - 00000930 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2014-09-11 21:46 - 2014-09-02 23:58 - 00000000 ____D () C:\Program Files\EPSON
2014-09-11 21:46 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\twain_32
2014-09-11 21:43 - 2014-09-11 21:40 - 00000000 ____D () C:\Program Files\Brother
2014-09-11 21:43 - 2014-09-02 23:57 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-09-11 21:41 - 2014-09-11 21:41 - 00000050 _____ () C:\Windows\System32\bridf05a.dat
2014-09-11 21:40 - 2014-09-11 21:40 - 00000000 ____D () C:\ProgramData\Brother
2014-09-11 21:39 - 2014-09-11 21:39 - 00000000 ____D () C:\Users\nikos\Downloads\mflpro
2014-09-11 21:38 - 2014-09-11 21:37 - 35913642 _____ (A.I.SOFT,INC.) C:\Users\nikos\Downloads\115-INST-WIN7-A.EXE
2014-09-11 21:17 - 2011-06-27 14:01 - 00000000 ____D () C:\users\nikos
2014-09-11 12:54 - 2014-09-11 12:54 - 00000000 ____D () C:\Users\nikos\AppData\Local\{1000525E-8947-4A66-B66D-7973ACABA641}
2014-09-10 12:00 - 2014-09-10 12:00 - 00000000 ____D () C:\Users\nikos\AppData\Local\{4EDEF1EA-F817-4662-8E57-6C43320653E5}
2014-09-09 23:47 - 2014-09-24 05:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2014-09-09 23:43 - 2014-09-09 23:42 - 00000000 ____D () C:\Users\nikos\AppData\Local\{1DFBE101-3B92-415B-A53D-C0561E0BFA50}
2014-09-09 06:12 - 2014-09-09 06:12 - 00000000 ____D () C:\Users\nikos\AppData\Local\{91B5FA7B-BBF1-4648-AB45-71E5A2DD581E}
2014-09-08 16:44 - 2014-09-08 16:42 - 74646008 _____ (DVDVideoSoft Ltd. ) C:\Users\nikos\Downloads\FreeStudio.exe
2014-09-08 12:50 - 2014-09-08 12:50 - 00000000 ____D () C:\Users\nikos\AppData\Local\{23443B71-2BE6-440A-A698-4DEDCF44DFEE}
2014-09-07 22:10 - 2014-09-07 22:10 - 00000000 ____D () C:\Users\nikos\AppData\Local\{DF7649A2-17D0-4BBD-9031-3BE856B5F0FC}
2014-09-07 10:03 - 2014-09-07 10:03 - 00000000 ____D () C:\Users\nikos\AppData\Local\{0E4D7C6F-D1E8-46F8-9E2F-2A9C935DECD4}
2014-09-07 01:05 - 2014-09-07 01:05 - 00000000 ____D () C:\Users\nikos\AppData\Local\Skype
2014-09-07 01:04 - 2014-09-07 01:04 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-07 01:04 - 2013-01-28 15:47 - 00002507 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-07 01:04 - 2013-01-28 15:47 - 00000000 ___RD () C:\Program Files\Skype
2014-09-07 01:04 - 2013-01-28 15:47 - 00000000 ____D () C:\ProgramData\Skype
2014-09-07 01:03 - 2014-09-07 01:03 - 01678440 _____ (Skype Technologies S.A.) C:\Users\nikos\Downloads\SkypeSetup (1).exe
2014-09-06 22:03 - 2014-09-06 22:02 - 00000000 ____D () C:\Users\nikos\AppData\Local\{B2C674DD-A6E0-4BB0-BD06-0066F205D09C}
2014-09-06 06:53 - 2014-09-06 06:53 - 00000000 ____D () C:\Users\nikos\AppData\Local\{92FF930F-864E-4D30-B774-778B7213B8CF}
2014-09-05 14:35 - 2014-09-05 14:34 - 00000000 ____D () C:\Users\nikos\AppData\Local\{C3D6D988-F058-4166-98CD-2DFE37E1FE9D}
2014-09-05 03:52 - 2014-09-11 23:46 - 00445952 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-09-05 03:47 - 2014-09-11 23:46 - 00302592 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-09-04 20:26 - 2014-09-04 20:26 - 00000000 ____D () C:\Users\nikos\AppData\Local\{169F129B-BD41-40F6-9AFA-94DF2EF3F242}
2014-09-04 16:01 - 2014-09-04 16:01 - 00008441 _____ () C:\Users\nikos\Desktop\ΚΑΡΤΕΛΑ ΕΡΓΑΖΟΜΕΝΟΥ ΚΩΝΣΤΑΝΤΙΝΙΔΗΣ ΝΙΚΟΣ.xlsx
2014-09-04 16:01 - 2014-09-04 16:01 - 00000095 ____H () C:\Users\nikos\Desktop\.~lock.ΚΑΡΤΕΛΑ ΕΡΓΑΖΟΜΕΝΟΥ ΚΩΝΣΤΑΝΤΙΝΙΔΗΣ ΝΙΚΟΣ.xlsx#
2014-09-04 15:43 - 2014-09-04 15:43 - 00013992 _____ () C:\Users\nikos\Downloads\ΚΑΡΤΕΛΑ ΕΡΓΑΖΟΜΕΝΟΥ βαγγελη.xlsx
2014-09-04 08:25 - 2014-09-04 08:25 - 00000000 ____D () C:\Users\nikos\AppData\Local\{F877FCA6-FCE3-4E22-9DCA-8B3A5BF4A803}
2014-09-03 18:36 - 2014-09-03 18:36 - 00000000 ____D () C:\Users\nikos\AppData\Local\{E9EB6D4A-5F63-446E-9A31-50F55426D631}
2014-09-03 06:13 - 2014-09-03 06:12 - 00000000 ____D () C:\Users\nikos\AppData\Local\{82A6B83D-1DD1-44C6-A991-9835941645A0}
2014-09-03 00:18 - 2011-11-10 10:55 - 00070590 _____ () C:\Windows\PFRO.log
2014-09-03 00:12 - 2014-09-03 00:12 - 00000000 ____D () C:\Users\nikos\AppData\Roaming\Epson
2014-09-03 00:06 - 2014-09-03 00:06 - 00000000 ____D () C:\Users\nikos\AppData\Local\ABBYY
2014-09-03 00:05 - 2014-09-03 00:05 - 00000000 ____D () C:\ProgramData\ABBYY
2014-09-03 00:05 - 2014-09-03 00:05 - 00000000 ____D () C:\Program Files\Common Files\ABBYY
2014-09-03 00:03 - 2014-09-03 00:03 - 00002113 _____ () C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
2014-09-03 00:03 - 2014-09-03 00:03 - 00000000 ____D () C:\ProgramData\UDL
2014-09-03 00:01 - 2014-09-03 00:00 - 00000306 _____ () C:\Windows\setup.iss
2014-09-03 00:01 - 2014-09-02 23:58 - 00000000 ____D () C:\Program Files\Epson Software
2014-09-02 23:57 - 2014-09-02 23:57 - 00000000 ____D () C:\Users\nikos\AppData\Roaming\InstallShield
2014-09-02 23:57 - 2014-09-02 23:57 - 00000000 ____D () C:\Program Files\EpsonNet
2014-09-02 23:57 - 2014-09-02 22:51 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-09-02 17:55 - 2014-09-02 17:55 - 00000000 ____D () C:\Users\nikos\AppData\Local\{E860066B-158A-4F2A-8D5F-4BE2D524EEDB}
2014-09-02 05:52 - 2014-09-02 05:52 - 00000000 ____D () C:\Users\nikos\AppData\Local\{6644EEE6-7799-42FD-A4A4-303DB2AEC980}
2014-09-01 14:15 - 2014-09-01 14:15 - 00067584 _____ () C:\Users\nikos\Downloads\TIME_XRONOS.pps
2014-09-01 13:48 - 2014-09-01 13:48 - 00000000 ____D () C:\Users\nikos\AppData\Local\{99ECF4FF-7929-4D98-9898-96358EBD03A2}
2014-09-01 01:06 - 2014-09-01 01:06 - 00023939 _____ () C:\Users\Dimitra\Desktop\Χωρίς τίτλο 1.odt
2014-08-31 21:09 - 2014-08-31 21:09 - 00000000 ____D () C:\Users\nikos\AppData\Local\{EBF6A0EE-24D8-4B0D-9DAE-5A037397DBC3}
2014-08-29 02:18 - 2009-07-14 06:33 - 00291912 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-08-27 15:25 - 2011-12-13 21:09 - 00000000 ____D () C:\Users\nikos\Documents\Ληφθέντα αρχεία
2014-08-27 10:18 - 2014-08-27 10:17 - 00000000 ____D () C:\Users\nikos\AppData\Local\{6FD09382-A58E-44E5-877A-179C41AA3FF5}
2014-08-26 22:17 - 2014-08-26 22:17 - 00000000 ____D () C:\Users\nikos\AppData\Local\{E0F1DCFB-E219-4025-880A-55DC64435B84}
2014-08-26 19:35 - 2014-08-26 19:35 - 00000000 ____D () C:\Program Files\AVG Security Toolbar
2014-08-26 19:34 - 2014-08-26 19:34 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
2014-08-26 10:12 - 2014-08-26 10:10 - 00000000 ____D () C:\Users\nikos\AppData\Local\{1E44F18E-6381-4711-B80F-EEE1E86DB372}
 
Some content of TEMP:
====================
C:\Users\nikos\AppData\Local\Temp\avguidx.dll
C:\Users\nikos\AppData\Local\Temp\cci.exe
C:\Users\nikos\AppData\Local\Temp\CommonInstaller.exe
C:\Users\nikos\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkzmbwj.dll
C:\Users\nikos\AppData\Local\Temp\ffunzip.exe
C:\Users\nikos\AppData\Local\Temp\GLF4621.tmp.ConduitEngineSetup.exe
C:\Users\nikos\AppData\Local\Temp\iGearedHelper.dll
C:\Users\nikos\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\nikos\AppData\Local\Temp\MsgPlusUninstall.exe
C:\Users\nikos\AppData\Local\Temp\prxGLF4621.tmp.tbDVDV.dll
C:\Users\nikos\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_32.exe
C:\Users\nikos\AppData\Local\Temp\simbo.exe
C:\Users\nikos\AppData\Local\Temp\SkypeSetup.exe
C:\Users\nikos\AppData\Local\Temp\SQLite.dll
C:\Users\nikos\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\nikos\AppData\Local\Temp\Update_8d42.exe
 
 
==================== Known DLLs (Whitelisted) ============
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== Restore Points  =========================
 
Restore point made on: 2014-09-12 14:05:03
Restore point made on: 2014-09-19 18:09:34
Restore point made on: 2014-09-24 06:21:26
 
==================== Memory info =========================== 
 
Percentage of memory in use: 13%
Total physical RAM: 4095.18 MB
Available physical RAM: 3557.93 MB
Total Pagefile: 4093.46 MB
Available Pagefile: 3565.26 MB
Total Virtual: 2047.88 MB
Available Virtual: 1949.46 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:80.08 GB) (Free:7.17 GB) NTFS
Drive e: () (Fixed) (Total:618.46 GB) (Free:600.72 GB) NTFS
Drive g: () (Removable) (Total:3.7 GB) (Free:2.33 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (Δεσμευμένο από το σύστημα) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 38712E98)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=80.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=618.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 011AFEC7)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0B)
 
 
LastRegBack: 2014-09-16 15:08
 
==================== End Of Log ============================


BC AdBot (Login to Remove)

 


m

#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,807 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:06:53 AM

Posted 26 September 2014 - 01:55 PM

:welcome:

 

Lets check the disk's configuration.
 
Please download  Listparts to a flash drive.
 
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 
Plug the flashdrive into the infected PC.
 
From an Off position in the computer, enter the System Recovery Options.
 
To enter the System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Click on  Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:
 


Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\ListParts.exe (for x64 bit version type e:\ListParts64.exe)  and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Put check mark on List BCD.
  • Press Scan button.
  • It will make a log (Result.txt) in the flash drive. Please copy and paste it to your reply.

Edited by JSntgRvr, 26 September 2014 - 01:56 PM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 dimi1975

dimi1975
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:53 PM

Posted 26 September 2014 - 05:56 PM

According to your commands, the result is (there are some greek words incide, let me know if you need translation):

 

ListParts by Farbar Version: 31-07-2014
Ran by SYSTEM (administrator) on 27-09-2014 at 01:52:00
Windows 7 (X86)
Running From: G:\
Language: Ελληνικά (Ελλάδας)
************************************************************
 
========================= Memory info ====================== 
 
Percentage of memory in use: 9%
Total physical RAM: 4095.18 MB
Available physical RAM: 3699.64 MB
Total Pagefile: 4093.46 MB
Available Pagefile: 3693.2 MB
Total Virtual: 2047.88 MB
Available Virtual: 1987.33 MB
 
======================= Partitions =========================
 
1 Drive c: (Δεσμευμένο από το σύστημα) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: () (Fixed) (Total:80.08 GB) (Free:5.97 GB) NTFS
3 Drive e: () (Fixed) (Total:618.46 GB) (Free:600.72 GB) NTFS
5 Drive g: (IST SA) (Removable) (Total:3.73 GB) (Free:3.72 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
 
¤¬£« ΅α › ΅ 飫 © 1999-2008 ‘«¦¤ ¬§¦Ά¦ ©«γ: MININT-GL3Q8FH
 
  ƒε©΅¦ ###  ‰«α©«©   ‹β¦  „Άη¨¦ ®ι¨¦  Dyn  Gpt
  ----------  ----------  -------  ---------------  ---  ---
  ƒε©΅¦ 0    ‹ ©η¤›©   698 GB              0 B         
  ƒε©΅¦ 1    ‹ ©η¤›©  3824 MB              0 B         
 
‰Άε© £¦ «¦¬ DiskPart...
 
============================== MBR Partition Table ==================
 
 
ƒ ®ε¨ © ΅΅ε¤© «ΰ¤ Windows
--------------------------------
¤¤ΰ¨ ©« ΅ζ           {bootmgr}
device                  partition=C:
path                    \bootmgr
description             Windows Boot Manager
locale                  el-GR
inherit                 {globalsettings}
default                 {default}
resumeobject            {1e4d1e4f-a89f-11de-b6c8-f1bd8a2d44bf}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30
 
¨ζ¨££ ­ζ¨«ΰ© ΅΅ε¤© «ΰ¤ Windows
----------------------------------------
¤¤ΰ¨ ©« ΅ζ           {1e4d1e4d-a89f-11de-b6c8-f1bd8a2d44bf}
device                  ramdisk=[D:]\Recovery\1e4d1e4d-a89f-11de-b6c8-f1bd8a2d44bf\Winre.wim,{1e4d1e4e-a89f-11de-b6c8-f1bd8a2d44bf}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[D:]\Recovery\1e4d1e4d-a89f-11de-b6c8-f1bd8a2d44bf\Winre.wim,{1e4d1e4e-a89f-11de-b6c8-f1bd8a2d44bf}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
¨ζ¨££ ­ζ¨«ΰ© ΅΅ε¤© «ΰ¤ Windows
----------------------------------------
¤¤ΰ¨ ©« ΅ζ           {default}
device                  partition=D:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  el-GR
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
osdevice                partition=D:
systemroot              \Windows
resumeobject            {1e4d1e4f-a89f-11de-b6c8-f1bd8a2d44bf}
nx                      OptIn
 
¨ζ¨££ ­ζ¨«ΰ© ΅΅ε¤© «ΰ¤ Windows
----------------------------------------
¤¤ΰ¨ ©« ΅ζ           {current}
device                  ramdisk=[D:]\Recovery\1e4d1e51-a89f-11de-b6c8-f1bd8a2d44bf\Winre.wim,{1e4d1e52-a89f-11de-b6c8-f1bd8a2d44bf}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[D:]\Recovery\1e4d1e51-a89f-11de-b6c8-f1bd8a2d44bf\Winre.wim,{1e4d1e52-a89f-11de-b6c8-f1bd8a2d44bf}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
‘¬¤β® §ζ ›¨¤¦§¦ε©
-------------------------
¤¤ΰ¨ ©« ΅ζ           {1e4d1e4f-a89f-11de-b6c8-f1bd8a2d44bf}
device                  partition=D:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  el-GR
inherit                 {resumeloadersettings}
filedevice              partition=D:
filepath                \hiberfil.sys
pae                     Yes
debugoptionenabled      No
 
ƒ¦΅ £γ £¤γ£ «ΰ¤ Windows
-------------------------
¤¤ΰ¨ ©« ΅ζ           {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             ƒ ¤ΰ©« ΅α £¤γ£ «ΰ¤ Windows
locale                  el-GR
inherit                 {globalsettings}
badmemoryaccess         Yes
 
¬£ε© EMS
-------------
¤¤ΰ¨ ©« ΅ζ           {emssettings}
bootems                 Yes
 
¬£ε© ¤«¦§ ©£¦η ©­Ά£α«ΰ¤
------------------------------
¤¤ΰ¨ ©« ΅ζ           {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
„Ά««ι£« RAM
--------------
¤¤ΰ¨ ©« ΅ζ           {badmemory}
 
‰¦Ά ΅β ¨¬£ε©
-------------------
¤¤ΰ¨ ©« ΅ζ           {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
¬£ε© §¨¦¨α££«¦ ­ζ¨«ΰ© ΅΅ε¤©
-----------------------------------------
¤¤ΰ¨ ©« ΅ζ           {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
¬£ε© ¬§¨§ζ§«
-------------------
¤¤ΰ¨ ©« ΅ζ           {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
¬£ε© §¨¦¨α££«¦ ­ζ¨«ΰ© ©¬¤β® ©
-----------------------------------------
¤¤ΰ¨ ©« ΅ζ           {resumeloadersettings}
inherit                 {globalsettings}
 
„§ Ά¦β ©¬©΅¬γ
-----------------
¤¤ΰ¨ ©« ΅ζ           {1e4d1e4e-a89f-11de-b6c8-f1bd8a2d44bf}
description             Ramdisk Options
ramdisksdidevice        partition=D:
ramdisksdipath          \Recovery\1e4d1e4d-a89f-11de-b6c8-f1bd8a2d44bf\boot.sdi
 
„§ Ά¦β ©¬©΅¬γ
-----------------
¤¤ΰ¨ ©« ΅ζ           {1e4d1e52-a89f-11de-b6c8-f1bd8a2d44bf}
description             Ramdisk Options
ramdisksdidevice        partition=D:
ramdisksdipath          \Recovery\1e4d1e51-a89f-11de-b6c8-f1bd8a2d44bf\boot.sdi
 
 
****** End Of Log ****** 


#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,807 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:06:53 AM

Posted 26 September 2014 - 10:04 PM

Boot the computer to the Recovery Command prompt. At the prompt type the following and press Enter:

 

CHKDSK D: /R

 

Leave a space among the following arguments:

 

CHKDSK

D:

/R

 

If successful, boot in Normal Mode and let me know the outcome.

 

If unsuccessful, boot back to the Recovery Command prompt. At the prompt type the following and press Enter:

 

SFC /SCANNOW /OFFBOOTDIR=C:\ /OFFWINDIR=D:\Windows

 

Leave a space among the following arguments:

 

SFC

/SCANNOW

/OFFBOOTDIR=C:\

/OFFWINDIR=D:\Windows

 

Retry and let me know the outcome.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 dimi1975

dimi1975
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:53 PM

Posted 02 October 2014 - 10:10 AM

Concerning the first part, the whole procedure was successful. There were many numbers. Some of the result was "Windows examined and detected problems in the file system" and at the end "The transfer of recorded messages the recording file event 0 failed" -> No meaning in english, neither what I can read in greek.

 

So I booted but I had still the same system reaction as in the beginning of this topic.



#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,807 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:06:53 AM

Posted 02 October 2014 - 08:39 PM

How about the Second part?
 
From your statement above, you where able to logon to one of the temp profiles. Please run FRST64 while logged in that account if possible.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • Another two logs (Addition.txt and Shortcut.txt) will be created. Please attach these to your reply.

In addition, while logged in that account, bring the computer to an administrator command prompt if possible. Click on Start, type CMD, at the top of the start menu, right click the CMD command and select Run as an Administrator. At the prompt type the following and press Enter:
 
net user administrator /active:yes
 
Let me know if all this is possible.


Edited by JSntgRvr, 02 October 2014 - 08:40 PM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#7 dimi1975

dimi1975
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:53 PM

Posted 04 October 2014 - 04:02 AM

The second part was the boot. I didn't try the "if unsuccessful..."way because  the first part was successful.

 

About the new instructions, do you want me to boot to the Recovery Command Prompt or just login to user's account (no admin) and open cmd and do your instructions?

 

Concerning opening "administrator command prompt", as I remember it didn't let me do anything as an administrator. It asked me the password and when I put it, it informed that there was nothing like I searched in administrator (problem with the path).



#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,807 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:06:53 AM

Posted 04 October 2014 - 08:35 PM

The second part was the boot. I didn't try the "if unsuccessful..."way because  the first part was successful.
 
About the new instructions, do you want me to boot to the Recovery Command Prompt or just login to user's account (no admin) and open cmd and do your instructions?
 
Concerning opening "administrator command prompt", as I remember it didn't let me do anything as an administrator. It asked me the password and when I put it, it informed that there was nothing like I searched in administrator (problem with the path).

Try the instructions on post #6 logged to the account that allows you to logon and let me know the outcome.

Edited by JSntgRvr, 04 October 2014 - 08:57 PM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#9 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,807 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:06:53 AM

Posted 04 October 2014 - 09:19 PM

In addition, Download the enclosed file. [attachment=155783:Fixlist.txt]

Save it in the same location FRST is saved.

Run FRST in any mode, except that this time around, click on the Fix button and wait.

The tool will make a log in the same location FRST is saved (Fixlog.txt), Please post it to your reply.

This is to obtain information about the user profiles and the User Control Feature.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#10 dimi1975

dimi1975
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:53 PM

Posted 05 October 2014 - 08:48 AM

I haven't checked shortcuts.txt so I don't have this file. Let me know if you need it too and so I will scan again. I post you here: addition.txt, frst.txt and fixlog.txt.
 
Is it safe to post all these public?
 
 
Addition.txt:
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-09-2014 01
Ran by Leonidas at 2014-10-05 16:28:49
Running from C:\Users\Leonidas\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.2) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
AVG 2012 (HKLM\...\AVG) (Version: 2012.1.2247 - AVG Technologies)
AVG 2012 (Version: 12.0.4031 - AVG Technologies) Hidden
AVG 2012 (Version: 12.1.2247 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.1.9.799 - AVG Technologies)
Babylon toolbar on IE (HKLM\...\BabylonToolbar) (Version:  - ) <==== ATTENTION
BrowserCompanion (HKLM\...\BrowserCompanion) (Version:  - ) <==== ATTENTION
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DVDVideoSoftTB Toolbar (HKLM\...\DVDVideoSoftTB Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB)
Epson Easy Photo Print 2 (HKLM\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX235 Series Printer Uninstall (HKLM\...\EPSON SX235 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
eToken PKI Client 5.1 SP1 (HKLM\...\{3909BE71-2D8F-42D2-BA46-3831B60CFD0F}) (Version: 5.1.66.0 - Aladdin Knowledge Systems Ltd.)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Free Studio version 5.2.1 (HKLM\...\Free Studio_is1) (Version:  - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.0.128 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.0.128 - DVDVideoSoft Ltd.)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LibreOffice 3.3 (HKLM\...\{3D33A4EB-957B-4212-BF0D-7F7FB02F1BE3}) (Version: 3.3.301 - LibreOffice)
LibreOffice 3.3 Help Pack (Greek) (HKLM\...\{904D16A5-836C-4805-8A13-D4264E0BE0D5}) (Version: 3.3.301 - LibreOffice)
MATZENTA SchoolBook 2011-'12 (HKLM\...\schoolbook_is1) (Version:  - MATZENTA LTD)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (ELL) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Ελληνικά) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1032) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA Πρόγραμμα οδήγησης 3D Vision 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Πρόγραμμα οδήγησης γραφικών 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.20 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SopCast 3.8.3 (HKLM\...\SopCast) (Version: 3.8.3 - www.sopcast.com)
SweetIM for Messenger 3.6 (HKLM\...\{A81A974F-8A22-43E6-9243-5198FF758DA1}) (Version: 3.6.0002 - SweetIM Technologies Ltd.) <==== ATTENTION
V.M.C. 2.20 (HKLM\...\V.M.C.) (Version: 2.20 - LagoLento)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ενημερώσεις NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Οδηγίες χρήστη EPSON SX235 Series (HKLM\...\EPSON SX235 Series Useg) (Version:  - )
Οδηγός χρήσης σε δίκτυο EPSON SX235 Series (HKLM\...\EPSON SX235 Series Netg) (Version:  - )
Πίνακας Ελέγχου NVIDIA 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
Could not list Restore Points. Check "winmgmt" service or repair WMI.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 05:04 - 2009-06-11 00:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => ?
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => ?
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3920034831-313251250-827750339-1000Core.job => ?
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3920034831-313251250-827750339-1000UA.job => ?
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3920034831-313251250-827750339-1005Core.job => ?
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3920034831-313251250-827750339-1005UA.job => ?
Task: C:\Windows\Tasks\FoxTab.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
 
==================== Loaded Modules (whitelisted) =============
 
2011-08-07 14:54 - 2011-08-07 14:54 - 00362029 _____ () C:\Program Files\BrowserCompanion\sqlite3.dll
2012-03-04 19:17 - 2014-08-25 19:12 - 02640408 _____ () C:\Program Files\AVG Secure Search\vprot.exe
2014-08-12 16:22 - 2014-08-12 16:21 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2007-03-27 20:04 - 2007-03-27 20:04 - 01466368 ____R () C:\Program Files\Aladdin\eToken\PKIClient\x32\QtCore4.dll
2007-03-27 20:04 - 2007-03-27 20:04 - 05529600 ____R () C:\Program Files\Aladdin\eToken\PKIClient\x32\QtGui4.dll
2007-03-29 15:11 - 2007-03-29 15:11 - 00217088 _____ () C:\Program Files\Aladdin\eToken\PKIClient\x32\QtXml4.dll
2007-03-27 20:06 - 2007-03-27 20:06 - 00131072 ____R () C:\Program Files\Aladdin\eToken\PKIClient\x32\plugins\imageformats\qjpeg1.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-3920034831-313251250-827750339-500 -> Administrator - Disabled - Status: Degraded)
Dimitra (S-1-5-21-3920034831-313251250-827750339-1005 -> Limited - Enabled - Status: OK) => C:\Users\TEMP
Guest (S-1-5-21-3920034831-313251250-827750339-501 -> Limited - Disabled - Status: Degraded)
HomeGroupUser$ (S-1-5-21-3920034831-313251250-827750339-1002 -> Limited - Enabled - Status: OK)
Leonidas (S-1-5-21-3920034831-313251250-827750339-1004 -> Limited - Enabled - Status: OK) => C:\Users\Leonidas
nikos (S-1-5-21-3920034831-313251250-827750339-1000 -> Administrator - Enabled - Status: OK) => C:\Users\TEMP.nikos-PC
UpdatusUser (S-1-5-21-3920034831-313251250-827750339-1003 -> Limited - Enabled - Status: OK) => C:\Users\UpdatusUser
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/01/2014 11:55:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Σφάλμα υπηρεσίας σκιωδών αντιγράφων τόμου: Μη αναμενόμενο σφάλμα κατά την κλήση της ρουτίνας ConvertStringSidToSid(S-1-5-21-3920034831-313251250-827750339-1000.bak).  hr = 0x80070539, Η δομή του αναγνωριστικού ασφάλειας δεν είναι έγκυρη.
.
 
 
Λειτουργία:
   Συμβάν OnIdentify
   Συγκέντρωση δεδομένων συσκευής εγγραφής
 
Περιβάλλον:
   Περιβάλλον εκτέλεσης: Shadow Copy Optimization Writer
   Αναγνωριστικό κλάσης συσκευής εγγραφής: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Όνομα συσκευής εγγραφής: Shadow Copy Optimization Writer
   Αναγνωριστικό παρουσίας συσκευής εγγραφής: {dbdf7433-7f2b-404d-9efc-3175690999dd}
 
Error: (10/01/2014 08:50:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Όνομα ελαττωματικής εφαρμογής GoogleUpdate.exe, έκδοση 1.3.21.103, χρονική σήμανση 0x4f3c6d6c
Όνομα ελαττωματικής λειτουργικής μονάδας ntdll.dll, έκδοση 6.1.7601.18247, χρονική σήμανση 0x521ea91c
Κωδικός εξαίρεσης: 0xc0000005
Μετατόπιση σφάλματος: 0x00034d60
Αναγνωριστικό ελαττωματικής διεργασίας: 0x14d8
Χρόνος έναρξης ελαττωματικής εφαρμογής: 0xGoogleUpdate.exe0
Διαδρομή ελαττωματικής εφαρμογής: GoogleUpdate.exe1
Διαδρομή ελλατωματικής λειτουργικής μονάδας:GoogleUpdate.exe2
Αναγνωριστικό αναφοράς:GoogleUpdate.exe3
 
Error: (10/01/2014 05:01:55 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Σφάλμα υπηρεσίας σκιωδών αντιγράφων τόμου: Μη αναμενόμενο σφάλμα κατά την κλήση της ρουτίνας ConvertStringSidToSid(S-1-5-21-3920034831-313251250-827750339-1000.bak).  hr = 0x80070539, Η δομή του αναγνωριστικού ασφάλειας δεν είναι έγκυρη.
.
 
 
Λειτουργία:
   Συμβάν OnIdentify
   Συγκέντρωση δεδομένων συσκευής εγγραφής
 
Περιβάλλον:
   Περιβάλλον εκτέλεσης: Shadow Copy Optimization Writer
   Αναγνωριστικό κλάσης συσκευής εγγραφής: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Όνομα συσκευής εγγραφής: Shadow Copy Optimization Writer
   Αναγνωριστικό παρουσίας συσκευής εγγραφής: {b7c20bb0-45d8-42ea-9d44-6172155ad441}
 
Error: (09/30/2014 02:55:14 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: nikos-PC)
Description: Τα Windows δεν είναι δυνατό να σας συνδέσουν, επειδή δεν είναι δυνατή η φόρτωση του προφίλ σας. Βεβαιωθείτε ότι είστε συνδεδεμένοι στο δίκτυο και ότι το δίκτυό σας λειτουργεί σωστά. 
 
 ΛΕΠΤΟΜΕΡΕΙΑ - Δεν επιτρέπεται η πρόσβαση.
 
Error: (09/30/2014 02:54:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: nikos-PC)
Description: Τα Windows δεν είναι δυνατό να σας συνδέσουν, επειδή δεν είναι δυνατή η φόρτωση του προφίλ σας. Βεβαιωθείτε ότι είστε συνδεδεμένοι στο δίκτυο και ότι το δίκτυό σας λειτουργεί σωστά. 
 
 ΛΕΠΤΟΜΕΡΕΙΑ - Δεν επιτρέπεται η πρόσβαση.
 
Error: (09/29/2014 03:09:45 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: nikos-PC)
Description: Τα Windows δεν είναι δυνατό να σας συνδέσουν, επειδή δεν είναι δυνατή η φόρτωση του προφίλ σας. Βεβαιωθείτε ότι είστε συνδεδεμένοι στο δίκτυο και ότι το δίκτυό σας λειτουργεί σωστά. 
 
 ΛΕΠΤΟΜΕΡΕΙΑ - Δεν επιτρέπεται η πρόσβαση.
 
Error: (09/28/2014 11:51:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Το πρόγραμμα soffice.bin έκδοση 3.3.301.500 σταμάτησε να αλληλεπιδρά με τα Windows και έκλεισε. Για να δείτε αν υπάρχουν διαθέσιμες περισσότερες πληροφορίες για το πρόβλημα, ελέγξτε το ιστορικό του προβλήματος στον πίνακα ελέγχου του Κέντρου ενεργειών.
 
Αναγνωριστικό διεργασίας: 16dc
 
Ώρα έναρξης: 01cfdb53ca8780de
 
Ώρα τερματισμού: 5579
 
Διαδρομή εφαρμογής: C:\Program Files\LibreOffice 3\program\soffice.bin
 
Αναγνωριστικό αναφοράς: 381a1048-4751-11e4-b990-002421f04483
 
Error: (09/27/2014 11:52:48 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: nikos-PC)
Description: Τα Windows δεν είναι δυνατό να σας συνδέσουν, επειδή δεν είναι δυνατή η φόρτωση του προφίλ σας. Βεβαιωθείτε ότι είστε συνδεδεμένοι στο δίκτυο και ότι το δίκτυό σας λειτουργεί σωστά. 
 
 ΛΕΠΤΟΜΕΡΕΙΑ - Δεν επιτρέπεται η πρόσβαση.
 
Error: (09/26/2014 06:31:19 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: nikos-PC)
Description: Τα Windows δεν είναι δυνατό να σας συνδέσουν, επειδή δεν είναι δυνατή η φόρτωση του προφίλ σας. Βεβαιωθείτε ότι είστε συνδεδεμένοι στο δίκτυο και ότι το δίκτυό σας λειτουργεί σωστά. 
 
 ΛΕΠΤΟΜΕΡΕΙΑ - Δεν επιτρέπεται η πρόσβαση.
 
Error: (09/26/2014 06:30:40 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: nikos-PC)
Description: Τα Windows δεν είναι δυνατό να σας συνδέσουν, επειδή δεν είναι δυνατή η φόρτωση του προφίλ σας. Βεβαιωθείτε ότι είστε συνδεδεμένοι στο δίκτυο και ότι το δίκτυό σας λειτουργεί σωστά. 
 
 ΛΕΠΤΟΜΕΡΕΙΑ - Δεν επιτρέπεται η πρόσβαση.
 
 
System errors:
=============
Error: (10/05/2014 04:05:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας NVIDIA Update Service Daemon εξαιτίας του ακόλουθου σφάλματος: 
%%1069
 
Error: (10/05/2014 04:05:03 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Δεν ήταν δυνατή η σύνδεση της υπηρεσίας nvUpdatusService ως .\UpdatusUser με την τρέχουσα ρύθμιση κωδικού πρόσβασης λόγω του ακόλουθου σφάλματος: 
%%1330
 
Για να βεβαιωθείτε ότι οι παράμετροι της υπηρεσίας είναι σωστά ρυθμισμένες, χρησιμοποιήστε το συμπληρωματικό πρόγραμμα υπηρεσιών της κονσόλας διαχείρισης της Microsoft (MMC).
 
Error: (10/05/2014 11:27:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας NVIDIA Update Service Daemon εξαιτίας του ακόλουθου σφάλματος: 
%%1069
 
Error: (10/05/2014 11:27:08 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Δεν ήταν δυνατή η σύνδεση της υπηρεσίας nvUpdatusService ως .\UpdatusUser με την τρέχουσα ρύθμιση κωδικού πρόσβασης λόγω του ακόλουθου σφάλματος: 
%%1330
 
Για να βεβαιωθείτε ότι οι παράμετροι της υπηρεσίας είναι σωστά ρυθμισμένες, χρησιμοποιήστε το συμπληρωματικό πρόγραμμα υπηρεσιών της κονσόλας διαχείρισης της Microsoft (MMC).
 
Error: (10/04/2014 08:45:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας NVIDIA Update Service Daemon εξαιτίας του ακόλουθου σφάλματος: 
%%1069
 
Error: (10/04/2014 08:45:22 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Δεν ήταν δυνατή η σύνδεση της υπηρεσίας nvUpdatusService ως .\UpdatusUser με την τρέχουσα ρύθμιση κωδικού πρόσβασης λόγω του ακόλουθου σφάλματος: 
%%1330
 
Για να βεβαιωθείτε ότι οι παράμετροι της υπηρεσίας είναι σωστά ρυθμισμένες, χρησιμοποιήστε το συμπληρωματικό πρόγραμμα υπηρεσιών της κονσόλας διαχείρισης της Microsoft (MMC).
 
Error: (10/03/2014 02:25:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας NVIDIA Update Service Daemon εξαιτίας του ακόλουθου σφάλματος: 
%%1069
 
Error: (10/03/2014 02:25:00 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Δεν ήταν δυνατή η σύνδεση της υπηρεσίας nvUpdatusService ως .\UpdatusUser με την τρέχουσα ρύθμιση κωδικού πρόσβασης λόγω του ακόλουθου σφάλματος: 
%%1330
 
Για να βεβαιωθείτε ότι οι παράμετροι της υπηρεσίας είναι σωστά ρυθμισμένες, χρησιμοποιήστε το συμπληρωματικό πρόγραμμα υπηρεσιών της κονσόλας διαχείρισης της Microsoft (MMC).
 
Error: (10/03/2014 06:54:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας NVIDIA Update Service Daemon εξαιτίας του ακόλουθου σφάλματος: 
%%1069
 
Error: (10/03/2014 06:54:02 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Δεν ήταν δυνατή η σύνδεση της υπηρεσίας nvUpdatusService ως .\UpdatusUser με την τρέχουσα ρύθμιση κωδικού πρόσβασης λόγω του ακόλουθου σφάλματος: 
%%1330
 
Για να βεβαιωθείτε ότι οι παράμετροι της υπηρεσίας είναι σωστά ρυθμισμένες, χρησιμοποιήστε το συμπληρωματικό πρόγραμμα υπηρεσιών της κονσόλας διαχείρισης της Microsoft (MMC).
 
 
Microsoft Office Sessions:
=========================
Error: (10/01/2014 11:55:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-3920034831-313251250-827750339-1000.bak)0x80070539, Η δομή του αναγνωριστικού ασφάλειας δεν είναι έγκυρη.
 
 
Λειτουργία:
   Συμβάν OnIdentify
   Συγκέντρωση δεδομένων συσκευής εγγραφής
 
Περιβάλλον:
   Περιβάλλον εκτέλεσης: Shadow Copy Optimization Writer
   Αναγνωριστικό κλάσης συσκευής εγγραφής: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Όνομα συσκευής εγγραφής: Shadow Copy Optimization Writer
   Αναγνωριστικό παρουσίας συσκευής εγγραφής: {dbdf7433-7f2b-404d-9efc-3175690999dd}
 
Error: (10/01/2014 08:50:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GoogleUpdate.exe1.3.21.1034f3c6d6cntdll.dll6.1.7601.18247521ea91cc000000500034d6014d801cfdd9edec0a533C:\Program Files\Google\Update\GoogleUpdate.exeC:\Windows\SYSTEM32\ntdll.dll6730fcf3-4993-11e4-be04-002421f04483
 
Error: (10/01/2014 05:01:55 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-3920034831-313251250-827750339-1000.bak)0x80070539, Η δομή του αναγνωριστικού ασφάλειας δεν είναι έγκυρη.
 
 
Λειτουργία:
   Συμβάν OnIdentify
   Συγκέντρωση δεδομένων συσκευής εγγραφής
 
Περιβάλλον:
   Περιβάλλον εκτέλεσης: Shadow Copy Optimization Writer
   Αναγνωριστικό κλάσης συσκευής εγγραφής: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Όνομα συσκευής εγγραφής: Shadow Copy Optimization Writer
   Αναγνωριστικό παρουσίας συσκευής εγγραφής: {b7c20bb0-45d8-42ea-9d44-6172155ad441}
 
Error: (09/30/2014 02:55:14 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: nikos-PC)
Description: Δεν επιτρέπεται η πρόσβαση.
 
Error: (09/30/2014 02:54:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: nikos-PC)
Description: Δεν επιτρέπεται η πρόσβαση.
 
Error: (09/29/2014 03:09:45 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: nikos-PC)
Description: Δεν επιτρέπεται η πρόσβαση.
 
Error: (09/28/2014 11:51:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: soffice.bin3.3.301.50016dc01cfdb53ca8780de5579C:\Program Files\LibreOffice 3\program\soffice.bin381a1048-4751-11e4-b990-002421f04483
 
Error: (09/27/2014 11:52:48 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: nikos-PC)
Description: Δεν επιτρέπεται η πρόσβαση.
 
Error: (09/26/2014 06:31:19 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: nikos-PC)
Description: Δεν επιτρέπεται η πρόσβαση.
 
Error: (09/26/2014 06:30:40 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: nikos-PC)
Description: Δεν επιτρέπεται η πρόσβαση.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU E8500 @ 3.16GHz
Percentage of memory in use: 25%
Total physical RAM: 3071.18 MB
Available physical RAM: 2296.57 MB
Total Pagefile: 6140.65 MB
Available Pagefile: 5069.47 MB
Total Virtual: 2047.88 MB
Available Virtual: 1921.04 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:80.08 GB) (Free:6.64 GB) NTFS
Drive d: () (Fixed) (Total:618.46 GB) (Free:600.72 GB) NTFS
 
==================== MBR & Partition Table ==================
 

 

==================== End Of Log ============================

 

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-09-2014 01
Ran by Leonidas (ATTENTION: The logged in user is not administrator) on NIKOS-PC on 05-10-2014 16:27:52
Running from C:\Users\Leonidas\Downloads
Loaded Profile: Leonidas (Available profiles: nikos & UpdatusUser & Leonidas & Dimitra)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Ελληνικά (Ελλάδας)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgtray.exe
(SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Messenger\SweetIM.exe
(Blabbers Communications LTD) C:\Program Files\BrowserCompanion\BCHelper.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x32\PKIMonitor.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM\...\Run: [AVG_TRAY] => C:\Program Files\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SweetIM] => C:\Program Files\SweetIM\Messenger\SweetIM.exe [114992 2011-08-01] (SweetIM Technologies Ltd.)
HKLM\...\Run: [Browser companion helper] => C:\Program Files\BrowserCompanion\BCHelper.exe [187696 2011-12-16] (Blabbers Communications LTD)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2640408 2014-08-25] ()
HKLM\...\Run: [eTMonitor] => C:\Program Files\Aladdin\eToken\PKIClient\x32\PKIMonitor.exe [230752 2009-12-31] (Aladdin Knowledge Systems, Ltd.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [646144 2014-06-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://gr.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4071C3349D22CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = el-GR
URLSearchHook: HKLM - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} -  No File
SearchScopes: HKLM - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO: Browser Companion Helper -> ##TOOLBAR_DISABLED_##{00cbb66b-1d3b-46d3-9577-323a336acb50} -> C:\Program Files\BrowserCompanion\jsloader.dll ( )
BHO: Adobe PDF Link Helper -> ##TOOLBAR_DISABLED_##{18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Babylon toolbar helper -> ##TOOLBAR_DISABLED_##{2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
BHO: AVG Safe Search -> ##TOOLBAR_DISABLED_##{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO: CescrtHlpr Object -> ##TOOLBAR_DISABLED_##{64182481-4F71-486b-A045-B233BD0DA8FC} -> C:\Program Files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll No File
BHO: DVDVideoSoftTB Toolbar -> ##TOOLBAR_DISABLED_##{872b5b88-9db5-4310-bdd0-ac189557e5f5} -> C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
BHO: Windows Live ID Sign-in Helper -> ##TOOLBAR_DISABLED_##{9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> ##TOOLBAR_DISABLED_##{9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Bing Bar Helper -> ##TOOLBAR_DISABLED_##{d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> "C:\Program Files\Microsoft\BingBar\BingExt.dll" No File
BHO: Browser Companion Helper -> {00cbb66b-1d3b-46d3-9577-323a336acb50} -> C:\Program Files\BrowserCompanion\jsloader.dll ( )
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Browser Companion Helper Verifier -> {963B125B-8B21-49A2-A3A8-E37092276531} -> C:\Program Files\BrowserCompanion\updatebhoWin32.dll ( )
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM - DVDVideoSoftTB Toolbar - ##TOOLBAR_DISABLED_##{872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
Toolbar: HKLM - Babylon Toolbar - ##TOOLBAR_DISABLED_##{98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
Toolbar: HKLM - Bing Bar - ##TOOLBAR_DISABLED_##{8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" No File
Toolbar: HKLM - facemoods Toolbar - ##TOOLBAR_DISABLED_##{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fcmdSrchstonicus.xml
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG2012\Firefox4 [2012-01-26]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
 
Chrome: 
=======
CHR CustomProfile: C:\Users\Leonidas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Leonidas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-05]
CHR Extension: (Google Drive) - C:\Users\Leonidas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-05]
CHR Extension: (YouTube) - C:\Users\Leonidas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-05]
CHR Extension: (Browser Companion Helper) - C:\Users\Leonidas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf [2014-02-05]
CHR Extension: (McAfee Security Scan+) - C:\Users\Leonidas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-04-02]
CHR Extension: (Google Search) - C:\Users\Leonidas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-05]
CHR Extension: (Skype Click to Call) - C:\Users\Leonidas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-02]
CHR Extension: (AVG Security Toolbar) - C:\Users\Leonidas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-02-05]
CHR Extension: (Google Wallet) - C:\Users\Leonidas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-05]
CHR Extension: (Gmail) - C:\Users\Leonidas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-05]
CHR HKLM\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files\BrowserCompanion\blabbers-ch.crx [2012-10-17]
CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx [2012-07-26]
CHR HKLM\...\Chrome\Extension: [kolgnaidildmdbfgdnoapjdianbpajne] - C:\Program Files\BrowserCompanion\blabbers-ch.crx [2012-10-17]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-04-28]
CHR HKLM\...\Chrome\Extension: [plmlpkfpkijnlijgalnjaacllnjmoamo] - C:\Users\nikos\AppData\Local\CRE\plmlpkfpkijnlijgalnjaacllnjmoamo.crx [2014-04-28]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [156160 2011-01-11] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [125440 2011-01-11] (SEIKO EPSON CORPORATION)
R2 eTSrv; C:\Program Files\Aladdin\eToken\PKIClient\x32\eTSrv.exe [12640 2009-12-31] (Aladdin Knowledge Systems, Ltd.)
R2 lmhosts; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-12] (AVG Secure Search)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [48296 2008-07-29] (Aladdin Knowledge Systems, Ltd.)
S3 AKSUP; C:\Windows\System32\drivers\aksup.sys [34472 2008-07-29] (Aladdin Knowledge Systems, Ltd.)
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [142176 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfilterx.sys [24144 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [17232 2011-12-23] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [250080 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [41040 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [31952 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [302368 2013-04-11] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-12] (AVG Technologies)
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam.sys [11520 2009-02-13] (Western Digital Technologies) [File not signed]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-05 16:27 - 2014-10-05 16:28 - 00018292 _____ () C:\Users\Leonidas\Downloads\FRST.txt
2014-10-01 14:48 - 2014-09-25 04:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-28 23:50 - 2014-09-28 23:50 - 00000000 ____D () C:\Users\Leonidas\Documents\Fax
2014-09-28 22:38 - 2014-09-28 22:38 - 00000101 ____H () C:\Users\Leonidas\Downloads\.~lock.EPISTIMONAS.doc#
2014-09-26 00:49 - 2014-10-05 16:27 - 00000000 ____D () C:\FRST
2014-09-25 23:32 - 2014-09-25 23:33 - 01100800 _____ (Farbar) C:\Users\Leonidas\Downloads\FRST.exe
2014-09-25 23:25 - 2014-09-25 23:25 - 00688992 _____ (Swearware) C:\Users\Leonidas\Downloads\dds.com
2014-09-24 20:36 - 2014-09-24 20:36 - 00000000 ____D () C:\Users\Leonidas\AppData\Roaming\Epson
2014-09-24 20:30 - 2014-09-25 22:37 - 00000000 ____D () C:\Users\TEMP.nikos-PC
2014-09-24 06:51 - 2014-09-10 00:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-12 01:52 - 2014-08-19 20:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-12 01:52 - 2014-08-19 01:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-12 01:52 - 2014-08-19 01:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-12 01:52 - 2014-08-19 00:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-12 01:52 - 2014-08-19 00:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 01:52 - 2014-08-19 00:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-12 01:52 - 2014-08-19 00:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-12 01:52 - 2014-08-19 00:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-12 01:52 - 2014-08-19 00:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-12 01:52 - 2014-08-19 00:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-12 01:52 - 2014-08-19 00:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-12 01:52 - 2014-08-19 00:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-12 01:52 - 2014-08-19 00:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-12 01:52 - 2014-08-19 00:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-12 01:52 - 2014-08-19 00:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-12 01:52 - 2014-08-19 00:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-12 01:52 - 2014-08-19 00:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 01:52 - 2014-08-19 00:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-12 01:52 - 2014-08-19 00:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 01:52 - 2014-08-19 00:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-12 01:52 - 2014-08-19 00:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-12 01:52 - 2014-08-19 00:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-12 01:52 - 2014-08-19 00:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-12 01:52 - 2014-08-19 00:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-12 01:52 - 2014-08-19 00:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-12 01:52 - 2014-08-19 00:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-12 01:52 - 2014-08-19 00:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-12 01:52 - 2014-08-18 23:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-12 01:52 - 2014-08-18 23:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-12 01:52 - 2014-08-18 23:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-12 01:51 - 2014-06-27 04:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-12 00:46 - 2014-09-05 04:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-12 00:46 - 2014-09-05 04:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-12 00:46 - 2014-08-01 14:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-12 00:46 - 2014-07-07 04:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-12 00:46 - 2014-07-07 04:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-12 00:46 - 2014-06-24 05:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 22:46 - 2014-09-11 22:46 - 00000930 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2014-09-11 22:46 - 2011-08-10 00:00 - 00341504 _____ (Seiko Epson Corporation) C:\Windows\system32\esw2ud.dll
2014-09-11 22:46 - 2009-10-16 00:00 - 00132560 _____ (Seiko Epson Corporation) C:\Windows\system32\esdevapp.exe
2014-09-11 22:46 - 2009-10-16 00:00 - 00012800 _____ (Seiko Epson Corporation) C:\Windows\system32\escdev.dll
2014-09-11 22:41 - 2014-09-11 22:41 - 00000050 _____ () C:\Windows\system32\bridf05a.dat
2014-09-11 22:40 - 2014-09-11 22:43 - 00000000 ____D () C:\Program Files\Brother
2014-09-11 22:40 - 2014-09-11 22:40 - 00000000 ____D () C:\ProgramData\Brother
2014-09-07 02:04 - 2014-09-07 02:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-07 02:04 - 2014-09-07 02:04 - 00000000 ____D () C:\Program Files\Common Files\Skype
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-05 16:28 - 2014-10-05 16:27 - 00018292 _____ () C:\Users\Leonidas\Downloads\FRST.txt
2014-10-05 16:27 - 2014-09-26 00:49 - 00000000 ____D () C:\FRST
2014-10-05 16:26 - 2014-02-05 21:09 - 00001170 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-05 16:10 - 2013-02-27 15:51 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-05 16:10 - 2009-07-14 07:34 - 00028288 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-05 16:10 - 2009-07-14 07:34 - 00028288 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-05 16:05 - 2011-06-24 19:04 - 01275323 _____ () C:\Windows\WindowsUpdate.log
2014-10-05 16:03 - 2014-02-05 21:09 - 00001166 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-05 16:03 - 2013-06-08 00:34 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2014-10-05 16:03 - 2013-05-29 20:24 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-10-05 16:02 - 2012-11-18 15:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-05 16:02 - 2009-07-14 07:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-05 16:02 - 2009-07-14 07:39 - 00273584 _____ () C:\Windows\setupact.log
2014-10-05 14:40 - 2014-01-14 23:40 - 00000288 _____ () C:\Windows\Tasks\FoxTab.job
2014-10-05 14:23 - 2012-03-04 21:13 - 00001228 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3920034831-313251250-827750339-1000UA.job
2014-10-05 14:17 - 2014-07-29 14:12 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3920034831-313251250-827750339-1005UA.job
2014-10-05 14:17 - 2014-07-29 14:12 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3920034831-313251250-827750339-1005Core.job
2014-10-05 11:30 - 2011-07-02 03:07 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
2014-10-04 13:47 - 2009-07-14 07:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-10-04 12:17 - 2011-06-24 22:24 - 01490280 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-04 11:51 - 2012-03-04 21:13 - 00001206 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3920034831-313251250-827750339-1000Core.job
2014-09-28 23:50 - 2014-09-28 23:50 - 00000000 ____D () C:\Users\Leonidas\Documents\Fax
2014-09-28 22:38 - 2014-09-28 22:38 - 00000101 ____H () C:\Users\Leonidas\Downloads\.~lock.EPISTIMONAS.doc#
2014-09-27 19:57 - 2009-07-14 07:53 - 00032470 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-26 02:45 - 2014-02-05 21:11 - 00002135 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-26 01:34 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-09-25 23:33 - 2014-09-25 23:32 - 01100800 _____ (Farbar) C:\Users\Leonidas\Downloads\FRST.exe
2014-09-25 23:25 - 2014-09-25 23:25 - 00688992 _____ (Swearware) C:\Users\Leonidas\Downloads\dds.com
2014-09-25 22:37 - 2014-09-24 20:30 - 00000000 ____D () C:\Users\TEMP.nikos-PC
2014-09-25 04:40 - 2014-10-01 14:48 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-24 22:00 - 2014-08-04 20:29 - 00000000 ____D () C:\Windows\rescache
2014-09-24 20:37 - 2014-02-05 21:07 - 00000000 ____D () C:\Users\Leonidas\AppData\Local\AVG Secure Search
2014-09-24 20:36 - 2014-09-24 20:36 - 00000000 ____D () C:\Users\Leonidas\AppData\Roaming\Epson
2014-09-24 07:21 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-09-24 06:47 - 2011-12-09 16:41 - 00000000 ____D () C:\Users\nikos\Tracing
2014-09-24 06:46 - 2012-11-04 13:07 - 00000000 ____D () C:\Users\nikos\AppData\Roaming\BrowserCompanion
2014-09-23 23:10 - 2013-02-27 15:51 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-23 23:10 - 2011-11-08 13:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-23 01:12 - 2012-03-13 23:43 - 00000000 ___RD () C:\Users\nikos\Dropbox
2014-09-23 01:06 - 2012-03-13 23:42 - 00000000 ____D () C:\Users\nikos\AppData\Roaming\Dropbox
2014-09-22 20:08 - 2013-01-28 16:47 - 00000000 ____D () C:\Users\nikos\AppData\Roaming\Skype
2014-09-21 23:19 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-12 22:07 - 2014-09-02 18:48 - 00000000 ____D () C:\Users\TEMP
2014-09-12 22:07 - 2014-02-05 21:07 - 00000000 ____D () C:\Users\Leonidas
2014-09-12 12:58 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-12 01:51 - 2013-07-19 23:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-12 01:47 - 2014-05-06 17:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-12 01:47 - 2012-01-26 19:06 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 22:57 - 2014-09-02 23:51 - 00000000 ____D () C:\ProgramData\EPSON
2014-09-11 22:56 - 2014-09-03 01:05 - 00000000 ____D () C:\Program Files\ABBYY FineReader 9.0 Sprint
2014-09-11 22:48 - 2014-09-03 00:59 - 00002344 _____ () C:\Users\Public\Desktop\Οδηγός χρήσης σε δίκτυο EPSON SX235 Series.lnk
2014-09-11 22:48 - 2014-09-03 00:59 - 00002344 _____ () C:\Users\Public\Desktop\Οδηγίες χρήστη EPSON SX235 Series.lnk
2014-09-11 22:46 - 2014-09-11 22:46 - 00000930 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2014-09-11 22:46 - 2014-09-03 00:58 - 00000000 ____D () C:\Program Files\EPSON
2014-09-11 22:46 - 2014-09-03 00:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-09-11 22:46 - 2009-07-14 07:52 - 00000000 ____D () C:\Windows\twain_32
2014-09-11 22:43 - 2014-09-11 22:40 - 00000000 ____D () C:\Program Files\Brother
2014-09-11 22:43 - 2014-09-03 00:57 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-09-11 22:41 - 2014-09-11 22:41 - 00000050 _____ () C:\Windows\system32\bridf05a.dat
2014-09-11 22:40 - 2014-09-11 22:40 - 00000000 ____D () C:\ProgramData\Brother
2014-09-11 22:17 - 2011-06-27 15:01 - 00000000 ____D () C:\Users\nikos
2014-09-10 00:47 - 2014-09-24 06:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-07 02:04 - 2014-09-07 02:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-07 02:04 - 2014-09-07 02:04 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-07 02:04 - 2013-01-28 16:47 - 00002507 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-07 02:04 - 2013-01-28 16:47 - 00000000 ___RD () C:\Program Files\Skype
2014-09-07 02:04 - 2013-01-28 16:47 - 00000000 ____D () C:\ProgramData\Skype
2014-09-05 04:52 - 2014-09-12 00:46 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:47 - 2014-09-12 00:46 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
 
Some content of TEMP:
====================
C:\Users\nikos\AppData\Local\Temp\avguidx.dll
C:\Users\nikos\AppData\Local\Temp\cci.exe
C:\Users\nikos\AppData\Local\Temp\CommonInstaller.exe
C:\Users\nikos\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkzmbwj.dll
C:\Users\nikos\AppData\Local\Temp\ffunzip.exe
C:\Users\nikos\AppData\Local\Temp\GLF4621.tmp.ConduitEngineSetup.exe
C:\Users\nikos\AppData\Local\Temp\iGearedHelper.dll
C:\Users\nikos\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\nikos\AppData\Local\Temp\MsgPlusUninstall.exe
C:\Users\nikos\AppData\Local\Temp\prxGLF4621.tmp.tbDVDV.dll
C:\Users\nikos\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_32.exe
C:\Users\nikos\AppData\Local\Temp\simbo.exe
C:\Users\nikos\AppData\Local\Temp\SkypeSetup.exe
C:\Users\nikos\AppData\Local\Temp\SQLite.dll
C:\Users\nikos\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\nikos\AppData\Local\Temp\Update_8d42.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End Of Log ============================

 

Fixlog.txt:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 25-09-2014 01
Ran by Leonidas at 2014-10-05 16:45:10 Run:1
Running from C:\Users\Leonidas\Downloads
Loaded Profile: Leonidas (Available profiles: nikos & UpdatusUser & Leonidas & Dimitra)
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
Start
reg: reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System"
reg: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList"
End
*****************
 
 
========= reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System" =========
 
 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
    ConsentPromptBehaviorAdmin    REG_DWORD    0x5
    ConsentPromptBehaviorUser    REG_DWORD    0x3
    EnableInstallerDetection    REG_DWORD    0x1
    EnableLUA    REG_DWORD    0x1
    EnableSecureUIAPaths    REG_DWORD    0x1
    EnableUIADesktopToggle    REG_DWORD    0x0
    EnableVirtualization    REG_DWORD    0x1
    PromptOnSecureDesktop    REG_DWORD    0x1
    ValidateAdminCodeSignatures    REG_DWORD    0x0
    dontdisplaylastusername    REG_DWORD    0x0
    legalnoticecaption    REG_SZ    
    legalnoticetext    REG_SZ    
    scforceoption    REG_DWORD    0x0
    shutdownwithoutlogon    REG_DWORD    0x1
    undockwithoutlogon    REG_DWORD    0x1
    FilterAdministratorToken    REG_DWORD    0x0
 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI
 
 
========= End of Reg: =========
 
 
========= reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" =========
 
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
    ProfilesDirectory    REG_EXPAND_SZ    %SystemDrive%\Users
    Default    REG_EXPAND_SZ    %SystemDrive%\Users\Default
    Public    REG_EXPAND_SZ    %SystemDrive%\Users\Public
    ProgramData    REG_EXPAND_SZ    %SystemDrive%\ProgramData
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000.bak
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1003
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1004
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1005
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1005.bak
 
 
========= End of Reg: =========
 
 
==== End of Fixlog ====


#11 dimi1975

dimi1975
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:53 PM

Posted 05 October 2014 - 08:51 AM

My mistake this is the correct fixlog.txt (in the previous one, fixlist wasn't in the same folder):

 

fixlog.txt

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 25-09-2014 01
Ran by Leonidas at 2014-10-05 16:49:19 Run:2
Running from C:\Users\Leonidas\Downloads
Loaded Profile: Leonidas (Available profiles: nikos & UpdatusUser & Leonidas & Dimitra)
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
Start
reg: reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System"
reg: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList"
End
*****************
 
 
========= reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System" =========
 
 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
    ConsentPromptBehaviorAdmin    REG_DWORD    0x5
    ConsentPromptBehaviorUser    REG_DWORD    0x3
    EnableInstallerDetection    REG_DWORD    0x1
    EnableLUA    REG_DWORD    0x1
    EnableSecureUIAPaths    REG_DWORD    0x1
    EnableUIADesktopToggle    REG_DWORD    0x0
    EnableVirtualization    REG_DWORD    0x1
    PromptOnSecureDesktop    REG_DWORD    0x1
    ValidateAdminCodeSignatures    REG_DWORD    0x0
    dontdisplaylastusername    REG_DWORD    0x0
    legalnoticecaption    REG_SZ    
    legalnoticetext    REG_SZ    
    scforceoption    REG_DWORD    0x0
    shutdownwithoutlogon    REG_DWORD    0x1
    undockwithoutlogon    REG_DWORD    0x1
    FilterAdministratorToken    REG_DWORD    0x0
 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI
 
 
========= End of Reg: =========
 
 
========= reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" =========
 
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
    ProfilesDirectory    REG_EXPAND_SZ    %SystemDrive%\Users
    Default    REG_EXPAND_SZ    %SystemDrive%\Users\Default
    Public    REG_EXPAND_SZ    %SystemDrive%\Users\Public
    ProgramData    REG_EXPAND_SZ    %SystemDrive%\ProgramData
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000.bak
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1003
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1004
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1005
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1005.bak
 
 
========= End of Reg: =========
 
 
==== End of Fixlog ====


#12 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,807 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:06:53 AM

Posted 05 October 2014 - 11:53 AM

The problem stands on these registry entries. The lines ending with a .bak extension are the original entries, while the ones without a .bak extension, are the ones created by Windows. The fix should consist in renaming the ones without the .bak extension to the same line but with a .bk extention, then removing the .bak extention from those who has it and finally, renaming the .bk extention to .bak. There is also a value in the ones that will end up without an extention that must be modified.
 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000.bak
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1005
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1005.bak


There are three profiles in the computer; Leonidas,Dimitra and nikos. Which one is your profile?

Download the enclosed file. [attachment=155800:Fixlist.txt]

Save it in the same location FRST is saved.

Run FRST in any mode, except that this time around, click on the Fix button and wait.

The tool will make a log in the same location FRST is saved (Fixlog.txt), Please post it to your reply.

This is also to obtain information about the user profiles and the User Control Feature.


Edited by JSntgRvr, 05 October 2014 - 07:29 PM.
Replaced de fixlist.txt file

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#13 dimi1975

dimi1975
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:53 PM

Posted 09 October 2014 - 06:45 PM

I represent the whole family so let's say that all 3 accounts are mine. Concerning the first part I didn't understand if I should rename the files manually. I just did FRST part. I have logged in from Leonidas.

 

Fixlog.txt:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 08-10-2014 01
Ran by Leonidas at 2014-10-10 02:41:46 Run:3
Running from C:\Users\Leonidas\Downloads
Loaded Profiles: nikos & UpdatusUser & Leonidas & Dimitra (Available profiles: nikos & UpdatusUser & Leonidas & Dimitra)
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
Start
reg: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000.bak" /s
reg: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1005.bak" /s
reg: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" /s
reg: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1005" /s
End
*****************
 
 
========= reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000.bak" /s =========
 
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000.bak
    ProfileImagePath    REG_EXPAND_SZ    C:\Users\nikos
    Flags    REG_DWORD    0x0
    State    REG_DWORD    0x8000
    Sid    REG_BINARY    0105000000000005150000000FFCA6E9B2D5AB12C3775631E8030000
    ProfileLoadTimeLow    REG_DWORD    0x0
    ProfileLoadTimeHigh    REG_DWORD    0x0
    RefCount    REG_DWORD    0x0
    RunLogonScriptSync    REG_DWORD    0x0
 
 
 
========= End of Reg: =========
 
 
========= reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1005.bak" /s =========
 
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1005.bak
    ProfileImagePath    REG_EXPAND_SZ    C:\Users\Dimitra
    Flags    REG_DWORD    0x0
    State    REG_DWORD    0x8000
    Sid    REG_BINARY    0105000000000005150000000FFCA6E9B2D5AB12C3775631ED030000
    ProfileLoadTimeLow    REG_DWORD    0x0
    ProfileLoadTimeHigh    REG_DWORD    0x0
    RefCount    REG_DWORD    0x1
    RunLogonScriptSync    REG_DWORD    0x0
 
 
 
========= End of Reg: =========
 
 
========= reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" /s =========
 
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000
    ProfileImagePath    REG_EXPAND_SZ    C:\Users\TEMP.nikos-PC
    RunLogonScriptSync    REG_DWORD    0x0
 
 
 
========= End of Reg: =========
 
 
========= reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1005" /s =========
 
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1005
    ProfileImagePath    REG_EXPAND_SZ    C:\Users\TEMP
    RunLogonScriptSync    REG_DWORD    0x0
 
 
 
========= End of Reg: =========
 
 
==== End of Fixlog ====


#14 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,807 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:06:53 AM

Posted 10 October 2014 - 10:16 AM

Lets try to modify these registry keys. We will start by attempting to fix the Nikos profile. Since your current account is limited, we must do this in the Recovery Environment.

 

 

 

Download the enclosed file. [attachment=156006:fixlist.txt]

Save it in the same location FRST is saved. (USB drive)

 

Boot to the Recovery Environment's command prompt.

Run FRST as you did before, except that this time around, click on the Fix button and wait.

The tool will make a log in the same location FRST is saved (Fixlog.txt), Please post it to your reply.


Edited by JSntgRvr, 10 October 2014 - 04:39 PM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#15 dimi1975

dimi1975
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:53 PM

Posted 13 October 2014 - 08:31 PM

I send you from nikos account :D

 

You are great. Let me know if I need to do anything else and maybe what I did wrong and I had this problem.

 

Thank you a lot. 

 

Here is fixlog.txt :

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 08-10-2014 01
Ran by SYSTEM at 2014-10-14 04:24:28 Run:4
Running from G:\
Boot Mode: Recovery
 
==============================================
 
Content of fixlist:
*****************
Start
Reg: Reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000.bak"
Reg: Reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000"
Reg: Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000"
Reg: Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" /v ProfileImagePath /t Reg_EXPAND_SZ /d C:\Users\nikos /f
Reg: Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" /v Flags /t Reg_DWORD /d 0x00000000 /f
Reg: Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" /v State /t Reg_DWORD /d 0x80000000 /f
Reg: Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" /v Sid /t Reg_BINARY /d 0105000000000005150000000FFCA6E9B2D5AB12C3775631E8030000 /f
Reg: Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" /v ProfileLoadTimeLow /t Reg_DWORD /d 0x00000000 /f
Reg: Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" /v ProfileLoadTimeHigh /t Reg_DWORD /d 0x00000000 /f
Reg: Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" /v RefCount /t Reg_DWORD /d 0x00000000 /f
Reg: Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" /v RunLogonScriptSync /t Reg_DWORD /d 0x00000000 /f
End    
*****************
 
 
========= Reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000.bak" =========
 
› ¨­ε ¦¨ ©« ΅α «¦ ΅Ά ›ε £«¨ι¦¬ HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000.bak (Yes/No); † Ά «¦¬¨ε ¦Ά¦΅Ά¨ι΅ £ § «¬®ε.
 
 
 
========= End of Reg: =========
 
 
========= Reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" =========
 
› ¨­ε ¦¨ ©« ΅α «¦ ΅Ά ›ε £«¨ι¦¬ HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000 (Yes/No); † Ά «¦¬¨ε ¦Ά¦΅Ά¨ι΅ £ § «¬®ε.
 
 
 
========= End of Reg: =========
 
 
========= Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" =========
 
† Ά «¦¬¨ε ¦Ά¦΅Ά¨ι΅ £ § «¬®ε.
 
 
 
========= End of Reg: =========
 
 
========= Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" /v ProfileImagePath /t Reg_EXPAND_SZ /d C:\Users\nikos /f =========
 
† Ά «¦¬¨ε ¦Ά¦΅Ά¨ι΅ £ § «¬®ε.
 
 
 
========= End of Reg: =========
 
 
========= Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" /v Flags /t Reg_DWORD /d 0x00000000 /f =========
 
† Ά «¦¬¨ε ¦Ά¦΅Ά¨ι΅ £ § «¬®ε.
 
 
 
========= End of Reg: =========
 
 
========= Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" /v State /t Reg_DWORD /d 0x80000000 /f =========
 
† Ά «¦¬¨ε ¦Ά¦΅Ά¨ι΅ £ § «¬®ε.
 
 
 
========= End of Reg: =========
 
 
========= Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" /v Sid /t Reg_BINARY /d 0105000000000005150000000FFCA6E9B2D5AB12C3775631E8030000 /f =========
 
† Ά «¦¬¨ε ¦Ά¦΅Ά¨ι΅ £ § «¬®ε.
 
 
 
========= End of Reg: =========
 
 
========= Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" /v ProfileLoadTimeLow /t Reg_DWORD /d 0x00000000 /f =========
 
† Ά «¦¬¨ε ¦Ά¦΅Ά¨ι΅ £ § «¬®ε.
 
 
 
========= End of Reg: =========
 
 
========= Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" /v ProfileLoadTimeHigh /t Reg_DWORD /d 0x00000000 /f =========
 
† Ά «¦¬¨ε ¦Ά¦΅Ά¨ι΅ £ § «¬®ε.
 
 
 
========= End of Reg: =========
 
 
========= Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" /v RefCount /t Reg_DWORD /d 0x00000000 /f =========
 
† Ά «¦¬¨ε ¦Ά¦΅Ά¨ι΅ £ § «¬®ε.
 
 
 
========= End of Reg: =========
 
 
========= Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3920034831-313251250-827750339-1000" /v RunLogonScriptSync /t Reg_DWORD /d 0x00000000 /f =========
 
† Ά «¦¬¨ε ¦Ά¦΅Ά¨ι΅ £ § «¬®ε.
 
 
 
========= End of Reg: =========
 
 
==== End of Fixlog ====





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users