Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

laptop idp trojan virus detected,ominga plus


  • This topic is locked This topic is locked
12 replies to this topic

#1 gtu1234

gtu1234

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:54 PM

Posted 28 February 2015 - 12:17 PM

Hi, there my brother's laptop is infected.My brother downloaded a file with virus from internet accidently and since then a search engine called omiga plus became home page to all browers.That search engine has a lot of adds and popups,i get virus alerts when opens,i tryed remove it completly with adware removal tool and got this log:

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Adware Removal Tool v3.9
Time: 2015_01_21_23_13_31
OS: Windows 7 - 64 Bit
Account Name: ΣΤΕΛΙΟΣ
U0L0S169

\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

Deleted - File - C:\Users\ΣΤΕΛΙΟΣ\Appdata\LocalLow\Microsoft\Internet Explorer\DOMStore\CO14ZTQK\isearch.omiga-plus[1].xml
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}:dllname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1576C5A9-8F9A-41D6-AB39-A3C85120A8D6}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B2FC70-1660-45AE-9BF8-A84C80DAD39A}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{167C7A4F-AC0A-4889-B7BE-838F9722CC93}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18A4EC16-7C-47EE-ABD2-31BCD810F4AA}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D1C2AC-49EF-415A-911F-4CA66BE6B438}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E089475-4DC1-4475-8B39-AF7A664719BC}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{24B84AD8-5B13-49DD-A4EE-54DE3AB4805F}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2598032A-6AB6-496F-8C98-331E23AA92}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{291004B-3D1A-460A-8689-1C511AE45BB6}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29E6002D-6197-48CC-90F4-DA3FC9A9FDD}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2AC6D2FA-1633-4B55-A88E-EF5A91C1C7F2}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2AF95E7D-FC0E-4C0D-98B2-7AC06B9394F3}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B9D0B0B-BCDC-4609-9F30-A879D6D06C3}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D062D2A-F14B-4DF2-8E2C-838F69C034F7}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2DC23777-B7B1-4E53-B3B7-B4EA9539A38D}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2DDCA6F5-96C5-4ECF-BF75-92773529AB84}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34D84B36-E54A-4723-8C66-BE8F6B178260}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35E48922-8596-4953-8A5F-5A7668DACED3}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37601B44-F9D3-426F-AC8-B967BB821C9E}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3959B681-B734-405C-8A50-C3797D74A46C}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A589B1F-D614-4008-AE45-A3521171F04C}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D2752BF-F041-4845-8E85-F071EB1AC42E}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E99BAB9-69E1-417D-8D17-2F89A6A5EA1E}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F9754CB-7AD0-49E9-8D1-B7F6C91ACAFA}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{456352DD-348D-4F1E-B146-DC483282435}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{45EA6BEB-82E6-4DDE-A169-9C72D933C7E3}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{45FC9050-1C1D-4F2B-899F-8E738FAFF71F}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{468DB3E6-6366-40F7-82ED-E598F5FFAB44}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47C86C72-109F-4FBF-B4EE-D774A5E672B}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49912D18-9615-4AA9-9D8F-A6C016E4EEEE}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B24B92C-9FDC-49CF-ABBC-CFB52B5B1540}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D26D91F-D2FD-487B-B2DB-455DD09FC7B1}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4DFB9270-8749-40E9-A7D6-535AEBEE2AD}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E45E0E3-8CE0-41F0-AA9E-71BEE91413C5}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51AA4B35-ED06-4564-B3C8-9137AF48463A}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5207DF31-4CE8-4965-9BA7-CAB770D15C69}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{520F9CC3-6280-4B41-A46B-2EF5E8BC372E}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5529CDDD-B7A0-44FF-8359-D6F0B5DD6A77}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5851516D-D7EC-4616-A83D-F37551FCAA4C}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59EC5F3D-6EC6-432A-839A-971D1833279}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C1EAEE5-647C-4D6F-B0C2-AE4723B11E5}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C41761A-C6CA-43EB-9A27-6CDEBF83ED2}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E3A750F-D812-4F61-A46-1DB7E5A324D0}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F619108-D9DD-4C55-92ED-19F3E67E123D}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61A55BD9-B809-4ED2-8B8-B1CC2F9C9FAB}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62EF8121-BD28-4290-AA24-ABC5B3C18C36}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63948DAA-F76E-4609-85DF-6F4247B585A9}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63CD9B00-8EED-4EDD-BAE3-6DF9FDD6393}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{678A3769-7A87-44D2-899C-76CC62A2EE1}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{69DF0F7F-3AF0-4E03-9257-4FDECB7DD322}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B81167A-B17F-4886-921B-FA9F903CA6C9}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6EBA0329-BF2-471B-9FBC-D9973984E9C1}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7107A176-451E-49A3-B925-A6A1827AA326}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71D8A7C7-7D93-414F-A53-5CF91138B1F4}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72187E80-DBC-488F-B782-4201578D19}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73E6D26-3625-430E-BC25-D9A6AD1879A}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{756015CD-A07B-461B-A01C-94418A278BB3}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75D7CDED-300E-4CAF-B922-97BC31D9CFB}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78949C25-1537-4725-8095-1C428094A6D9}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{790B8B7E-6FFC-4820-8A89-D66C52C783}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{79E9F00-44F6-46F1-9945-2ECB6EC155}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7BC6BD3C-D9C1-4A23-9643-CDAF5CB6CA85}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D6FCF85-8386-4400-9C1D-898F31BA6DD}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{803DE9BB-67C9-4344-90AE-5558DE9470}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8088D522-D819-4184-85CC-607C37DE52F5}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{838B2E94-303D-457F-85E1-EAE212B983DB}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8642E2CF-5880-440F-B5F2-5EB59D881920}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8EA38F22-5942-478F-BCB3-740FD4B7CAE}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8EC69EBD-21C7-48DB-A053-6D2CC337A27}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F343170-11F5-4A14-8E6-F3BB9CE7D5ED}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90513843-5F5-4DD2-AF2A-14E26768F72B}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{906B58AD-A805-4658-BF5-EDEE90D2E0}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{929B4D26-8B38-4136-A5CB-4FB8D879F877}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9487C2AD-E71D-4296-B446-C6193DE6C932}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94D6C24C-D5CD-44F1-95B2-D19719837DD2}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94E1EAFF-2A7D-4BFB-AD31-1992F68F1EEF}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{952D3FFF-F231-44C2-A5EA-9067CB8B883}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97D5A908-E84C-4956-8319-5465B3FD76E5}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99155ACA-1465-480F-A9A5-2DA51FCF7A9E}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B653493-99FB-44C5-A073-17B735EC477}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9BE55308-ABA4-4ABD-B053-4BAE219FE2A}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A11A37A3-2082-41B1-B3D3-944FAE718F75}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1E3329A-3FD4-4663-A4A3-72D8FFCBC32B}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2207605-FE95-478E-8F85-FEB874EEC578}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A328EE00-7502-4EF2-8AE1-B39587FF3B92}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4BF7454-F3A9-469E-9AF1-7C4A69A189A1}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9B36816-E4B-4E0A-B28E-149B52C0A2E5}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9BBA53A-35DD-4045-B92-E0A04E5F10D0}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA83D5B8-DDBA-4263-BA94-850FB57B2F}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE765A36-529-40AA-924B-A643ABD8C120}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF9C2FC4-9252-4057-A5D8-518B4C46B71}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFE66018-E372-404C-A33C-6680F5626F9D}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B01B6BEB-CD14-47E6-862E-9E178F38F30}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B173416A-FFDE-4C31-A0AB-CCB6EB5ED7CC}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3B8B6BB-289-4864-9918-4E53BFC5BB0}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B42286AD-DD67-4E04-955-A75D50E5C966}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4C76036-CE92-4262-B252-C148D6B2BAD7}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B597C992-618D-4F20-ABAB-B045CA76CC92}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6725280-54A5-4C06-8FD3-C653A58B1C74}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6B38F4F-CB15-44D1-A9B6-756DB79A6278}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B995B0FF-FA83-4CF8-81CE-43BFE54480C}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB6EF96B-D422-4F82-9353-A5437B3161ED}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD2B6E82-15FC-4547-BEC0-594725F4C6}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF9CD812-ED1A-43BD-BEB8-DCEEA82278A}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1596972-C2B0-4BEC-A9DD-19B82EF930F4}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C54F5F67-8A53-4FB6-937D-3DEB1C62C6C}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C74B515C-6306-4BD6-8139-C17F5F348E80}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C772FA84-77FA-4DA1-8143-53ABB3267B7C}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBECD08D-521A-4CAE-8726-CA3F5F9F75D3}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3466A7C-935B-4B9E-BFA4-EA4DD7F3B64B}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4892C0B-4BB4-4183-AD8B-4A5CA24D6893}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4CD4146-F3D1-42F3-B8A0-B915AFE7ADBF}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DAD28DD0-F19E-4294-8533-8251AC6EAF1}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB12C522-95DE-41F1-92AC-12ED98D7E4FC}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB8598C7-283-428C-A719-E3DE9CE09052}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E11E2997-1F86-4056-BC22-9A29DFBCDB53}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E297F3B2-8E9D-4717-B0A3-E1B5721DC637}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E62850E6-4CC7-4FCD-B552-C0882213E827}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E75BDBDC-D5C9-4EDC-8975-EA41E4E03586}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA7D7169-21CB-426D-A145-4676FF4FC133}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB513E0C-2F74-49E9-9FBA-3CD6C389C1A4}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDB770D6-8052-4206-B494-526C91806962}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE8FB0F-1790-4B40-8641-34B41EFFBD6}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF1F2AF2-BEBE-4329-956F-8156A6F3AB8}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFADB6E0-118B-454F-8159-298EDEA48A91}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFFACEF1-7BBA-4244-A998-9904182E967}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F033CF42-C2E4-4659-ACD9-CB5A60D426C2}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2071AA3-8B56-4143-8456-964A8F585D40}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3CB7781-D06A-4F0C-AC21-B39B9ED08048}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F59C89A-D67F-45E8-96FF-42795C4D7721}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F602234A-38AA-4574-98AA-BF971960AE26}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6B4177E-3861-4B82-BD47-2647EBCB798}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F92A06FE-6C3B-43BF-A977-3892225ED760}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FADB47C5-1038-45F2-9D5D-80F633C06E59}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBDAC774-85C-44FE-9AFB-5A9FC07B381A}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD0B19DE-135-4AF8-BFB-47442075555}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FEF48F7-B8B5-4CF5-84CF-5D9873FA3BD}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF0F2F51-7DE4-4717-BCE2-60C0323E4535}:appname
Deleted - RegistryKey - HKEY_CURRENT_USER\SOFTWARE:Conduit
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\eventlog\Application:Torntv
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{98889811-442D-49DD-99D7-DC866BE87DBC}
Deleted - RegistryKey - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage:isearch.omiga-plus.com
Deleted - RegistryKey - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage:omiga-plus.com

\\ Finished
 

But omiga plus still appear as homepage and can't change it.Although in internet explorer and firefox says page not found,but in google chrome still appear.Avg antivirus detects  an IDP trojan.

 

FRST Log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by ΣΤΕΛΙΟΣ (administrator) on STELIOS-LAPTOP on 28-02-2015 19:03:02
Running from C:\Users\ΣΤΕΛΙΟΣ\Desktop\Νέος φάκελος
Loaded Profiles: ΣΤΕΛΙΟΣ (Available profiles: ΣΤΕΛΙΟΣ)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Ελληνικά (Ελλάδας)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Uniblue Systems Ltd) C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Program Files (x86)\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
( ) C:\Windows\System32\lxebcoms.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_305_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2847016 2014-10-06] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-10-06] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-12-16] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [Winsuite2012] => "C:\Program Files (x86)\Spotmau\PowerSuite Golden Edition\Winsuite 2012\Spotmau_WinSuite_TrayIcon.exe"
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Run: [Google Update] => C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-09-26] (Google Inc.)
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6161176 2014-02-20] (Piriform Ltd)
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [6161176 2014-02-20] (Piriform Ltd)
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd)
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Policies\system: [WallpaperStyle] 2
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\MountPoints2: {c0178cd3-a9f3-11df-9806-00271342eed5} - G:\Startme.exe
HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2014-06-18] (Microsoft Corporation)
HKU\S-1-5-18\...\Policies\system: [WallpaperStyle] 2
Startup: C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Απόσπασμα οθόνης και Εκκίνηση για το OneNote 2007.lnk
ShortcutTarget: Απόσπασμα οθόνης και Εκκίνηση για το OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
URLSearchHook: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Βοηθός εισόδου στο λογαριασμό Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: No Name -> {A3BC75A2-1F87-4686-AA43-5347D756017C} ->  No File
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: iSkysoft Video Converter Ultimate -> {C7C3BC26-4F2B-4997-A3CB-163337FE975B} -> C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRIEPlugin.dll (iSkysoft Software Co., Ltd.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000 -> No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
Toolbar: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: HKLM-x32 {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
DPF: HKLM-x32 {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-09-19] (EasyBits Software Corp.)
Winsock: Catalog9-x64 12 C:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll File Not found ()
Winsock: Catalog9-x64 13 C:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll File Not found ()
Hosts: Hosts file not detected in the default directory
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Mozilla\Firefox\Profiles\dmsp5npa.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxp://isearch.omiga?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\9\NP_wtapp.dll No File
FF Plugin HKU\S-1-5-21-3607668558-2623760651-2539539302-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3607668558-2623760651-2539539302-1000: @tools.google.com/Google Update;version=3 -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3607668558-2623760651-2539539302-1000: @tools.google.com/Google Update;version=9 -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3607668558-2623760651-2539539302-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Mozilla\Firefox\Profiles\dmsp5npa.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Mozilla\Firefox\Profiles\dmsp5npa.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: DownloadHelper - C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Mozilla\Firefox\Profiles\dmsp5npa.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-05]
FF Extension: Adblock Plus - C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Mozilla\Firefox\Profiles\dmsp5npa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-04-13]
FF Extension: Greasemonkey - C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Mozilla\Firefox\Profiles\dmsp5npa.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-10-04]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [avg@igeared] - C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [2014-08-25]
FF HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\IDM\idmmzcc5 [2014-04-04]
FF HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Firefox\Extensions: [{31C8B8A4-6712-4A47-B378-2BE78B8EE9E1}] - C:\Program Files (x86)\Bigasoft\Video Downloader Pro\extensions\3.1.1.5128\BVDFirefoxExt
FF Extension: Bigasoft Video Downloader Firefox Extension - C:\Program Files (x86)\Bigasoft\Video Downloader Pro\extensions\3.1.1.5128\BVDFirefoxExt [2014-01-27]
FF HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\IDM\idmmzcc5
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage: Default -> hxxp://isearch.omiga?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
CHR StartupUrls: Default -> "hxxp://isearch.omiga?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp"
CHR DefaultSearchKeyword: Default ->
CHR DefaultSearchURL: Default -> http://isearch.omigaweb/?type=dspp&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\Application\40.0.2214.115\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Java™ Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Google Update) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-09-20]
CHR Extension: (iSkysoft Video Converter Ultimate) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlfeafapmnniobpffacckpddijdjgpmj [2013-12-19]
CHR Extension: (IDM Integration Module) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2013-08-30]
CHR Extension: (Bigasoft Video Downloader Pro) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnkpjikgipojkofgjjkfgdhfanggcdm [2013-10-15]
CHR Extension: (Skype Click to Call) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-10]
CHR Extension: (Google Wallet) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [hlfeafapmnniobpffacckpddijdjgpmj] - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRChromePlugin.crx [2013-12-18]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-04-03]
CHR HKLM-x32\...\Chrome\Extension: [jpnkpjikgipojkofgjjkfgdhfanggcdm] - C:\Program Files (x86)\Bigasoft\Video Downloader Pro\extensions\3.1.1.5128\BVDChromeExt.crx [2014-01-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx [Not Found]
StartMenuInternet: Google Chrome - Chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1417160 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
U2 CareMon; C:\Program Files (x86)\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe [146792 2011-11-15] ()
S4 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [89864 2013-03-04] (CyberLink Corp.)
S4 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-03-04] (CyberLink)
S4 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-03-04] (CyberLink)
R2 ezGOSvc; C:\Windows\SysWOW64\ezGOSvc.dll [80256 2011-08-11] ()
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
R2 lxeb_device; C:\Windows\system32\lxebcoms.exe [1052328 2010-04-14] ( )
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed]
S4 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed]
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2012-05-10] ()
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [333824 2014-10-06] (IDT, Inc.) [File not signed]
S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [502592 2014-04-01] (RealVNC Ltd)
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S3 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
U3 axdgrksx; No ImagePath
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [23944 2010-04-06] (IVT Corporation.)
S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [30088 2010-04-06] ()
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-26] (CyberLink)
S2 hwpsgt; C:\Windows\SysWOW64\DRIVERS\hwpsgt.sys [137344 2011-01-25] () [File not signed]
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-12-08] (Intel Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE                      )
S3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [27016 2010-04-06] (IVT Corporation.)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [25688 2014-12-08] (JMicron Technology Corp.)
S2 lemsgt; C:\Windows\SysWOW64\DRIVERS\lemsgt.sys [9472 2011-01-25] () [File not signed]
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-09-10] (Cyberlink Corp.)
S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [116264 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [19496 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [158760 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [34856 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [135208 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [151592 2009-05-25] (MCCI Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-12-08] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-03-19] (Duplex Secure Ltd.)
R2 supersafer64; C:\Windows\SysWOW64\drivers\supersafer64.sys [238072 2011-11-15] (Spotmau)
S3 TridVid; C:\Windows\System32\DRIVERS\tridvid6010.sys [404352 2010-07-13] (10Moons Technologies Co.,Ltd) [File not signed]
S3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [95232 2010-11-20] (Microsoft Corporation) [File not signed]
S3 vpcuxd; C:\Windows\system32\DRIVERS\vpcuxd.sys [16384 2009-09-23] (Microsoft Corporation) [File not signed]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-09-09] (CyberLink Corp.)
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [130320 2013-03-04] (CyberLink Corp.)
U3 a6cj4wew; C:\Windows\System32\Drivers\a6cj4wew.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S1 ArcSec; system32\drivers\ArcSec.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
S3 BTCOMBUS; System32\Drivers\btcombus.sys [X]
S3 CEDRIVER55; \??\C:\Program Files (x86)\Cheat Engine\dbk64.sys [X]
U4 eabfiltr; No ImagePath
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

NETSVC: ezGOSvc -> C:\Windows\SysWOW64\ezGOSvc.dll ()

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-28 18:58 - 2015-02-28 19:03 - 00000000 ____D () C:\Users\ΣΤΕΛΙΟΣ\Desktop\Νέος φάκελος
2015-02-28 18:58 - 2015-02-28 19:03 - 00000000 ____D () C:\FRST
2015-02-26 23:38 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-26 23:38 - 2015-01-09 01:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-21 12:54 - 2015-02-21 12:54 - 00000000 ____D () C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Steam
2015-02-19 17:22 - 2015-02-19 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-02-19 17:22 - 2015-02-19 17:22 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-02-18 22:16 - 2015-01-23 06:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-18 22:16 - 2015-01-23 06:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-18 22:16 - 2015-01-23 05:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-18 22:16 - 2015-01-23 05:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-17 17:54 - 2015-01-14 07:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-17 17:54 - 2015-01-14 07:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-17 17:54 - 2015-01-12 05:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-17 17:54 - 2015-01-12 05:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-17 17:54 - 2015-01-12 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-17 17:54 - 2015-01-12 04:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-17 17:54 - 2015-01-12 04:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-17 17:54 - 2015-01-12 04:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-17 17:54 - 2015-01-12 04:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-17 17:54 - 2015-01-12 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-17 17:54 - 2015-01-12 04:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-17 17:54 - 2015-01-12 04:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-17 17:54 - 2015-01-12 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-17 17:54 - 2015-01-12 04:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-17 17:54 - 2015-01-12 04:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-17 17:54 - 2015-01-12 04:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-17 17:54 - 2015-01-12 04:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-17 17:54 - 2015-01-12 04:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-17 17:54 - 2015-01-12 04:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-17 17:54 - 2015-01-12 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-17 17:54 - 2015-01-12 04:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-17 17:54 - 2015-01-12 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-17 17:54 - 2015-01-12 04:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-17 17:54 - 2015-01-12 04:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-17 17:54 - 2015-01-12 04:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-17 17:54 - 2015-01-12 04:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-17 17:54 - 2015-01-12 04:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-17 17:54 - 2015-01-12 04:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-17 17:54 - 2015-01-12 04:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-17 17:54 - 2015-01-12 03:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-17 17:54 - 2015-01-12 03:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-17 17:54 - 2015-01-12 03:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-17 17:54 - 2015-01-12 03:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-17 17:54 - 2015-01-12 03:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-17 17:54 - 2015-01-12 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-17 17:54 - 2015-01-12 03:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-17 17:54 - 2015-01-12 03:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-17 17:54 - 2015-01-12 03:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-17 17:54 - 2015-01-12 03:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-17 17:54 - 2015-01-12 03:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-17 17:54 - 2015-01-12 03:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-17 17:54 - 2015-01-12 03:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-17 17:54 - 2015-01-12 03:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-17 17:54 - 2015-01-12 03:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-17 17:54 - 2015-01-12 03:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-17 17:54 - 2015-01-12 03:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-17 17:54 - 2015-01-12 03:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-17 17:54 - 2015-01-12 03:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-17 17:54 - 2015-01-12 03:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-17 17:54 - 2015-01-12 03:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-17 17:54 - 2015-01-12 02:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-17 17:54 - 2015-01-12 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-17 17:12 - 2015-02-04 05:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-17 17:12 - 2015-02-04 05:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-17 17:12 - 2015-02-04 05:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-17 17:12 - 2015-02-04 05:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-17 17:12 - 2015-02-04 05:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-17 17:12 - 2015-02-04 05:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-17 17:12 - 2015-02-04 05:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-17 17:12 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-17 17:11 - 2015-01-10 08:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-17 17:11 - 2015-01-10 08:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-17 17:11 - 2015-01-10 08:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-17 17:11 - 2015-01-10 08:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-17 17:11 - 2015-01-10 08:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-17 17:11 - 2015-01-10 08:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-17 17:11 - 2015-01-10 08:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-17 17:11 - 2015-01-10 08:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-17 17:11 - 2015-01-10 08:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-17 17:11 - 2015-01-10 08:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-17 17:11 - 2015-01-10 08:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-17 17:11 - 2015-01-10 08:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-17 17:11 - 2015-01-10 08:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-17 17:11 - 2015-01-10 08:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-17 17:08 - 2015-01-13 05:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-17 17:08 - 2015-01-13 04:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-17 17:07 - 2015-01-15 10:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-17 17:07 - 2015-01-15 10:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-17 17:07 - 2015-01-15 10:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-17 17:07 - 2015-01-15 10:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-17 17:07 - 2015-01-15 10:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-17 17:07 - 2015-01-15 10:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-17 17:07 - 2015-01-15 10:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-17 17:07 - 2015-01-15 10:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-17 17:07 - 2015-01-15 10:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-17 17:07 - 2015-01-15 10:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-17 17:07 - 2015-01-15 10:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-17 17:07 - 2015-01-15 09:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-17 17:07 - 2015-01-15 09:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-17 17:07 - 2015-01-15 09:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-17 17:07 - 2015-01-15 09:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-17 17:07 - 2015-01-15 09:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-17 17:07 - 2015-01-15 09:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-17 17:07 - 2015-01-15 06:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-17 17:06 - 2014-12-12 07:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-17 17:06 - 2014-12-12 07:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-17 17:06 - 2014-11-26 05:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-17 17:06 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-17 17:06 - 2014-10-04 04:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-17 17:06 - 2014-10-04 03:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-17 17:06 - 2014-10-04 03:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-17 17:06 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-17 17:06 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-17 17:06 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-17 17:06 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-17 17:05 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-17 17:05 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-17 17:04 - 2015-01-14 08:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-17 17:04 - 2015-01-14 08:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-17 17:04 - 2015-01-14 08:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-17 17:04 - 2015-01-14 08:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-17 17:04 - 2015-01-14 07:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-17 17:04 - 2015-01-14 07:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-17 17:04 - 2015-01-14 07:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-17 17:03 - 2015-01-09 04:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-07 19:38 - 2015-02-07 19:38 - 00000927 _____ () C:\Users\Public\Desktop\Steam.lnk
2015-02-07 19:38 - 2015-02-07 19:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-07 19:37 - 2015-02-07 19:37 - 01142128 _____ () C:\Users\ΣΤΕΛΙΟΣ\Desktop\SteamSetup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-28 19:02 - 2011-02-16 11:42 - 00000000 ____D () C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\uTorrent
2015-02-28 18:58 - 2009-07-14 06:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-28 18:58 - 2009-07-14 06:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-28 18:56 - 2011-03-01 13:17 - 02954240 ___SH () C:\Users\ΣΤΕΛΙΟΣ\Downloads\Thumbs.db
2015-02-28 18:51 - 2012-02-07 18:07 - 00001202 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000UA.job
2015-02-28 18:41 - 2014-04-22 13:26 - 00000000 ____D () C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\LogMeIn Hamachi
2015-02-28 18:41 - 2010-03-01 17:58 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-28 18:35 - 2012-12-31 20:27 - 00001184 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-28 18:32 - 2014-11-23 14:39 - 02031676 ____N () C:\Windows\WindowsUpdate.log
2015-02-28 18:28 - 2010-12-24 19:49 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-28 18:23 - 2013-11-12 22:59 - 00000344 _____ () C:\Windows\Tasks\dsmonitor.job
2015-02-28 18:23 - 2012-12-31 20:27 - 00001180 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-28 18:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-27 23:15 - 2011-03-07 17:43 - 00000000 ____D () C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Skype
2015-02-27 23:06 - 2013-03-25 22:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-27 21:09 - 2013-03-11 18:04 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000UA.job
2015-02-27 18:09 - 2013-03-11 18:04 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000Core.job
2015-02-27 17:51 - 2012-02-07 18:07 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000Core.job
2015-02-19 20:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-02-18 16:51 - 2009-07-14 06:45 - 00384888 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-18 16:47 - 2014-12-10 17:58 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-18 16:47 - 2014-05-06 11:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-18 00:06 - 2010-02-02 04:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-18 00:04 - 2013-07-11 23:22 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-17 23:56 - 2010-02-12 22:01 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-16 18:40 - 2013-11-21 23:32 - 00000000 ___RD () C:\Users\Public\Κοινόχρηστη μουσική
2015-02-16 17:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-16 16:20 - 2014-04-22 13:24 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-02-07 23:47 - 2015-01-21 18:38 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-07 22:35 - 2015-01-21 18:36 - 00000660 _____ () C:\Users\ΣΤΕΛΙΟΣ\Desktop\TuneUp360 Restore Center.lnk
2015-02-06 19:45 - 2010-04-19 16:34 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-02-05 17:46 - 2012-02-07 18:07 - 00004176 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000UA
2015-02-05 17:46 - 2012-02-07 18:07 - 00003780 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000Core
2015-02-05 17:29 - 2012-12-31 20:27 - 00004180 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 17:29 - 2012-12-31 20:27 - 00003928 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-05 16:52 - 2009-09-20 04:37 - 00607322 _____ () C:\Windows\system32\perfh008.dat
2015-02-05 16:52 - 2009-09-20 04:37 - 00111486 _____ () C:\Windows\system32\perfc008.dat
2015-02-05 16:52 - 2009-07-14 07:13 - 01490280 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-04 22:06 - 2013-03-25 22:47 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-04 22:06 - 2013-03-25 22:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 22:06 - 2013-03-25 22:47 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

==================== Files in the root of some directories =======

2013-06-26 18:39 - 2014-06-22 20:12 - 0003728 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\AIXOI
2011-01-13 11:09 - 2011-02-17 12:39 - 0001854 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\GhostObjGAFix.xml
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\MSVL
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\NGTF
2011-09-17 14:05 - 2011-02-11 17:08 - 0000000 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\SuperSafer.cfg
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\VEWL
2010-02-16 21:03 - 2010-10-21 17:00 - 0000096 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\wklnhst.dat
2010-02-02 05:00 - 2010-02-02 05:00 - 0000000 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\AtStart.txt
2011-08-05 20:40 - 2013-09-29 21:15 - 0006144 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-02-02 05:00 - 2010-02-02 05:00 - 0000000 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\DSwitch.txt
2010-02-02 05:00 - 2010-02-02 05:00 - 0000000 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\QSwitch.txt
2010-02-20 18:53 - 2012-04-17 16:43 - 0007597 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Resmon.ResmonCfg
2013-12-24 16:12 - 2014-01-02 11:46 - 0000810 _____ () C:\ProgramData\Coinstaller.log
2010-08-26 16:47 - 2010-10-04 21:53 - 0000088 __RSH () C:\ProgramData\E3FFC2124D.sys
2010-08-18 13:23 - 2010-08-18 13:23 - 0148736 _____ (Avanquest Software) C:\ProgramData\hpeFFD1.dll
2010-02-02 05:00 - 2011-11-15 18:29 - 0000205 _____ () C:\ProgramData\HPWALog.txt
2010-03-03 13:56 - 2014-07-11 00:02 - 0003766 ___SH () C:\ProgramData\KGyGaAvL.sys
2015-01-14 13:06 - 2015-01-14 13:06 - 0000111 _____ () C:\ProgramData\lxeb.log
2013-12-24 16:14 - 2014-11-07 13:43 - 0005144 _____ () C:\ProgramData\lxebJSW.log
2013-12-24 16:09 - 2014-11-07 13:39 - 0002714 _____ () C:\ProgramData\lxebscan.log
2010-12-24 19:43 - 2010-12-24 19:43 - 0000000 _____ () C:\ProgramData\N360BUOptions.ini
2010-08-17 17:04 - 2010-08-17 17:04 - 0001264 _____ () C:\ProgramData\ss.ini
2009-11-12 01:29 - 2009-11-12 01:29 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-08-17 17:06 - 2010-08-17 17:06 - 0000033 _____ () C:\ProgramData\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
2009-09-19 18:45 - 2009-09-19 18:45 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-11-12 01:28 - 2009-11-12 01:28 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-09-19 18:40 - 2009-09-19 18:42 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-11-12 01:27 - 2009-11-12 01:27 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2009-11-12 01:29 - 2009-11-12 01:29 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-09-19 18:40 - 2009-09-19 18:40 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-09-19 18:42 - 2009-09-19 18:45 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2009-11-12 01:29 - 2009-11-12 01:29 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Files to move or delete:
====================
C:\ProgramData\hpeFFD1.dll
C:\Users\ΣΤΕΛΙΟΣ\microsoft.dat


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-23 17:13

==================== End Of Log ============================

 

Addition Log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2015 01
Ran by ΣΤΕΛΙΟΣ at 2015-02-28 19:03:33
Running from C:\Users\ΣΤΕΛΙΟΣ\Desktop\Νέος φάκελος
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{5CEBB0CE-1783-40C2-A7E1-02EE705820F0}) (Version: 1.0 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{1ce01891-839b-4ad1-b629-2e608ba0c6ba}) (Version: 1.0 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X - Greek (HKLM-x32\...\{AC76BA86-7AD7-1032-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Mythology Gold (HKLM-x32\...\Age of Mythology Expansion Pack 1.0) (Version: 1.0 - Microsoft)
Angry Birds (HKLM-x32\...\{CE5E289C-444C-4A8B-8B16-AFE8957CF2E0}) (Version: 4.0.0 - Rovio Entertainment Ltd.)
Angry Birds (HKLM-x32\...\{DE96EDE7-7D0A-49D7-9C11-121BA91F84E0}) (Version: 3.3.0 - Rovio Entertainment Ltd.)
Angry Birds Rio (HKLM-x32\...\{FCC3936A-E05F-4C95-A226-1A6F70EE9E84}) (Version: 1.8.0 - Rovio Entertainment Ltd.)
Angry Birds Seasons (HKLM-x32\...\{4D47CD54-DE0A-485E-AFA7-3C5C7253DE64}) (Version: 4.0.1 - Rovio Entertainment Ltd.)
Angry Birds Space (HKLM-x32\...\{C9C763DF-F912-457F-A8BF-88E043BC45FE}) (Version: 1.6.0 - Rovio Entertainment Ltd.)
Angry Birds Star Wars (HKLM-x32\...\{4D55824D-389E-4A01-B097-D7562C0D7A95}) (Version: 1.5.0 - Rovio Entertainment Ltd.)
Angry Birds Star Wars II (HKLM-x32\...\{C4887610-6DE9-4538-A6CD-2B44673FE133}) (Version: 1.0.1 - Rovio Entertainment Ltd.)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}) (Version: 3.5.7.282 - ArcSoft)
AVG 2012 (Version: 12.0.2433 - AVG Technologies) Hidden
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4800 - AVG Technologies)
AVG 2014 (Version: 14.0.4257 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4800 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.9.799 - AVG Technologies)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Bad Piggies (HKLM-x32\...\{6A062CC2-747A-455F-9892-5CF7F86EA451}) (Version: 1.5.1 - Rovio Entertainment Ltd.)
Battle vs. Chess (HKLM-x32\...\Battle vs. Chess_is1) (Version: 1.0 - Zuxxez Entertainment)
Bejeweled 2 Deluxe 1.0 (HKLM-x32\...\Bejeweled 2 Deluxe 1.0) (Version:  - )
Bejeweled 3 (HKLM-x32\...\Bejeweled 3) (Version:  - PopCap Games)
Bejeweled Blitz (HKLM-x32\...\Bejeweled Blitz) (Version:  - PopCap Games)
Bejeweled Twist 1.0 (HKLM-x32\...\Bejeweled Twist 1.0) (Version: 1.0 - PopCap Games)
Bigasoft Video Downloader Pro 3.1.1.5128 (HKLM-x32\...\{C7056BA6-D954-42A2-ABBA-AB2E8E777730}_is1) (Version:  - Bigasoft Corporation)
Billard Kings 2 (HKLM-x32\...\{5E8C69AD-9C19-4AC9-8FA0-262B84E16C40}) (Version: 1.0 - )
BlazeVideo HDTV Player Professional 6.6.0.3 (HKLM-x32\...\BlazeVideo HDTV Player Professional 6.6.0.3_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
Cheat Engine 6.1 (HKLM-x32\...\Cheat Engine 6.1_is1) (Version:  - Dark Byte)
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.50.0001 - Corel Corporation)
Corel VideoStudio 12 (HKLM-x32\...\InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}) (Version: 12.0.0.0000 - Corel Corporation)
CPUID CPU-Z 1.67.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd)
DDD Pool 1.2 (HKLM-x32\...\DDD Pool) (Version: 1.2 - Paprikari)
DiRT 3 (HKLM-x32\...\GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}) (Version: 1.0.0000.130 - Codemasters)
DiRT 3 (x32 Version: 1.0.0000.130 - Codemasters) Hidden
DiRT 3 (x32 Version: 1.0.0001.130 - Codemasters) Hidden
Driver Install 64bit (HKLM-x32\...\InstallShield_{D8D3D526-406C-4DDD-85F1-F0A2F29D1E7E}) (Version: 1.00.0000 - Your Company Name)
Driver Install 64bit (x32 Version: 1.00.0000 - Your Company Name) Hidden
DriverScanner (HKLM-x32\...\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1) (Version: 4.0.12.4 - Uniblue Systems Ltd)
DX-Ball 1.09 (HKLM-x32\...\DX-Ball 1.09) (Version:  - )
DX-Ball 2 ModPack (HKLM-x32\...\DX-Ball 2 ModPack) (Version:  - )
DX-Ball 2 v1.2 (HKLM-x32\...\DX-Ball 2 v1.2) (Version:  - )
EasyBits GO (HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Game Organizer) (Version:  - EasyBits Media)
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
eXe -- eLearning XHTML editor (HKLM-x32\...\exe) (Version:  - eXe Project)
EXE Password Protector 1.1.6.214 (HKLM-x32\...\EXE Password Protector_is1) (Version:  - ELTIMA Software)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FLAC Frontend (HKLM-x32\...\{315E5E8B-0560-413A-B604-622A4C8BECBD}) (Version: 2.1.1 - Xiph.org)
GameRanger (HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\GameRanger) (Version:  - GameRanger Technologies)
GIMP 2.6.10 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.10 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Earth (HKLM-x32\...\{A2264E8F-1649-11E3-8BED-B8AC6F98CCE3}) (Version: 7.1.2.2019 - Google)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
HP 3D DriveGuard (HKLM\...\{844EC6B5-8435-47CE-93FA-842BC5EB22C2}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Integrated Module with Bluetooth wireless technology (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3309 - Hewlett-Packard)
HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.0.1916 - Hewlett-Packard)
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.0.30.1 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.1913 - Hewlett-Packard)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.16.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0154 (HKLM-x32\...\{B51605BF-6326-4553-AE96-6D7F1813D5F5}) (Version: 1.01.0001 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{4E432692-A736-4F77-AF77-F9078CF88D31}) (Version: 3.50.11.2 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
iSkysoft Video Converter Ultimate(Build 4.7.0.0) (HKLM-x32\...\iSkysoft Video Converter Ultimate_is1) (Version: 4.7.0.0 - iSkysoft Software)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
JDownloader 0.9 (HKLM-x32\...\jdownloader09) (Version: 0.9 - AppWork GmbH)
JDownloader 2.0 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.32.1 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 10.1.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.0 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version:  - EasyBits Software AS)
Malwarebytes Anti-Malware έκδοση 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mario Forever 5.01 (HKLM-x32\...\Mario Forever 5.01) (Version:  - )
Medieval II - Custom Campaign Mod 2 (HKLM-x32\...\0000CustomCampaignMod2_is1) (Version:  - )
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM-x32\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM-x32\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.05.000 - SEGA)
MegaDownloader 0.8 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 0.8 - Andres_age)
Microsoft .NET Framework 4.5.1 (Ελληνικά) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1032) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Age of Empires Gold (HKLM-x32\...\Age of Empires Gold 1.0) (Version:  - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft MPEG-4 VKI Video Codec V1/V2/V3 (HKLM-x32\...\MS-MPEG4) (Version:  - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (Greek) (HKLM-x32\...\{95120000-00AF-0408-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{784B4EE3-E308-4706-B3DC-51029944240B}) (Version: 08.05.0822 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{6A44830E-5F01-435D-A536-E1384FDF977D}) (Version: 1.20.146.0 - Microsoft)
Microsoft Αριθμομηχανή+ (HKLM-x32\...\{7716E562-D830-4916-A0A6-D37CC607C427}) (Version: 1.0.0 - Microsoft)
MilkShape 3D 1.8.4 (HKLM-x32\...\MilkShape 3D 1.8.4) (Version: 1.8.4 - chUmbaLum sOft)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version:  - )
Minecraft1.7.7 (HKLM-x32\...\Minecraft1.7.7) (Version:  - )
Monopoly by Parker Brothers (HKLM-x32\...\Monopoly by Parker Brothers) (Version: 1.0.406.0 - GameHouse, Inc.)
Monopoly City (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118892567}) (Version:  - Oberon Media)
Monopoly Here & Now Edition (HKLM-x32\...\Monopoly Here & Now Edition) (Version: 1.0.18.272 - GameHouse, Inc.)
Mortimer Beckett and the Time Paradox (HKLM-x32\...\Mortimer Beckett and the Time Paradox) (Version: 1.0.1.0 - GameHouse, Inc.)
MotioninJoy ds3 driver version 0.6.0003 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.5.0001 - www.motioninjoy.com)
MotoGP 08 (HKLM-x32\...\{BDA825AD-D60B-4935-9590-B0F1AC2E0D22}) (Version: 1.00.0000 - Capcom)
Mount&Blade (HKLM-x32\...\Mount&Blade) (Version:  - )
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 el) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 el)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Mushroom Age (remove only) (HKLM-x32\...\Mushroom Age) (Version:  - )
Need For Speed Hot Pursuit 2 (HKLM-x32\...\{76F4DD9B-C246-4BE0-00B6-3DE9ABF72299}) (Version:  - )
Need for Speed™ Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Λογισμικό σύστημα PhysX 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
OEM Share Pack (x32 Version: 2.0 - CyberLink Corp.) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenMG Limited Patch 4.7-07-14-05-01 (HKLM-x32\...\OpenMG HotFix4.7-07-13-22-01) (Version:  - )
OpenMG Secure Module 4.7.00 (HKLM-x32\...\InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation)
OpenMG Secure Module 4.7.00 (x32 Version: 4.7.00.12140 - Sony Corporation) Hidden
Pacman (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118392197}) (Version:  - Oberon Media)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PC Wizard 2013.2.12 (HKLM-x32\...\PC Wizard 2013_is1) (Version:  - CPUID)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayStation®Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.06.00741 - Sony Computer Entertainment Inc.)
PlayStation®Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.3.3.12540 - Sony Computer Entertainment Inc.)
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Rapture3D 2.4.9 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
RealityFactory (HKLM-x32\...\RealityFactory) (Version:  - )
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Rise of Nations (HKLM-x32\...\RiseOfNationsExpansion 1.0) (Version: 1.0 - Microsoft)
Rome - Total War - Alexander (HKLM-x32\...\{6C1804BC-094F-431A-BEA5-37A837958029}) (Version: 1.9 - The Creative Assembly)
Rome - Total War - Gold Edition (HKLM-x32\...\{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}) (Version: 1.6 - The Creative Assembly)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Sony Ericsson PC Companion 1.60.13 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 1.60.13 - Sony Ericsson)
Sony Ericsson PC Suite 6.011.00 (HKLM-x32\...\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}) (Version: 6.011.00 - Sony Ericsson)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spider-Man® - Web of Shadows™ 1.1 Patch (x32 Version:  - ) Hidden
Spider-Man™ - Web of Shadows (HKLM-x32\...\InstallShield_{7F7E4FA7-6F32-4DE2-917E-361E034AED7A}) (Version: 1.1 - Activision)
Spider-Man™ - Web of Shadows (x32 Version: 1.0 - Activision) Hidden
Spider-Man™ - Web of Shadows 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
Spotmau PowerSuite Golden 2012 (build 7.0.1) (HKLM-x32\...\{182201E0-FCBA-4667-B226-B5AE3F4C623D}_is1) (Version:  - Spotmau Software Co., Ltd.)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Swords and Sandals 2 2.0 (HKLM-x32\...\Swords and Sandals 2) (Version: 2.0 - 3RDsense)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.33.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25790 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Sims 3 Create a Pattern Tool (HKLM-x32\...\{44EAFE3D-09A9-4478-A2BF-0EED22F4E49F}) (Version: 1.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.33.2 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.10.1 - Electronic Arts)
The Sims™ 3 Fast Lane Stuff (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.8.1 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.13.1 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.17.2 - Electronic Arts)
UltraISO Premium V9.36 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VAIO - Remote Play with PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VideoStudio (x32 Version: 12.0.0.0000 - Corel Corporation) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VNC Server 5.1.1 (HKLM\...\{060CA2F4-3B7B-4CEA-ADF3-E930C62E162D}) (Version: 5.1.1 - RealVNC Ltd)
VNC Viewer 5.1.1 (HKLM\...\{72D6F59C-FDC3-4E68-B776-E92E5D389F48}) (Version: 5.1.1 - RealVNC Ltd)
VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
ZD Soft Screen Recorder 4.1.3.0 (HKLM-x32\...\ZD Soft Screen Recorder) (Version: 4.1.3.0 - ZD Soft)
ZD Soft Screen Video Decoder (HKLM-x32\...\ZDSV) (Version:  - )
Zuma's Revenge! (HKLM-x32\...\Zuma's Revenge!) (Version:  - PopCap Games)
Ενημερωμένη έκδοση Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0408-0000-0000000FF1CE}_HOMESTUDENTR_{08A4BDB3-7A63-4F59-B9FA-EE80ADE88DC2}) (Version:  - Microsoft)
Ενημερωμένη έκδοση Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0408-0000-0000000FF1CE}_HOMESTUDENTR_{C52A655D-F8AE-485D-908D-62CEC754B6A4}) (Version:  - Microsoft)
Ενημερωμένη έκδοση Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0408-0000-0000000FF1CE}_HOMESTUDENTR_{054186C0-F351-472E-84E8-D5E16FA08241}) (Version:  - Microsoft)
ΞΕΡΗ 2.2.2 (HKLM-x32\...\KseriInstall_is1) (Version:  - .dnot)
Πίνακας Ελέγχου NVIDIA 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

03-02-2015 16:53:42 Windows Update
07-02-2015 17:51:48 Windows Update
07-02-2015 22:35:19 TuneUp360's restore point
16-02-2015 17:59:01 Προγραμματισμένο σημείο ελέγχου
17-02-2015 16:54:30 Windows Update
17-02-2015 23:54:42 Windows Update
19-02-2015 00:02:38 Windows Update
23-02-2015 16:22:48 Windows Update
26-02-2015 21:50:14 Windows Update
26-02-2015 23:37:53 Windows Update

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0F5AFB44-2A42-449F-927B-DA0BD62B80E7} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {0F707628-E607-483C-AC15-805BE9AE6F22} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-07-23] (CyberLink)
Task: {146C18AC-11A6-4084-8122-4F45F02AC7DD} - System32\Tasks\{5C55E8FB-DF3C-46A6-B51C-4EF42FE54869} => pcalua.exe -a "C:\Program Files (x86)\EA GAMES\The Sims 2 Bon Voyage\EAUninstall.exe"
Task: {1EE00C75-FED2-40E8-ACC8-0BBCEAF0601A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000Core => C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.)
Task: {222E5677-CCD8-45C6-ACEE-C67B48E3D208} - System32\Tasks\{75BCFB45-2BF8-4648-866E-54DE2A452BE7} => pcalua.exe -a "I:\Παιχνίδια\PC\Flight Simulator\Flight Simulator X\Add-Ons\Mosquito.exe" -d "I:\Παιχνίδια\PC\Flight Simulator\Flight Simulator X\Add-Ons"
Task: {3018DBDA-9C89-4FAE-9856-84E4D5323478} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {31663CDB-341C-48C8-8B9F-6F8810E26924} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {37ED3D6D-2265-4F0A-9BD2-D0BD93AEB932} - System32\Tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade => C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe [2011-08-11] (Hewlett-Packard)
Task: {3C0B58BD-AB5D-4149-A62A-991C870D1222} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {4872FBB0-5234-4A2E-AC51-C43A3DA770FA} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {612A769D-1BD5-45D5-9C5B-6BDCCF93B67D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {6A5C2906-C3C5-4E41-B588-FCE4F3C891D8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {6CB2A2C3-4F4B-494E-B388-CE77978AD7A4} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-03-13] (CyberLink)
Task: {8269FD6A-CE44-41FE-BA70-36CBC9B6DD24} - System32\Tasks\DVDAgent => C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-09-09] (CyberLink Corp.)
Task: {89E39D12-C7FC-4555-B232-6E507CC58D40} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {9396D657-C1C4-4396-A942-BEA7A9FA88E7} - System32\Tasks\{69E86EB1-284A-4F9B-ADD9-0550D1D1BF3F} => pcalua.exe -a "C:\Users\ΣΤΕΛΙΟΣ\Desktop\Nero\Language Packs\Nero.exe" -d "C:\Users\ΣΤΕΛΙΟΣ\Desktop\Nero\Language Packs"
Task: {C063D662-77E0-416D-842D-0747167B198C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000UA => C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.)
Task: {C5B470CE-18BE-4BC4-9280-3283D1551A31} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3607668558-2623760651-2539539302-1000
Task: {C854FC34-8441-4D54-84A0-8E363BB356E3} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {D0491587-9D58-40D7-8520-2D61ED155CA4} - System32\Tasks\{7CCBBB57-21CB-4DBD-94F0-C1F16ACD07EE} => pcalua.exe -a "C:\PROGRA~2\SpectralDesign\UnInstall\Nuendo Dolby Digital Encoder\UNWISE.EXE" -c C:\PROGRA~2\SpectralDesign\UnInstall\Nuendo Dolby Digital Encoder\INSTALL.LOG
Task: {DD3EB840-3AB1-4FFF-9EC0-042BC6794F77} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000Core => C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-11] (Facebook Inc.)
Task: {E0722518-E0AC-49DC-8C8C-0BA92D52C8EA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000UA => C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-11] (Facebook Inc.)
Task: {F19C0F5A-939F-4B87-9786-D20C6802078B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {F710752B-3CCC-486A-8E2B-66736116B396} - System32\Tasks\{6946E4AC-DF12-4CF2-AF94-40F9CAC04369} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {FDA30AF4-294A-475B-B065-D5DCE18BF121} - System32\Tasks\dsmonitor => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2014-03-21] (Uniblue Systems Ltd)
Task: {FE5C702A-B1A5-4C69-9143-B7B4C47F9D11} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AIXOI.job => C:\Users\ύύύύύύύ\AppData\Roaming\AIXOI.exe <==== ATTENTION
Task: C:\Windows\Tasks\dsmonitor.job => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000Core.job => C:\Users\£¤•›™£\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000UA.job => C:\Users\£¤•›™£\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000Core.job => C:\Users\£¤•›™£\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000UA.job => C:\Users\£¤•›™£\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MSVL.job => C:\Users\ύύύύύύύ\AppData\Roaming\MSVL.exe <==== ATTENTION
Task: C:\Windows\Tasks\NGTF.job => C:\Users\ύύύύύύύ\AppData\Roaming\NGTF.exe <==== ATTENTION
Task: C:\Windows\Tasks\VEWL.job => C:\Users\ύύύύύύύ\AppData\Roaming\VEWL.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) ==============

2011-12-09 23:17 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-24 16:12 - 2009-11-04 13:18 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxebdrpp.dll
2013-12-18 20:06 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\SysWOW64\ISCM64.dll
2015-01-21 18:30 - 2011-11-15 11:24 - 00146792 _____ () C:\Program Files (x86)\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe
2011-08-11 19:16 - 2011-08-11 19:11 - 00080256 _____ () c:\windows\syswow64\ezgosvc.dll
2012-09-27 21:47 - 2014-08-25 13:18 - 02640408 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2014-08-11 22:39 - 2014-08-11 22:39 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2014-02-08 18:19 - 2014-03-18 21:48 - 00003132 _____ () C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll
2013-12-08 23:36 - 2014-03-20 21:33 - 01603608 _____ () C:\Program Files (x86)\AVG Secure Search\TBAPI.dll
2014-08-11 22:39 - 2014-08-11 22:39 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2009-07-23 11:37 - 2009-07-23 11:37 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2014-06-24 13:37 - 2014-06-24 13:38 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-11 22:39 - 2014-08-11 22:39 - 00693784 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\NativeBrowserApi\18.1.9\NativeBrowserApi.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:1677AB3F
AlternateDataStreams: C:\ProgramData\Temp:9B721CFF
AlternateDataStreams: C:\ProgramData\Temp:B623B5B8
AlternateDataStreams: C:\ProgramData\Temp:F3AB0B43
AlternateDataStreams: C:\ProgramData\Temp:FAC5BCF5

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ABBYY.Licensing.FineReader.Corporate.10.0 => 2
MSCONFIG\Services: ACDaemon => 2
MSCONFIG\Services: CLHNServiceForPowerDVD => 2
MSCONFIG\Services: CLHNServiceForPowerDVD12 => 2
MSCONFIG\Services: CyberLink PowerDVD 11.0 Monitor Service => 2
MSCONFIG\Services: CyberLink PowerDVD 11.0 Service => 2
MSCONFIG\Services: CyberLink PowerDVD 12 Media Server Monitor Service => 2
MSCONFIG\Services: CyberLink PowerDVD 12 Media Server Service => 2
MSCONFIG\Services: ezGOSvc => 2
MSCONFIG\Services: ezSharedSvc => 2
MSCONFIG\Services: MemeoBackgroundService => 2
MSCONFIG\Services: OMSI download service => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: SamsungAllShareV2.0 => 2
MSCONFIG\Services: Serviio => 2
MSCONFIG\Services: TunngleService => 2
MSCONFIG\Services: TVCapSvc => 2
MSCONFIG\Services: ufad-ws60 => 2
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk => C:\Windows\pss\TMMonitor.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: BrowserPlugInHelper => C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\BrowserPlugInHelper.exe
MSCONFIG\startupreg: CLMLServer_For_P2G8 => "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
MSCONFIG\startupreg: CLVirtualDrive => "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
MSCONFIG\startupreg: Corel File Shell Monitor => C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
MSCONFIG\startupreg: HPCam_Menu => "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
MSCONFIG\startupreg: iSkysoft Helper Compact.exe => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~2\COMMON~1\INSTAL~1\UpdateService\isuspm.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: PowerDVD12Agent => "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
MSCONFIG\startupreg: QlbCtrl.exe => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: UpdatePPShortCut => "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\5.0"
MSCONFIG\startupreg: UpdatePRCShortCut => "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
MSCONFIG\startupreg: WirelessAssistant => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== Accounts: =============================

Administrator (S-1-5-21-3607668558-2623760651-2539539302-500 - Administrator - Disabled)
Guest (S-1-5-21-3607668558-2623760651-2539539302-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3607668558-2623760651-2539539302-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-3607668558-2623760651-2539539302-1006 - Limited - Enabled)
ΣΤΕΛΙΟΣ (S-1-5-21-3607668558-2623760651-2539539302-1000 - Administrator - Enabled) => C:\Users\ΣΤΕΛΙΟΣ

==================== Faulty Device Manager Devices =============

Name: archlp
Description: archlp
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ArcSec
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/27/2015 09:17:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Η δημιουργία περιβάλλοντος ενεργοποίησης για το "PDR.X,type="win32",version="1.0.0.0"1" απέτυχε.
Δεν ήταν δυνατή η εύρεση της εξαρτημένης συγκρότησης PDR.X,type="win32",version="1.0.0.0".
Για την αναλυτική διάγνωση χρησιμοποιήστε το sxstrace.exe.

Error: (02/27/2015 09:17:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Η δημιουργία περιβάλλοντος ενεργοποίησης για το "PDR.X,type="win32",version="1.0.0.0"1" απέτυχε.
Δεν ήταν δυνατή η εύρεση της εξαρτημένης συγκρότησης PDR.X,type="win32",version="1.0.0.0".
Για την αναλυτική διάγνωση χρησιμοποιήστε το sxstrace.exe.

Error: (02/27/2015 09:17:49 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Η δημιουργία περιβάλλοντος ενεργοποίησης απέτυχε για το "1". Παρουσιάστηκε σφάλμα στο αρχείο διακήρυξης ή πολιτικής "2" στη γραμμή 3.
Μη έγκυρη σύνταξη Xml.

Error: (02/26/2015 10:18:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Η δημιουργία περιβάλλοντος ενεργοποίησης για το "PDR.X,type="win32",version="1.0.0.0"1" απέτυχε.
Δεν ήταν δυνατή η εύρεση της εξαρτημένης συγκρότησης PDR.X,type="win32",version="1.0.0.0".
Για την αναλυτική διάγνωση χρησιμοποιήστε το sxstrace.exe.

Error: (02/26/2015 10:18:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Η δημιουργία περιβάλλοντος ενεργοποίησης για το "PDR.X,type="win32",version="1.0.0.0"1" απέτυχε.
Δεν ήταν δυνατή η εύρεση της εξαρτημένης συγκρότησης PDR.X,type="win32",version="1.0.0.0".
Για την αναλυτική διάγνωση χρησιμοποιήστε το sxstrace.exe.

Error: (02/26/2015 10:18:36 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Η δημιουργία περιβάλλοντος ενεργοποίησης απέτυχε για το "1". Παρουσιάστηκε σφάλμα στο αρχείο διακήρυξης ή πολιτικής "2" στη γραμμή 3.
Μη έγκυρη σύνταξη Xml.

Error: (02/24/2015 01:18:34 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Η δημιουργία περιβάλλοντος ενεργοποίησης για το "PDR.X,type="win32",version="1.0.0.0"1" απέτυχε.
Δεν ήταν δυνατή η εύρεση της εξαρτημένης συγκρότησης PDR.X,type="win32",version="1.0.0.0".
Για την αναλυτική διάγνωση χρησιμοποιήστε το sxstrace.exe.

Error: (02/24/2015 01:18:34 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Η δημιουργία περιβάλλοντος ενεργοποίησης για το "PDR.X,type="win32",version="1.0.0.0"1" απέτυχε.
Δεν ήταν δυνατή η εύρεση της εξαρτημένης συγκρότησης PDR.X,type="win32",version="1.0.0.0".
Για την αναλυτική διάγνωση χρησιμοποιήστε το sxstrace.exe.

Error: (02/24/2015 01:18:30 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Η δημιουργία περιβάλλοντος ενεργοποίησης απέτυχε για το "1". Παρουσιάστηκε σφάλμα στο αρχείο διακήρυξης ή πολιτικής "2" στη γραμμή 3.
Μη έγκυρη σύνταξη Xml.

Error: (02/23/2015 05:14:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Η δημιουργία περιβάλλοντος ενεργοποίησης για το "PDR.X,type="win32",version="1.0.0.0"1" απέτυχε.
Δεν ήταν δυνατή η εύρεση της εξαρτημένης συγκρότησης PDR.X,type="win32",version="1.0.0.0".
Για την αναλυτική διάγνωση χρησιμοποιήστε το sxstrace.exe.


System errors:
=============
Error: (02/28/2015 06:37:51 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Παρουσιάστηκε σφάλμα κατά την προσπάθεια ανάγνωσης του αρχείου τοπικών κεντρικών υπολογιστών.

Error: (02/28/2015 06:37:51 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Παρουσιάστηκε σφάλμα κατά την προσπάθεια ανάγνωσης του αρχείου τοπικών κεντρικών υπολογιστών.

Error: (02/28/2015 06:37:51 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Παρουσιάστηκε σφάλμα κατά την προσπάθεια ανάγνωσης του αρχείου τοπικών κεντρικών υπολογιστών.

Error: (02/28/2015 06:32:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Αποτυχία εγκατάστασης: Τα Windows απέτυχαν να εγκαταστήσουν την παρακάτω ενημέρωση με σφάλμα 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.193.1164.0).

Error: (02/28/2015 06:31:43 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Παρουσιάστηκε σφάλμα κατά την προσπάθεια ανάγνωσης του αρχείου τοπικών κεντρικών υπολογιστών.

Error: (02/28/2015 06:31:42 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Παρουσιάστηκε σφάλμα κατά την προσπάθεια ανάγνωσης του αρχείου τοπικών κεντρικών υπολογιστών.

Error: (02/28/2015 06:31:42 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Παρουσιάστηκε σφάλμα κατά την προσπάθεια ανάγνωσης του αρχείου τοπικών κεντρικών υπολογιστών.

Error: (02/28/2015 06:31:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Η υπηρεσία Windows Defender τερματίστηκε με το ακόλουθο σφάλμα:
%%126

Error: (02/28/2015 06:30:32 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Παρουσιάστηκε σφάλμα κατά την προσπάθεια ανάγνωσης του αρχείου τοπικών κεντρικών υπολογιστών.

Error: (02/28/2015 06:30:32 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Παρουσιάστηκε σφάλμα κατά την προσπάθεια ανάγνωσης του αρχείου τοπικών κεντρικών υπολογιστών.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-02-28 18:54:47.907
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-28 18:54:32.493
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-28 18:54:17.140
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-28 18:54:01.773
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-28 18:53:46.371
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-28 18:53:30.972
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-28 18:53:15.599
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-28 18:53:00.190
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-28 18:52:44.038
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-28 18:50:51.080
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 56%
Total physical RAM: 4086.88 MB
Available physical RAM: 1797.87 MB
Total Pagefile: 8171.95 MB
Available Pagefile: 5535.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:450.56 GB) (Free:209.66 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:14.9 GB) (Free:2.46 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 296B532C)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================



BC AdBot (Login to Remove)

 


m

#2 BrianDrab

BrianDrab

  • Malware Response Team
  • 266 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:54 AM

Posted 28 February 2015 - 02:16 PM

Hi. My name is Brian, and I would be happy to look into your issue.
 


- General Instructions -

  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
  • You have 4 days to reply to each post or the topic will be closed.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-

 

All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
 
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

- Finally Before We Start-

 
Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

 

 

I'm reviewing your logs and will be back with you shortly.



#3 BrianDrab

BrianDrab

  • Malware Response Team
  • 266 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:54 AM

Posted 28 February 2015 - 02:33 PM

Ok, please do the following and let me know  if it fixes your issue.

 

Step#1 - Warnings

CCleaner
I see that you have CCleaner installed. This is indeed a good product but I wanted to caution you on running the registry cleaning functionality of the tool. Please avoid this as it can do more harm than good.

Windows Sidebar/Gadgets
I see that Windows Sidebar may be enabled. Microsoft deems these as a security vulnerability and recommends that they are disabled. Unless you have good reason not to, please download and install the Microsoft Fix-It from here. Note: Please ensure you reboot when prompted. If you don't and continue this could leave your machine in an unstable state.

 

 

Step#2 - Uninstalls
Please uninstall the following programs one at a time. Instructions for doing so are here.

If any of the programs give you an error during the uninstall, notate it and move on to the next one. Just let me know which ones had issues. If you are asked to reboot, answer No until all the programs have been uninstalled and then you can reboot. All of these programs are either outdated, malware/adware, have a bad reputation or are not recommended. If you absolutely must have one of them I suggest that you wait until you are declared clean before reinstalling.

AVG Security Toolbar
Java 7 Update 51 (64-bit)
Java 7 Update 51
Pando Media Booster
Skype Click to Call

 

Step#3 - FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

1. Download this file and save to your desktop. Note: You may need to right-click on the link and choose Save Link as... in order to save to the desktop.
2. Download attached file and save it to the Desktop. Attached File  fixlist.txt   6.02KB   2 downloads
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
3. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
4. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
5. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

Step#4 - AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool.
4. Click on Scan.
5. After the scan is complete click on "Cleaning"
6. Confirm each time with Ok.
7. Your computer will be rebooted automatically. A text file will open after the restart.
8. Please post the content of that logfile with your next answer.
9. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.

 

 

 

Items for your next post

1. FRST Fix log

2. AdwCleaner log
 



#4 gtu1234

gtu1234
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:54 PM

Posted 01 March 2015 - 06:09 PM

Hi, there Brian and thank you for helping.I used Microsoft Fix it,I uninstalled programs as sugested with no isseus,used frst and adwcleaner.

Here are the logs:

 

FRST Fix Log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-02-2015
Ran by ΣΤΕΛΙΟΣ at 2015-03-02 00:28:53 Run:1
Running from C:\Users\ΣΤΕΛΙΟΣ\Desktop
Loaded Profiles: ΣΤΕΛΙΟΣ (Available profiles: ΣΤΕΛΙΟΣ)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CreateRestorePoint:
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
C:\Program Files (x86)\Common Files\AVG Secure Search
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
C:\Program Files (x86)\AVG Secure Search
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2640408 2014-08-25] ()
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\MountPoints2: {c0178cd3-a9f3-11df-9806-00271342eed5} - G:\Startme.exe
URLSearchHook: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: No Name -> {A3BC75A2-1F87-4686-AA43-5347D756017C} ->  No File
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000 -> No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
Toolbar: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -  No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog9-x64 12 C:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll File Not found ()
Winsock: Catalog9-x64 13 C:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll File Not found ()
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxp://isearch.omiga?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-3607668558-2623760651-2539539302-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Mozilla\Firefox\Profiles\dmsp5npa.default\user.js
FF SearchPlugin: C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Mozilla\Firefox\Profiles\dmsp5npa.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [2014-08-25]
CHR HomePage: Default -> hxxp://isearch.omiga?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
CHR StartupUrls: Default -> "hxxp://isearch.omiga?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp"
CHR DefaultSearchURL: Default -> http://isearch.omigaweb/?type=dspp&q={searchTerms}
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll (AVG Technologies)
CHR Extension: (Skype Click to Call) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-10]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx [Not Found]
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
U3 a6cj4wew; C:\Windows\System32\Drivers\a6cj4wew.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
Task: C:\Windows\Tasks\AIXOI.job => C:\Users\ύύύύύύύ\AppData\Roaming\AIXOI.exe <==== ATTENTION
Task: C:\Windows\Tasks\MSVL.job => C:\Users\ύύύύύύύ\AppData\Roaming\MSVL.exe <==== ATTENTION
Task: C:\Windows\Tasks\NGTF.job => C:\Users\ύύύύύύύ\AppData\Roaming\NGTF.exe <==== ATTENTION
Task: C:\Windows\Tasks\VEWL.job => C:\Users\ύύύύύύύ\AppData\Roaming\VEWL.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:1677AB3F
AlternateDataStreams: C:\ProgramData\Temp:9B721CFF
AlternateDataStreams: C:\ProgramData\Temp:B623B5B8
AlternateDataStreams: C:\ProgramData\Temp:F3AB0B43
AlternateDataStreams: C:\ProgramData\Temp:FAC5BCF5
2015-02-28 19:02 - 2011-02-16 11:42 - 00000000 ____D () C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\uTorrent
cmd: move C:\Users\ΣΤΕΛΙΟΣ\Desktop\hosts c:\windows\system32\drivers\etc\hosts
cmd: move C:\Users\ΣΤΕΛΙΟΣ\Desktop\hosts.txt c:\windows\system32\drivers\etc\hosts
EmptyTemp:

 
*****************

Restore point was successfully created.
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe => No running process found
"C:\Program Files (x86)\Common Files\AVG Secure Search" => File/Directory not found.
C:\Program Files (x86)\AVG Secure Search\vprot.exe => No running process found
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe => No running process found
C:\Program Files (x86)\AVG Secure Search => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\vProt => Value not found.
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\LogonHoursAction => value deleted successfully.
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DontDisplayLogonHoursWarnings => value deleted successfully.
"HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c0178cd3-a9f3-11df-9806-00271342eed5}" => Key deleted successfully.
HKCR\CLSID\{c0178cd3-a9f3-11df-9806-00271342eed5} => Key not found.
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key not found.
HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => value deleted successfully.
HKCR\Wow6432Node\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => Value not found.
HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} => value deleted successfully.
HKCR\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} => Key not found.
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => value deleted successfully.
HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key not found.
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value deleted successfully.
HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key not found.
"HKCR\PROTOCOLS\Handler\avgsecuritytoolbar" => Key deleted successfully.
HKCR\CLSID\{F2DDE6B2-9684-4A55-86D4-E255E237B77C} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\viprotocol => Key not found.
HKCR\Wow6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} => Key not found.
Winsock: Catalog entry 000000000012 => Deleted successfully.
Winsock: Catalog entry 000000000013 => Deleted successfully.
Firefox DefaultSearchEngine deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin => Key not found.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Mozilla\Firefox\Profiles\dmsp5npa.default\user.js => Moved successfully.
C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Mozilla\Firefox\Profiles\dmsp5npa.default\searchplugins\askcom.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\avg@toolbar => Value not found.
C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 not found.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchURL not detected.
C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll not found.
C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof => Key not found.
vToolbarUpdater18.1.9 => Service not found.
a6cj4wew => Service not found.
C:\Windows\Tasks\AIXOI.job => Moved successfully.
C:\Windows\Tasks\MSVL.job => Moved successfully.
C:\Windows\Tasks\NGTF.job => Moved successfully.
C:\Windows\Tasks\VEWL.job => Moved successfully.
C:\ProgramData\Temp => ":0B4227B4" ADS removed successfully.
C:\ProgramData\Temp => ":1677AB3F" ADS removed successfully.
C:\ProgramData\Temp => ":9B721CFF" ADS removed successfully.
C:\ProgramData\Temp => ":B623B5B8" ADS removed successfully.
C:\ProgramData\Temp => ":F3AB0B43" ADS removed successfully.
C:\ProgramData\Temp => ":FAC5BCF5" ADS removed successfully.
C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\uTorrent => Moved successfully.

=========  move C:\Users\ΣΤΕΛΙΟΣ\Desktop\hosts c:\windows\system32\drivers\etc\hosts =========

��� �夘� ������ � �稜�� ��� ��������⤦� ����妬 ��� �� �穫���.

========= End of CMD: =========


=========  move C:\Users\ΣΤΕΛΙΟΣ\Desktop\hosts.txt c:\windows\system32\drivers\etc\hosts =========

        1 ����� �������㟞���.

========= End of CMD: =========

EmptyTemp: => Removed 104.7 MB temporary data.


The system needed a reboot.

==== End of Fixlog 00:29:21 ====

 

 

 

AdwCleaner Log:

# AdwCleaner v4.111 - Logfile created 02/03/2015 at 00:49:39
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : ΣΤΕΛΙΟΣ - STELIOS-LAPTOP
# Running from : C:\Users\ΣΤΕΛΙΟΣ\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Uniblue
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\Uniblue
Folder Deleted : C:\Program Files (x86)\AVG\AVG10\Toolbar
Folder Deleted : C:\Program Files (x86)\STab
Folder Deleted : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Folder Deleted : C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\AVG Security Toolbar
Folder Deleted : C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\globalUpdate
Folder Deleted : C:\Users\ΣΤΕΛΙΟΣ\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\GrabPro
Folder Deleted : C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Uniblue
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\driverscanner.lnk
File Deleted : C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
File Deleted : C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\driverscanner.lnk

***** [ Scheduled tasks ] *****

Task Deleted : dsmonitor

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[#] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
[#] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
[#] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
[#] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[#] Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\MGShareware
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\MGShareware
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
Key Deleted : [x64] HKLM\SOFTWARE\systweak
Key Deleted : [x64] HKLM\SOFTWARE\TornTv Downloader

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Mozilla Firefox v30.0 (el)

[dmsp5npa.default\prefs.js] - Line Deleted : user_pref("avg.install.Revert_DSP", "AVG Secure Search");
[dmsp5npa.default\prefs.js] - Line Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\18.1.9.799");
[dmsp5npa.default\prefs.js] - Line Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.comgoogle\\.\\w+yahoo\\.\\w+gmail\\.\\w+hotmail\\.\\w+live\\.\\w+isearch\\.avg\\.commysearch\\.avg\\.com");
[dmsp5npa.default\prefs.js] - Line Deleted : user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22[...]
[dmsp5npa.default\prefs.js] - Line Deleted : user_pref("extensions.aEWBNO58637124CLP39222015com63313.63313.internaldb.Resources_meta.value", "%7B%22zoom.js%22%3A%7B%22id%22%3A798518%2C%22ver%22%3A1%2C%22status%22%3A1%2C%22name%22%3A%22zoom.js%22[...]
[dmsp5npa.default\prefs.js] - Line Deleted : user_pref("extensions.aEWBNO58637124CLP39222015com63313.63313.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A%7[...]
[dmsp5npa.default\prefs.js] - Line Deleted : user_pref("quickstores.toolbar.affid", "2006");
[dmsp5npa.default\prefs.js] - Line Deleted : user_pref("quickstores.toolbar.guid", "{3228F3F8-2BA3-1D54-7EE4-204D3AEEAC8A}");

-\\ Google Chrome v

[C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1418995930&from=ild&uid=ST9500420AS_5VJ1WBD9&q={searchTerms}
[C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1418995930&from=ild&uid=ST9500420AS_5VJ1WBD9&q={searchTerms}
[C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1418995930&from=ild&uid=ST9500420AS_5VJ1WBD9&q={searchTerms}
[C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1418995930&from=ild&uid=ST9500420AS_5VJ1WBD9&q={searchTerms}
[C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omigaweb/?type=dspp&q={searchTerms}
[C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omigaweb/?type=dspp&q={searchTerms}

*************************

AdwCleaner[R0].txt - [9183 bytes] - [02/03/2015 00:41:51]
AdwCleaner[S0].txt - [8772 bytes] - [02/03/2015 00:49:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8831  bytes] ##########
 



#5 BrianDrab

BrianDrab

  • Malware Response Team
  • 266 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:54 AM

Posted 01 March 2015 - 09:05 PM

Thanks for the info. Please do the following.

 

Step#1 - JRT
1. Download Junkware Removal Tool to your desktop.
1. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
2. The tool will open and start scanning your system.
3. Please be patient as this can take a while to complete depending on your system's specifications.
4. On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
5. Close the text file and reboot your machine.
6. Post the contents of JRT.txt into your next message.

 

Step#2 - Malwarebytes Scan

  • Download Malwarebytes to your desktop from here.
  • Right-click on the file that is downloaded to your desktop and select Run as administrator.
  • Select the appropriate language and click OK.
  • Click Next.
  • Select "I accept the agreement" and click Next.
  • Click Next
  • Change the install path if desired. Normally you will keep this as is. Click Next.
  • Click Next again.
  • Click Next again.
  • Click Install.
  • Uncheck "Enable free trial of Malwarebytes Anti-Malware Premium".
  • Click Finish
  • If an update is found you will be prompted to download and install. Go ahead.
  • Click the Settings button and then the Detection and Protection tab. Then check the box to Scan for rootkits. as shown below.
  • RootKitCheckBox.JPG
     
  • Click the Scan button at the top of the form and then click Scan Now.
    2.JPG
  • If anything is detected, there will be an Apply Actions button. Please click this.
  • Once the scan completes click the View detailed log link.
    3.JPG
  • Then click the Copy to clipboard button and paste into your next post.
    4.JPG

 

 

Step#3 - ESET Online Scanner and Post Results
Before running this scan, please temporarily disable your antivirus software to avoid conflicts. You can re-enable once it's done. Instructions for doing this on many AVs are here. This scan can take hours to run but is necessary to ensure we don't miss anything. Plan accordingly.

 

  • Please go here and click on 1.JPG
  • Note: This site is optimized for Internet Explorer. Please use it for this scan. If you wish to use Firefox or Chrome you will be asked to download the ESET Smart Installer first (esetsmartinstaller_enu.exe). Go ahead and download and run this file.
  • Please accept the ESET Online Scanner EULA and click Start.
  • If prompted, allow the Add-On/Active X to install. If you have problems with this step please see this link.
  • Make sure Enable detection of potentially unwanted applications is selected.
  • Click the Advanced Settings link.
  • Make sure Remove found threats is NOT checked.
  • Make sure Scan archives IS checked.
  • Make sure Scan for potentially unsafe applications IS checked.
  • Make sure Enable Anti-Stealth technology IS checked
  • 2.JPG
     
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed, if anything was detected please click the List of found threats link.
  • ThreatsFound.JPG
     
  • Then click the Copy to Clipboard link and paste this information into your next reply.
  • CopyToClipboard.JPG

     

     

  • Then you may click the Back button.
  • Check Uninstall Application on Close before clicking finish.

 

Step#4 - Fresh Set of Logs
1. Right click on FRST64.exe and select Run as administrator. When the tool opens click Yes to disclaimer.
2. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running.
3. Press Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
5. Please copy and paste log back here.
6. Because you selected the Addition.txt check box this log will be created as well. Please copy and paste this log as well.
 
 
 
Items for your next post

1. Junkware log

2. Malwarebytes log

3. ESET log
4. FRST and Addition logs 
 

 

 

 



#6 gtu1234

gtu1234
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:54 PM

Posted 02 March 2015 - 08:52 PM

JRT Log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 7 Home Premium x64
Ran by ‘’„Ž‘ on ƒ¬ 02/03/2015 at 18:49:26,08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{0B465EE5-7EF1-464F-9F5B-3A4B71C9C327}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{0CC919FA-082D-450A-AA25-BBEBBA9DC5BF}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{122ED6D5-0E9F-4352-97E7-0A52E673DF67}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{14A85B08-79E8-4302-9A83-EC1A12F2E11B}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{14DA346B-7C90-4245-9700-0D3261F7D4B6}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{14DE3CF0-453E-4D3D-AA39-D3121BA160D7}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{1CDB02DC-5391-44E4-8375-65F36E1C8BBE}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{2146E889-B8B4-4D61-8804-27D223FB6843}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{2163F14E-8A60-49B7-A811-1B9C769EF5CE}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{221F14B7-D95C-4AB8-8A2C-70F13F748D85}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{2527100B-EEFD-47A3-8D8D-422590A8BD94}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{2DA71076-E92A-4A33-A7E1-F18D2533A6C1}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{2DA8E689-188E-426D-8DA3-0BBCCE00FA57}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{2E51C5DA-22BD-45D5-97B0-E8EDB4732206}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{2F85F38F-A699-4138-BCC3-0C735DADB51D}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{32986D49-0174-4657-B355-41E7AEF98681}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{3A9D7588-E849-46FA-95CE-83751D8EF70D}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{3B7A3254-78A4-432F-8135-B467AAAB247F}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{3D5D72A0-2A89-4CD4-9F64-DED573C92F82}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{3FFD53E8-A1A2-48FD-9770-295099C7DC1A}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{41C7F6E0-68D5-4E06-878C-E7E93E6A0C09}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{4322835E-9CB2-4914-A01A-7510CDE17F5C}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{437955AF-EF61-4DB9-A601-ED654CFB7FC7}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{4415F772-3618-48BA-B5F0-9D004AE1F387}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{45DF43E0-3E4B-4BAF-A565-B18286B49AC0}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{48BB526A-5374-4FF1-A209-B679EB119657}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{495AF5EE-F58D-41A4-AE38-01167AECAD11}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{4984CB17-DC9E-4DEF-B73D-E1D5B11352AE}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{4A8DF84F-4967-4E22-84A9-723B9B147180}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{4BC6FAF2-6BE7-4E66-B7EF-63C4954BA08C}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{4DAB853C-B91D-459C-B7A8-A23119748ECB}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{4FA8BFA5-CDA4-4F7E-B1D9-F80CCE775306}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{51BE1AA1-693A-4899-9D83-41DED16FBCE7}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{53257356-0C3B-4BF3-8F2C-F5C62DC4D14D}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{54C743C1-BC1B-496F-AD7D-626118057BC2}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{588C967C-5133-4481-8D99-EDDEF37CE284}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{5DEB9DF1-74A9-4231-AEFF-4456E97302E8}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{624700E2-D54B-4E99-938E-CAEACED9149F}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{68F342FD-4251-446C-BD64-9B83EDC8357D}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{69EC7DB4-BE4C-4738-9A63-B90A69CD3101}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{6C838D03-7F1C-4902-8853-FCA08C1AEC71}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{6E26DB63-7F72-4682-8194-2CC37FC0972B}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{6F6FBA1F-A5F7-43CC-BAEB-B2106A6FB8BC}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{73E5C267-AC27-4D06-8C3D-8B729BCFF290}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{790C35CD-2DF8-4DB4-A77F-77A4BE14B9A7}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{7A2DA316-9D5F-4481-BABF-578C3E032372}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{7EB95268-CEF1-41B5-B4EE-7F773CAAF6F1}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{857E004D-E4C4-42BD-AD51-078A74AF4C5B}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{8DE8A4FC-7394-41BC-9AD0-299B341D658F}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{9283616B-F2BE-457D-9F47-071A6AD478A2}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{9457AB38-2801-482C-BCCD-7E776B96B53B}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{95B429EB-057E-4C15-850F-29AAEA4B39A6}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{967FF12D-2B89-4E54-8AEC-3C202850D146}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{9693B86B-6A32-4418-8EFF-AEF325692069}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{9B5CDD2A-6069-48A9-8A2E-C36ED33BF93E}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{9F1D0C27-0E93-47D6-AA0C-E4B1F16925F4}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{A44BA04D-3CE5-4296-8679-4A0F0826BB66}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{A82D3D9B-03BC-46BB-BA04-235F6207A64D}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{A9B89284-4C99-42C1-96AE-6F481AE7F385}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{AF1E9770-5D96-4AF4-8E67-CA3E2F88279D}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{B3B12BE4-481F-4637-8680-73FED55F9D45}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{B51791CD-A4BC-4873-B701-E3BDFFAB66E8}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{B65384D2-3BE5-41CB-B7A3-EFE56997EACC}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{BF34B808-6CC0-44DF-A3B7-64951045D437}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{BFCC5383-A9F7-4D01-BD53-CA1B89D092D1}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{C23587AC-BA16-481E-8BB9-1D9FA138CD71}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{C3B82E12-0745-4D61-8653-B9FE018CC85E}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{C4198B50-84DC-40F3-A744-4C51A0F51F4D}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{C50DCD1C-344E-4F78-B50A-D25D4E306BF0}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{CC67FEC4-17E8-4204-A53E-6D5375F824A1}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{CE4A77D6-113F-4183-BAA9-42C82E0CFAEF}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{D0146458-43F8-4B2C-BCC4-970E1619F3FA}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{D1A22211-0951-44CD-A145-B3D9A16197A9}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{DA7AA34B-41AC-4C71-81E9-FE4CB93794C8}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{DCDCEA49-64E6-4572-858A-1AEC531DA58A}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{E2AC8D27-F135-4555-91E2-5E40326303B9}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{E34113EF-99BD-4A75-BE5D-A534A9BB2412}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{F04C2F70-C786-443A-8045-D6FBE9B1B20D}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{F2C69138-FA0D-4EFC-B2BC-61F676B0580F}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{F4108032-FFBC-48FD-906D-86713AB50AFB}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{F49666F7-9BD4-4919-B290-7AECAB41D4AB}
Successfully deleted: [Empty Folder] C:\Users\‘’„Ž‘\appdata\local\{FB761DEF-562A-4F39-B01D-4B5AB3DBCD6F}



~~~ FireFox

Successfully deleted the following from C:\Users\‘’„Ž‘\AppData\Roaming\mozilla\firefox\profiles\dmsp5npa.default\prefs.js

user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.cookie.testingGaq.value", "%22hxxp%3A//extclickmedia-maynemyltf.netdna-ssl.com/Exten
user_pref("extensions.aEWBNO58637124CLP39222015com63313.63313.internaldb.Resources_resource_798518.value", "%22try%7B%5Cr%5Cn%5Ct%5Cr%5Cnif%28document.location.href.indexOf%28
user_pref("extensions.aEWBNO58637124CLP39222015com63313.63313.internaldb.Resources_resource_798523.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYA
user_pref("extensions.aEWBNO58637124CLP39222015com63313.63313.internaldb.Resources_resource_798524.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYA
user_pref("extensions.aEWBNO58637124CLP39222015com63313.63313.internaldb.Resources_resource_798525.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAACIAAAAeCAIA
user_pref("extensions.aEWBNO58637124CLP39222015com63313.63313.internaldb.Resources_resource_798527.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAAGAAAAAeCAIA
user_pref("extensions.aEWBNO58637124CLP39222015com63313.63313.name", "TheGoPhoto.its V10 1.1");
Emptied folder: C:\Users\‘’„Ž‘\AppData\Roaming\mozilla\firefox\profiles\dmsp5npa.default\minidumps [148 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ƒ¬ 02/03/2015 at 18:55:08,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

MalwereBytes Log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2/3/2015
Scan Time: 7:09:28 μμ
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.03.02.05
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: I£I¤I?I?I?II£

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 398204
Time Elapsed: 22 min, 37 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

Eset Online Scanner Log:

C:\AdwCleaner\Quarantine\C\Program Files (x86)\STab\BrowerWatchCH.dll.vir    Win32/ELEX.BM potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\STab\BrowerWatchFF.dll.vir    Win32/ELEX.BM potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\STab\BrowserAction.dll.vir    Win32/ELEX.BM potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\STab\IeWatchDog.dll.vir    Win32/ELEX.BM potentially unwanted application
C:\Program Files\Adware-Removal-Tool\ARTP3.exe    MSIL/FakeTool.PS trojan
C:\Program Files (x86)\Cheat Engine 6.1\cheatengine-i386.exe    a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application
C:\Program Files (x86)\Codemasters\DiRT 3\paul.dll    Win32/HackTool.Crack.O potentially unsafe application
C:\Program Files (x86)\Codemasters\DiRT 3\SKIDROW.dll    Win32/HackTool.Crack.O potentially unsafe application
C:\Program Files (x86)\CPUID\PC Wizard 2013\systweakasp_c.exe    MSIL/AdvancedSystemProtector.D potentially unwanted application
C:\Program Files (x86)\ELTIMA Software\EXE Password Protector\EXE Password Protector.exe    a variant of Win32/Packed.ExePP.A potentially unwanted application
C:\Program Files (x86)\softendo.com\Mario Forever 5.01\Data\Mario Forever.exe    a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\Program Files (x86)\Zuxxez\Battle vs. Chess\SKIDROW.dll    a variant of Win32/Packed.VMProtect.AAA trojan
C:\ProgramData\Adobe\AIH.9026582bc26d54a923f03a701848b894d3a0109d\GTB.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\All Users\Adobe\AIH.9026582bc26d54a923f03a701848b894d3a0109d\GTB.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\OOAEEIO\AppData\Roaming\AIXOI    JS/Toolbar.Crossrider.C potentially unwanted application
C:\Users\OOAEEIO\AppData\Roaming\MSVL    JS/Toolbar.Crossrider.C potentially unwanted application
C:\Users\OOAEEIO\AppData\Roaming\NGTF    JS/Toolbar.Crossrider.C potentially unwanted application
C:\Users\OOAEEIO\AppData\Roaming\VEWL    JS/Toolbar.Crossrider.C potentially unwanted application
C:\Users\OOAEEIO\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\130710170058077.rsc    multiple threats
C:\Users\OOAEEIO\Downloads\kalokairaki.rar    VBS/TrojanDownloader.Agent.NJV trojan
C:\Users\OOAEEIO\Downloads\spsetup126.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application
 

 

FRST Log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-02-2015
Ran by ΣΤΕΛΙΟΣ (administrator) on STELIOS-LAPTOP on 03-03-2015 03:41:00
Running from C:\Users\ΣΤΕΛΙΟΣ\Desktop
Loaded Profiles: ΣΤΕΛΙΟΣ (Available profiles: ΣΤΕΛΙΟΣ)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Ελληνικά (Ελλάδας)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Program Files (x86)\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
( ) C:\Windows\System32\lxebcoms.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2847016 2014-10-06] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-10-06] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-12-16] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Winsuite2012] => "C:\Program Files (x86)\Spotmau\PowerSuite Golden Edition\Winsuite 2012\Spotmau_WinSuite_TrayIcon.exe"
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Run: [Google Update] => C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-09-26] (Google Inc.)
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6161176 2014-02-20] (Piriform Ltd)
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [6161176 2014-02-20] (Piriform Ltd)
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd)
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Policies\system: [WallpaperStyle] 2
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2014-06-18] (Microsoft Corporation)
HKU\S-1-5-18\...\Policies\system: [WallpaperStyle] 2
Startup: C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Απόσπασμα οθόνης και Εκκίνηση για το OneNote 2007.lnk
ShortcutTarget: Απόσπασμα οθόνης και Εκκίνηση για το OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Βοηθός εισόδου στο λογαριασμό Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: iSkysoft Video Converter Ultimate -> {C7C3BC26-4F2B-4997-A3CB-163337FE975B} -> C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRIEPlugin.dll (iSkysoft Software Co., Ltd.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
DPF: HKLM-x32 {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
DPF: HKLM-x32 {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-09-19] (EasyBits Software Corp.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Mozilla\Firefox\Profiles\dmsp5npa.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\9\NP_wtapp.dll No File
FF Plugin HKU\S-1-5-21-3607668558-2623760651-2539539302-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3607668558-2623760651-2539539302-1000: @tools.google.com/Google Update;version=3 -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3607668558-2623760651-2539539302-1000: @tools.google.com/Google Update;version=9 -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: DownloadHelper - C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Mozilla\Firefox\Profiles\dmsp5npa.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-05]
FF Extension: Adblock Plus - C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Mozilla\Firefox\Profiles\dmsp5npa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-04-13]
FF Extension: Greasemonkey - C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Mozilla\Firefox\Profiles\dmsp5npa.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-10-04]
FF HKLM-x32\...\Firefox\Extensions: [avg@igeared] - C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\IDM\idmmzcc5 [2014-04-04]
FF HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Firefox\Extensions: [{31C8B8A4-6712-4A47-B378-2BE78B8EE9E1}] - C:\Program Files (x86)\Bigasoft\Video Downloader Pro\extensions\3.1.1.5128\BVDFirefoxExt
FF Extension: Bigasoft Video Downloader Firefox Extension - C:\Program Files (x86)\Bigasoft\Video Downloader Pro\extensions\3.1.1.5128\BVDFirefoxExt [2014-01-27]
FF HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\IDM\idmmzcc5
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\Application\40.0.2214.115\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll No File
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Java™ Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Google Update) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (iSkysoft Video Converter Ultimate) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlfeafapmnniobpffacckpddijdjgpmj [2013-12-19]
CHR Extension: (IDM Integration Module) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2013-08-30]
CHR Extension: (Bigasoft Video Downloader Pro) - C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnkpjikgipojkofgjjkfgdhfanggcdm [2013-10-15]
CHR HKLM-x32\...\Chrome\Extension: [hlfeafapmnniobpffacckpddijdjgpmj] - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRChromePlugin.crx [2013-12-18]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-04-03]
CHR HKLM-x32\...\Chrome\Extension: [jpnkpjikgipojkofgjjkfgdhfanggcdm] - C:\Program Files (x86)\Bigasoft\Video Downloader Pro\extensions\3.1.1.5128\BVDChromeExt.crx [2014-01-27]
StartMenuInternet: Google Chrome - Chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1417160 2014-12-16] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
U2 CareMon; C:\Program Files (x86)\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe [146792 2011-11-15] ()
S4 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [89864 2013-03-04] (CyberLink Corp.)
S4 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-03-04] (CyberLink)
S4 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-03-04] (CyberLink)
R2 ezGOSvc; C:\Windows\SysWOW64\ezGOSvc.dll [80256 2011-08-11] ()
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
R2 lxeb_device; C:\Windows\system32\lxebcoms.exe [1052328 2010-04-14] ( )
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed]
S4 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed]
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2012-05-10] ()
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [333824 2014-10-06] (IDT, Inc.) [File not signed]
S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [502592 2014-04-01] (RealVNC Ltd)
S3 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-10-20] (AVG Technologies CZ, s.r.o.)
U3 axdgrksx; No ImagePath
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [23944 2010-04-06] (IVT Corporation.)
S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [30088 2010-04-06] ()
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-26] (CyberLink)
S2 hwpsgt; C:\Windows\SysWOW64\DRIVERS\hwpsgt.sys [137344 2011-01-25] () [File not signed]
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-12-08] (Intel Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE                      )
S3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [27016 2010-04-06] (IVT Corporation.)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [25688 2014-12-08] (JMicron Technology Corp.)
S2 lemsgt; C:\Windows\SysWOW64\DRIVERS\lemsgt.sys [9472 2011-01-25] () [File not signed]
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-09-10] (Cyberlink Corp.)
S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [116264 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [19496 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [158760 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [34856 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [135208 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [151592 2009-05-25] (MCCI Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-12-08] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-03-19] (Duplex Secure Ltd.)
R2 supersafer64; C:\Windows\SysWOW64\drivers\supersafer64.sys [238072 2011-11-15] (Spotmau)
S3 TridVid; C:\Windows\System32\DRIVERS\tridvid6010.sys [404352 2010-07-13] (10Moons Technologies Co.,Ltd) [File not signed]
S3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [95232 2010-11-20] (Microsoft Corporation) [File not signed]
S3 vpcuxd; C:\Windows\system32\DRIVERS\vpcuxd.sys [16384 2009-09-23] (Microsoft Corporation) [File not signed]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-09-09] (CyberLink Corp.)
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [130320 2013-03-04] (CyberLink Corp.)
U3 al90cviq; C:\Windows\System32\Drivers\al90cviq.sys [0 ] (Silicon Integrated Systems) <==== ATTENTION (zero size file/folder)
S1 ArcSec; system32\drivers\ArcSec.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
S3 BTCOMBUS; System32\Drivers\btcombus.sys [X]
S3 CEDRIVER55; \??\C:\Program Files (x86)\Cheat Engine\dbk64.sys [X]
U4 eabfiltr; No ImagePath
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

NETSVC: ezGOSvc -> C:\Windows\SysWOW64\ezGOSvc.dll ()

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-03 03:41 - 2015-03-03 03:41 - 00026870 _____ () C:\Users\ΣΤΕΛΙΟΣ\Desktop\FRST.txt
2015-03-02 23:42 - 2015-03-02 23:42 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-03-02 23:41 - 2015-03-02 23:41 - 02347384 _____ (ESET) C:\Users\ΣΤΕΛΙΟΣ\Downloads\esetsmartinstaller_enu.exe
2015-03-02 19:04 - 2015-03-02 19:05 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ΣΤΕΛΙΟΣ\Desktop\mbam-setup-2.0.4.1028.exe
2015-03-02 18:55 - 2015-03-02 18:55 - 00010982 _____ () C:\Users\ΣΤΕΛΙΟΣ\Desktop\JRT.txt
2015-03-02 18:46 - 2015-03-02 18:46 - 01388333 _____ (Thisisu) C:\Users\ΣΤΕΛΙΟΣ\Desktop\JRT.exe
2015-03-02 00:59 - 2015-03-02 00:59 - 00008939 _____ () C:\Users\ΣΤΕΛΙΟΣ\Desktop\AdwCleaner[S0].txt
2015-03-02 00:41 - 2015-03-02 00:49 - 00000000 ____D () C:\AdwCleaner
2015-03-02 00:40 - 2015-03-02 00:40 - 02126848 _____ () C:\Users\ΣΤΕΛΙΟΣ\Desktop\AdwCleaner.exe
2015-03-02 00:27 - 2015-03-02 00:28 - 02092544 _____ (Farbar) C:\Users\ΣΤΕΛΙΟΣ\Desktop\FRST64.exe
2015-03-02 00:06 - 2015-03-02 00:06 - 00984576 _____ () C:\Users\ΣΤΕΛΙΟΣ\Desktop\MicrosoftFixit50907.msi
2015-03-01 23:38 - 2015-03-01 23:38 - 00000000 ____D () C:\Users\ΣΤΕΛΙΟΣ\Desktop\Νέος φάκελος (2)
2015-02-28 18:58 - 2015-03-03 03:41 - 00000000 ____D () C:\FRST
2015-02-28 18:58 - 2015-02-28 19:03 - 00000000 ____D () C:\Users\ΣΤΕΛΙΟΣ\Desktop\Νέος φάκελος
2015-02-26 23:38 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-26 23:38 - 2015-01-09 01:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-21 12:54 - 2015-02-21 12:54 - 00000000 ____D () C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Steam
2015-02-19 17:22 - 2015-02-19 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-02-19 17:22 - 2015-02-19 17:22 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-02-18 22:16 - 2015-01-23 06:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-18 22:16 - 2015-01-23 06:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-18 22:16 - 2015-01-23 05:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-18 22:16 - 2015-01-23 05:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-17 17:54 - 2015-01-14 07:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-17 17:54 - 2015-01-14 07:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-17 17:54 - 2015-01-12 05:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-17 17:54 - 2015-01-12 05:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-17 17:54 - 2015-01-12 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-17 17:54 - 2015-01-12 04:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-17 17:54 - 2015-01-12 04:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-17 17:54 - 2015-01-12 04:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-17 17:54 - 2015-01-12 04:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-17 17:54 - 2015-01-12 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-17 17:54 - 2015-01-12 04:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-17 17:54 - 2015-01-12 04:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-17 17:54 - 2015-01-12 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-17 17:54 - 2015-01-12 04:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-17 17:54 - 2015-01-12 04:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-17 17:54 - 2015-01-12 04:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-17 17:54 - 2015-01-12 04:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-17 17:54 - 2015-01-12 04:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-17 17:54 - 2015-01-12 04:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-17 17:54 - 2015-01-12 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-17 17:54 - 2015-01-12 04:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-17 17:54 - 2015-01-12 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-17 17:54 - 2015-01-12 04:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-17 17:54 - 2015-01-12 04:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-17 17:54 - 2015-01-12 04:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-17 17:54 - 2015-01-12 04:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-17 17:54 - 2015-01-12 04:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-17 17:54 - 2015-01-12 04:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-17 17:54 - 2015-01-12 04:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-17 17:54 - 2015-01-12 03:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-17 17:54 - 2015-01-12 03:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-17 17:54 - 2015-01-12 03:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-17 17:54 - 2015-01-12 03:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-17 17:54 - 2015-01-12 03:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-17 17:54 - 2015-01-12 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-17 17:54 - 2015-01-12 03:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-17 17:54 - 2015-01-12 03:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-17 17:54 - 2015-01-12 03:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-17 17:54 - 2015-01-12 03:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-17 17:54 - 2015-01-12 03:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-17 17:54 - 2015-01-12 03:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-17 17:54 - 2015-01-12 03:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-17 17:54 - 2015-01-12 03:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-17 17:54 - 2015-01-12 03:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-17 17:54 - 2015-01-12 03:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-17 17:54 - 2015-01-12 03:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-17 17:54 - 2015-01-12 03:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-17 17:54 - 2015-01-12 03:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-17 17:54 - 2015-01-12 03:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-17 17:54 - 2015-01-12 03:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-17 17:54 - 2015-01-12 02:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-17 17:54 - 2015-01-12 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-17 17:12 - 2015-02-04 05:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-17 17:12 - 2015-02-04 05:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-17 17:12 - 2015-02-04 05:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-17 17:12 - 2015-02-04 05:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-17 17:12 - 2015-02-04 05:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-17 17:12 - 2015-02-04 05:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-17 17:12 - 2015-02-04 05:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-17 17:12 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-17 17:11 - 2015-01-10 08:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-17 17:11 - 2015-01-10 08:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-17 17:11 - 2015-01-10 08:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-17 17:11 - 2015-01-10 08:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-17 17:11 - 2015-01-10 08:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-17 17:11 - 2015-01-10 08:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-17 17:11 - 2015-01-10 08:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-17 17:11 - 2015-01-10 08:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-17 17:11 - 2015-01-10 08:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-17 17:11 - 2015-01-10 08:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-17 17:11 - 2015-01-10 08:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-17 17:11 - 2015-01-10 08:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-17 17:11 - 2015-01-10 08:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-17 17:11 - 2015-01-10 08:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-17 17:08 - 2015-01-13 05:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-17 17:08 - 2015-01-13 04:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-17 17:07 - 2015-01-15 10:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-17 17:07 - 2015-01-15 10:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-17 17:07 - 2015-01-15 10:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-17 17:07 - 2015-01-15 10:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-17 17:07 - 2015-01-15 10:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-17 17:07 - 2015-01-15 10:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-17 17:07 - 2015-01-15 10:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-17 17:07 - 2015-01-15 10:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-17 17:07 - 2015-01-15 10:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-17 17:07 - 2015-01-15 10:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-17 17:07 - 2015-01-15 10:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-17 17:07 - 2015-01-15 09:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-17 17:07 - 2015-01-15 09:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-17 17:07 - 2015-01-15 09:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-17 17:07 - 2015-01-15 09:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-17 17:07 - 2015-01-15 09:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-17 17:07 - 2015-01-15 09:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-17 17:07 - 2015-01-15 06:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-17 17:06 - 2014-12-12 07:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-17 17:06 - 2014-12-12 07:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-17 17:06 - 2014-11-26 05:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-17 17:06 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-17 17:06 - 2014-10-04 04:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-17 17:06 - 2014-10-04 03:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-17 17:06 - 2014-10-04 03:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-17 17:06 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-17 17:06 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-17 17:06 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-17 17:06 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-17 17:05 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-17 17:05 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-17 17:04 - 2015-01-14 08:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-17 17:04 - 2015-01-14 08:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-17 17:04 - 2015-01-14 08:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-17 17:04 - 2015-01-14 08:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-17 17:04 - 2015-01-14 07:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-17 17:04 - 2015-01-14 07:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-17 17:04 - 2015-01-14 07:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-17 17:03 - 2015-01-09 04:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-07 19:38 - 2015-02-07 19:38 - 00000927 _____ () C:\Users\Public\Desktop\Steam.lnk
2015-02-07 19:38 - 2015-02-07 19:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-07 19:37 - 2015-02-07 19:37 - 01142128 _____ () C:\Users\ΣΤΕΛΙΟΣ\Desktop\SteamSetup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-03 03:38 - 2014-11-23 14:39 - 01252519 _____ () C:\Windows\WindowsUpdate.log
2015-03-03 03:34 - 2012-12-31 20:27 - 00001184 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-03 03:09 - 2013-03-11 18:04 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000UA.job
2015-03-03 03:06 - 2013-03-25 22:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-03 02:51 - 2012-02-07 18:07 - 00001202 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000UA.job
2015-03-02 22:05 - 2010-12-24 19:49 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-02 19:45 - 2011-03-07 17:43 - 00000000 ____D () C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Skype
2015-03-02 19:09 - 2015-01-21 18:38 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-02 19:07 - 2009-07-14 06:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-02 19:07 - 2009-07-14 06:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-02 19:06 - 2015-01-21 18:38 - 00001082 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-02 19:06 - 2015-01-21 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-02 19:06 - 2015-01-21 18:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-02 19:04 - 2014-04-22 13:26 - 00000000 ____D () C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\LogMeIn Hamachi
2015-03-02 19:04 - 2010-03-01 17:58 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-02 18:58 - 2012-12-31 20:27 - 00001180 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-02 18:58 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-02 18:19 - 2013-03-11 18:04 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000Core.job
2015-03-02 17:51 - 2012-02-07 18:07 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000Core.job
2015-03-02 00:21 - 2012-09-13 02:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-28 19:31 - 2015-01-21 18:36 - 00000660 _____ () C:\Users\ΣΤΕΛΙΟΣ\Desktop\TuneUp360 Restore Center.lnk
2015-02-28 18:56 - 2011-03-01 13:17 - 02954240 ___SH () C:\Users\ΣΤΕΛΙΟΣ\Downloads\Thumbs.db
2015-02-19 20:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-02-18 16:51 - 2009-07-14 06:45 - 00384888 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-18 16:47 - 2014-12-10 17:58 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-18 16:47 - 2014-05-06 11:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-18 00:06 - 2010-02-02 04:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-18 00:04 - 2013-07-11 23:22 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-17 23:56 - 2010-02-12 22:01 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-16 18:40 - 2013-11-21 23:32 - 00000000 ___RD () C:\Users\Public\Κοινόχρηστη μουσική
2015-02-16 17:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-16 16:20 - 2014-04-22 13:24 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-02-06 19:45 - 2010-04-19 16:34 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-02-05 17:46 - 2012-02-07 18:07 - 00004176 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000UA
2015-02-05 17:46 - 2012-02-07 18:07 - 00003780 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000Core
2015-02-05 17:29 - 2012-12-31 20:27 - 00004180 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 17:29 - 2012-12-31 20:27 - 00003928 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-05 16:52 - 2009-09-20 04:37 - 00607322 _____ () C:\Windows\system32\perfh008.dat
2015-02-05 16:52 - 2009-09-20 04:37 - 00111486 _____ () C:\Windows\system32\perfc008.dat
2015-02-05 16:52 - 2009-07-14 07:13 - 01490280 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-04 22:06 - 2013-03-25 22:47 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-04 22:06 - 2013-03-25 22:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 22:06 - 2013-03-25 22:47 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

==================== Files in the root of some directories =======

2013-06-26 18:39 - 2014-06-22 20:12 - 0003728 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\AIXOI
2011-01-13 11:09 - 2011-02-17 12:39 - 0001854 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\GhostObjGAFix.xml
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\MSVL
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\NGTF
2011-09-17 14:05 - 2011-02-11 17:08 - 0000000 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\SuperSafer.cfg
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\VEWL
2010-02-16 21:03 - 2010-10-21 17:00 - 0000096 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\wklnhst.dat
2010-02-02 05:00 - 2010-02-02 05:00 - 0000000 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\AtStart.txt
2011-08-05 20:40 - 2013-09-29 21:15 - 0006144 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-02-02 05:00 - 2010-02-02 05:00 - 0000000 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\DSwitch.txt
2010-02-02 05:00 - 2010-02-02 05:00 - 0000000 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\QSwitch.txt
2010-02-20 18:53 - 2012-04-17 16:43 - 0007597 _____ () C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Resmon.ResmonCfg
2013-12-24 16:12 - 2014-01-02 11:46 - 0000810 _____ () C:\ProgramData\Coinstaller.log
2010-08-26 16:47 - 2010-10-04 21:53 - 0000088 __RSH () C:\ProgramData\E3FFC2124D.sys
2010-08-18 13:23 - 2010-08-18 13:23 - 0148736 _____ (Avanquest Software) C:\ProgramData\hpeFFD1.dll
2010-02-02 05:00 - 2011-11-15 18:29 - 0000205 _____ () C:\ProgramData\HPWALog.txt
2010-03-03 13:56 - 2014-07-11 00:02 - 0003766 ___SH () C:\ProgramData\KGyGaAvL.sys
2015-01-14 13:06 - 2015-01-14 13:06 - 0000111 _____ () C:\ProgramData\lxeb.log
2013-12-24 16:14 - 2014-11-07 13:43 - 0005144 _____ () C:\ProgramData\lxebJSW.log
2013-12-24 16:09 - 2014-11-07 13:39 - 0002714 _____ () C:\ProgramData\lxebscan.log
2010-12-24 19:43 - 2010-12-24 19:43 - 0000000 _____ () C:\ProgramData\N360BUOptions.ini
2010-08-17 17:04 - 2010-08-17 17:04 - 0001264 _____ () C:\ProgramData\ss.ini
2009-11-12 01:29 - 2009-11-12 01:29 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-08-17 17:06 - 2010-08-17 17:06 - 0000033 _____ () C:\ProgramData\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
2009-09-19 18:45 - 2009-09-19 18:45 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-11-12 01:28 - 2009-11-12 01:28 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-09-19 18:40 - 2009-09-19 18:42 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-11-12 01:27 - 2009-11-12 01:27 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2009-11-12 01:29 - 2009-11-12 01:29 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-09-19 18:40 - 2009-09-19 18:40 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-09-19 18:42 - 2009-09-19 18:45 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2009-11-12 01:29 - 2009-11-12 01:29 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Files to move or delete:
====================
C:\ProgramData\hpeFFD1.dll
C:\Users\ΣΤΕΛΙΟΣ\microsoft.dat


Some content of TEMP:
====================
C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Temp\Quarantine.exe
C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-23 17:13

==================== End Of Log ============================

 

Addition Log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-02-2015
Ran by ΣΤΕΛΙΟΣ at 2015-03-03 03:42:11
Running from C:\Users\ΣΤΕΛΙΟΣ\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Internet Security 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{5CEBB0CE-1783-40C2-A7E1-02EE705820F0}) (Version: 1.0 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{1ce01891-839b-4ad1-b629-2e608ba0c6ba}) (Version: 1.0 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X - Greek (HKLM-x32\...\{AC76BA86-7AD7-1032-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Mythology Gold (HKLM-x32\...\Age of Mythology Expansion Pack 1.0) (Version: 1.0 - Microsoft)
Angry Birds (HKLM-x32\...\{CE5E289C-444C-4A8B-8B16-AFE8957CF2E0}) (Version: 4.0.0 - Rovio Entertainment Ltd.)
Angry Birds (HKLM-x32\...\{DE96EDE7-7D0A-49D7-9C11-121BA91F84E0}) (Version: 3.3.0 - Rovio Entertainment Ltd.)
Angry Birds Rio (HKLM-x32\...\{FCC3936A-E05F-4C95-A226-1A6F70EE9E84}) (Version: 1.8.0 - Rovio Entertainment Ltd.)
Angry Birds Seasons (HKLM-x32\...\{4D47CD54-DE0A-485E-AFA7-3C5C7253DE64}) (Version: 4.0.1 - Rovio Entertainment Ltd.)
Angry Birds Space (HKLM-x32\...\{C9C763DF-F912-457F-A8BF-88E043BC45FE}) (Version: 1.6.0 - Rovio Entertainment Ltd.)
Angry Birds Star Wars (HKLM-x32\...\{4D55824D-389E-4A01-B097-D7562C0D7A95}) (Version: 1.5.0 - Rovio Entertainment Ltd.)
Angry Birds Star Wars II (HKLM-x32\...\{C4887610-6DE9-4538-A6CD-2B44673FE133}) (Version: 1.0.1 - Rovio Entertainment Ltd.)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}) (Version: 3.5.7.282 - ArcSoft)
AVG 2012 (Version: 12.0.2433 - AVG Technologies) Hidden
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4800 - AVG Technologies)
AVG 2014 (Version: 14.0.4257 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4800 - AVG Technologies) Hidden
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Bad Piggies (HKLM-x32\...\{6A062CC2-747A-455F-9892-5CF7F86EA451}) (Version: 1.5.1 - Rovio Entertainment Ltd.)
Battle vs. Chess (HKLM-x32\...\Battle vs. Chess_is1) (Version: 1.0 - Zuxxez Entertainment)
Bejeweled 2 Deluxe 1.0 (HKLM-x32\...\Bejeweled 2 Deluxe 1.0) (Version:  - )
Bejeweled 3 (HKLM-x32\...\Bejeweled 3) (Version:  - PopCap Games)
Bejeweled Blitz (HKLM-x32\...\Bejeweled Blitz) (Version:  - PopCap Games)
Bejeweled Twist 1.0 (HKLM-x32\...\Bejeweled Twist 1.0) (Version: 1.0 - PopCap Games)
Bigasoft Video Downloader Pro 3.1.1.5128 (HKLM-x32\...\{C7056BA6-D954-42A2-ABBA-AB2E8E777730}_is1) (Version:  - Bigasoft Corporation)
Billard Kings 2 (HKLM-x32\...\{5E8C69AD-9C19-4AC9-8FA0-262B84E16C40}) (Version: 1.0 - )
BlazeVideo HDTV Player Professional 6.6.0.3 (HKLM-x32\...\BlazeVideo HDTV Player Professional 6.6.0.3_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
Cheat Engine 6.1 (HKLM-x32\...\Cheat Engine 6.1_is1) (Version:  - Dark Byte)
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.50.0001 - Corel Corporation)
Corel VideoStudio 12 (HKLM-x32\...\InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}) (Version: 12.0.0.0000 - Corel Corporation)
CPUID CPU-Z 1.67.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd)
DDD Pool 1.2 (HKLM-x32\...\DDD Pool) (Version: 1.2 - Paprikari)
DiRT 3 (HKLM-x32\...\GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}) (Version: 1.0.0000.130 - Codemasters)
DiRT 3 (x32 Version: 1.0.0000.130 - Codemasters) Hidden
DiRT 3 (x32 Version: 1.0.0001.130 - Codemasters) Hidden
Driver Install 64bit (HKLM-x32\...\InstallShield_{D8D3D526-406C-4DDD-85F1-F0A2F29D1E7E}) (Version: 1.00.0000 - Your Company Name)
Driver Install 64bit (x32 Version: 1.00.0000 - Your Company Name) Hidden
DX-Ball 1.09 (HKLM-x32\...\DX-Ball 1.09) (Version:  - )
DX-Ball 2 ModPack (HKLM-x32\...\DX-Ball 2 ModPack) (Version:  - )
DX-Ball 2 v1.2 (HKLM-x32\...\DX-Ball 2 v1.2) (Version:  - )
EasyBits GO (HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Game Organizer) (Version:  - EasyBits Media)
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
eXe -- eLearning XHTML editor (HKLM-x32\...\exe) (Version:  - eXe Project)
EXE Password Protector 1.1.6.214 (HKLM-x32\...\EXE Password Protector_is1) (Version:  - ELTIMA Software)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FLAC Frontend (HKLM-x32\...\{315E5E8B-0560-413A-B604-622A4C8BECBD}) (Version: 2.1.1 - Xiph.org)
GameRanger (HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\GameRanger) (Version:  - GameRanger Technologies)
GIMP 2.6.10 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.10 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Earth (HKLM-x32\...\{A2264E8F-1649-11E3-8BED-B8AC6F98CCE3}) (Version: 7.1.2.2019 - Google)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
HP 3D DriveGuard (HKLM\...\{844EC6B5-8435-47CE-93FA-842BC5EB22C2}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Integrated Module with Bluetooth wireless technology (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3309 - Hewlett-Packard)
HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.0.1916 - Hewlett-Packard)
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.0.30.1 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.1913 - Hewlett-Packard)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.16.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0154 (HKLM-x32\...\{B51605BF-6326-4553-AE96-6D7F1813D5F5}) (Version: 1.01.0001 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{4E432692-A736-4F77-AF77-F9078CF88D31}) (Version: 3.50.11.2 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
iSkysoft Video Converter Ultimate(Build 4.7.0.0) (HKLM-x32\...\iSkysoft Video Converter Ultimate_is1) (Version: 4.7.0.0 - iSkysoft Software)
JDownloader 0.9 (HKLM-x32\...\jdownloader09) (Version: 0.9 - AppWork GmbH)
JDownloader 2.0 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.32.1 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 10.1.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.0 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version:  - EasyBits Software AS)
Malwarebytes Anti-Malware έκδοση 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mario Forever 5.01 (HKLM-x32\...\Mario Forever 5.01) (Version:  - )
Medieval II - Custom Campaign Mod 2 (HKLM-x32\...\0000CustomCampaignMod2_is1) (Version:  - )
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM-x32\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM-x32\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.05.000 - SEGA)
MegaDownloader 0.8 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 0.8 - Andres_age)
Microsoft .NET Framework 4.5.1 (Ελληνικά) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1032) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Age of Empires Gold (HKLM-x32\...\Age of Empires Gold 1.0) (Version:  - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft MPEG-4 VKI Video Codec V1/V2/V3 (HKLM-x32\...\MS-MPEG4) (Version:  - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (Greek) (HKLM-x32\...\{95120000-00AF-0408-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{784B4EE3-E308-4706-B3DC-51029944240B}) (Version: 08.05.0822 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{6A44830E-5F01-435D-A536-E1384FDF977D}) (Version: 1.20.146.0 - Microsoft)
Microsoft Αριθμομηχανή+ (HKLM-x32\...\{7716E562-D830-4916-A0A6-D37CC607C427}) (Version: 1.0.0 - Microsoft)
MilkShape 3D 1.8.4 (HKLM-x32\...\MilkShape 3D 1.8.4) (Version: 1.8.4 - chUmbaLum sOft)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version:  - )
Minecraft1.7.7 (HKLM-x32\...\Minecraft1.7.7) (Version:  - )
Monopoly by Parker Brothers (HKLM-x32\...\Monopoly by Parker Brothers) (Version: 1.0.406.0 - GameHouse, Inc.)
Monopoly City (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118892567}) (Version:  - Oberon Media)
Monopoly Here & Now Edition (HKLM-x32\...\Monopoly Here & Now Edition) (Version: 1.0.18.272 - GameHouse, Inc.)
Mortimer Beckett and the Time Paradox (HKLM-x32\...\Mortimer Beckett and the Time Paradox) (Version: 1.0.1.0 - GameHouse, Inc.)
MotioninJoy ds3 driver version 0.6.0003 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.5.0001 - www.motioninjoy.com)
MotoGP 08 (HKLM-x32\...\{BDA825AD-D60B-4935-9590-B0F1AC2E0D22}) (Version: 1.00.0000 - Capcom)
Mount&Blade (HKLM-x32\...\Mount&Blade) (Version:  - )
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 el) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 el)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Mushroom Age (remove only) (HKLM-x32\...\Mushroom Age) (Version:  - )
Need For Speed Hot Pursuit 2 (HKLM-x32\...\{76F4DD9B-C246-4BE0-00B6-3DE9ABF72299}) (Version:  - )
Need for Speed™ Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Λογισμικό σύστημα PhysX 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
OEM Share Pack (x32 Version: 2.0 - CyberLink Corp.) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenMG Limited Patch 4.7-07-14-05-01 (HKLM-x32\...\OpenMG HotFix4.7-07-13-22-01) (Version:  - )
OpenMG Secure Module 4.7.00 (HKLM-x32\...\InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation)
OpenMG Secure Module 4.7.00 (x32 Version: 4.7.00.12140 - Sony Corporation) Hidden
Pacman (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118392197}) (Version:  - Oberon Media)
PC Wizard 2013.2.12 (HKLM-x32\...\PC Wizard 2013_is1) (Version:  - CPUID)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayStation®Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.06.00741 - Sony Computer Entertainment Inc.)
PlayStation®Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.3.3.12540 - Sony Computer Entertainment Inc.)
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Rapture3D 2.4.9 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
RealityFactory (HKLM-x32\...\RealityFactory) (Version:  - )
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Rise of Nations (HKLM-x32\...\RiseOfNationsExpansion 1.0) (Version: 1.0 - Microsoft)
Rome - Total War - Alexander (HKLM-x32\...\{6C1804BC-094F-431A-BEA5-37A837958029}) (Version: 1.9 - The Creative Assembly)
Rome - Total War - Gold Edition (HKLM-x32\...\{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}) (Version: 1.6 - The Creative Assembly)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Sony Ericsson PC Companion 1.60.13 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 1.60.13 - Sony Ericsson)
Sony Ericsson PC Suite 6.011.00 (HKLM-x32\...\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}) (Version: 6.011.00 - Sony Ericsson)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spider-Man® - Web of Shadows™ 1.1 Patch (x32 Version:  - ) Hidden
Spider-Man™ - Web of Shadows (HKLM-x32\...\InstallShield_{7F7E4FA7-6F32-4DE2-917E-361E034AED7A}) (Version: 1.1 - Activision)
Spider-Man™ - Web of Shadows (x32 Version: 1.0 - Activision) Hidden
Spider-Man™ - Web of Shadows 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
Spotmau PowerSuite Golden 2012 (build 7.0.1) (HKLM-x32\...\{182201E0-FCBA-4667-B226-B5AE3F4C623D}_is1) (Version:  - Spotmau Software Co., Ltd.)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Swords and Sandals 2 2.0 (HKLM-x32\...\Swords and Sandals 2) (Version: 2.0 - 3RDsense)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.33.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25790 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Sims 3 Create a Pattern Tool (HKLM-x32\...\{44EAFE3D-09A9-4478-A2BF-0EED22F4E49F}) (Version: 1.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.33.2 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.10.1 - Electronic Arts)
The Sims™ 3 Fast Lane Stuff (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.8.1 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.13.1 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.17.2 - Electronic Arts)
UltraISO Premium V9.36 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VAIO - Remote Play with PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VideoStudio (x32 Version: 12.0.0.0000 - Corel Corporation) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VNC Server 5.1.1 (HKLM\...\{060CA2F4-3B7B-4CEA-ADF3-E930C62E162D}) (Version: 5.1.1 - RealVNC Ltd)
VNC Viewer 5.1.1 (HKLM\...\{72D6F59C-FDC3-4E68-B776-E92E5D389F48}) (Version: 5.1.1 - RealVNC Ltd)
VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
ZD Soft Screen Recorder 4.1.3.0 (HKLM-x32\...\ZD Soft Screen Recorder) (Version: 4.1.3.0 - ZD Soft)
ZD Soft Screen Video Decoder (HKLM-x32\...\ZDSV) (Version:  - )
Zuma's Revenge! (HKLM-x32\...\Zuma's Revenge!) (Version:  - PopCap Games)
Ενημερωμένη έκδοση Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0408-0000-0000000FF1CE}_HOMESTUDENTR_{08A4BDB3-7A63-4F59-B9FA-EE80ADE88DC2}) (Version:  - Microsoft)
Ενημερωμένη έκδοση Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0408-0000-0000000FF1CE}_HOMESTUDENTR_{C52A655D-F8AE-485D-908D-62CEC754B6A4}) (Version:  - Microsoft)
Ενημερωμένη έκδοση Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0408-0000-0000000FF1CE}_HOMESTUDENTR_{054186C0-F351-472E-84E8-D5E16FA08241}) (Version:  - Microsoft)
ΞΕΡΗ 2.2.2 (HKLM-x32\...\KseriInstall_is1) (Version:  - .dnot)
Πίνακας Ελέγχου NVIDIA 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3607668558-2623760651-2539539302-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

16-02-2015 17:59:01 Προγραμματισμένο σημείο ελέγχου
17-02-2015 16:54:30 Windows Update
17-02-2015 23:54:42 Windows Update
19-02-2015 00:02:38 Windows Update
23-02-2015 16:22:48 Windows Update
26-02-2015 21:50:14 Windows Update
26-02-2015 23:37:53 Windows Update
28-02-2015 19:30:45 TuneUp360's restore point
02-03-2015 00:07:04 Installed Microsoft Fix it 50907
02-03-2015 00:17:17 Removed Java 7 Update 51
02-03-2015 00:18:38 Removed Java 7 Update 51 (64-bit)
02-03-2015 00:20:48 Removed Skype Click to Call
02-03-2015 00:28:53 Restore Point Created by FRST
02-03-2015 00:40:27 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-03-02 00:23 - 2015-03-02 00:23 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0F5AFB44-2A42-449F-927B-DA0BD62B80E7} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {0F707628-E607-483C-AC15-805BE9AE6F22} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-07-23] (CyberLink)
Task: {146C18AC-11A6-4084-8122-4F45F02AC7DD} - System32\Tasks\{5C55E8FB-DF3C-46A6-B51C-4EF42FE54869} => pcalua.exe -a "C:\Program Files (x86)\EA GAMES\The Sims 2 Bon Voyage\EAUninstall.exe"
Task: {1EE00C75-FED2-40E8-ACC8-0BBCEAF0601A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000Core => C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.)
Task: {222E5677-CCD8-45C6-ACEE-C67B48E3D208} - System32\Tasks\{75BCFB45-2BF8-4648-866E-54DE2A452BE7} => pcalua.exe -a "I:\Παιχνίδια\PC\Flight Simulator\Flight Simulator X\Add-Ons\Mosquito.exe" -d "I:\Παιχνίδια\PC\Flight Simulator\Flight Simulator X\Add-Ons"
Task: {3018DBDA-9C89-4FAE-9856-84E4D5323478} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {31663CDB-341C-48C8-8B9F-6F8810E26924} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {37ED3D6D-2265-4F0A-9BD2-D0BD93AEB932} - System32\Tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade => C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe [2011-08-11] (Hewlett-Packard)
Task: {3C0B58BD-AB5D-4149-A62A-991C870D1222} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {4872FBB0-5234-4A2E-AC51-C43A3DA770FA} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {612A769D-1BD5-45D5-9C5B-6BDCCF93B67D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {6A5C2906-C3C5-4E41-B588-FCE4F3C891D8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {6CB2A2C3-4F4B-494E-B388-CE77978AD7A4} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-03-13] (CyberLink)
Task: {8269FD6A-CE44-41FE-BA70-36CBC9B6DD24} - System32\Tasks\DVDAgent => C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-09-09] (CyberLink Corp.)
Task: {89E39D12-C7FC-4555-B232-6E507CC58D40} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {9396D657-C1C4-4396-A942-BEA7A9FA88E7} - System32\Tasks\{69E86EB1-284A-4F9B-ADD9-0550D1D1BF3F} => pcalua.exe -a "C:\Users\ΣΤΕΛΙΟΣ\Desktop\Nero\Language Packs\Nero.exe" -d "C:\Users\ΣΤΕΛΙΟΣ\Desktop\Nero\Language Packs"
Task: {C063D662-77E0-416D-842D-0747167B198C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000UA => C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.)
Task: {C5B470CE-18BE-4BC4-9280-3283D1551A31} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3607668558-2623760651-2539539302-1000
Task: {C854FC34-8441-4D54-84A0-8E363BB356E3} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {D0491587-9D58-40D7-8520-2D61ED155CA4} - System32\Tasks\{7CCBBB57-21CB-4DBD-94F0-C1F16ACD07EE} => pcalua.exe -a "C:\PROGRA~2\SpectralDesign\UnInstall\Nuendo Dolby Digital Encoder\UNWISE.EXE" -c C:\PROGRA~2\SpectralDesign\UnInstall\Nuendo Dolby Digital Encoder\INSTALL.LOG
Task: {DD3EB840-3AB1-4FFF-9EC0-042BC6794F77} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000Core => C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-11] (Facebook Inc.)
Task: {E0722518-E0AC-49DC-8C8C-0BA92D52C8EA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000UA => C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-11] (Facebook Inc.)
Task: {F19C0F5A-939F-4B87-9786-D20C6802078B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {F710752B-3CCC-486A-8E2B-66736116B396} - System32\Tasks\{6946E4AC-DF12-4CF2-AF94-40F9CAC04369} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {FE5C702A-B1A5-4C69-9143-B7B4C47F9D11} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000Core.job => C:\Users\£¤•›™£\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000UA.job => C:\Users\£¤•›™£\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000Core.job => C:\Users\£¤•›™£\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3607668558-2623760651-2539539302-1000UA.job => C:\Users\£¤•›™£\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2011-12-09 23:17 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-24 16:12 - 2009-11-04 13:18 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxebdrpp.dll
2013-12-18 20:06 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\SysWOW64\ISCM64.dll
2015-01-21 18:30 - 2011-11-15 11:24 - 00146792 _____ () C:\Program Files (x86)\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe
2011-08-11 19:16 - 2011-08-11 19:11 - 00080256 _____ () c:\windows\syswow64\ezgosvc.dll
2014-02-08 18:19 - 2014-03-18 21:48 - 00003132 _____ () C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll
2009-07-23 11:37 - 2009-07-23 11:37 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2014-06-24 13:37 - 2014-06-24 13:38 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3607668558-2623760651-2539539302-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ΣΤΕΛΙΟΣ\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ABBYY.Licensing.FineReader.Corporate.10.0 => 2
MSCONFIG\Services: ACDaemon => 2
MSCONFIG\Services: CLHNServiceForPowerDVD => 2
MSCONFIG\Services: CLHNServiceForPowerDVD12 => 2
MSCONFIG\Services: CyberLink PowerDVD 11.0 Monitor Service => 2
MSCONFIG\Services: CyberLink PowerDVD 11.0 Service => 2
MSCONFIG\Services: CyberLink PowerDVD 12 Media Server Monitor Service => 2
MSCONFIG\Services: CyberLink PowerDVD 12 Media Server Service => 2
MSCONFIG\Services: ezGOSvc => 2
MSCONFIG\Services: ezSharedSvc => 2
MSCONFIG\Services: MemeoBackgroundService => 2
MSCONFIG\Services: OMSI download service => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: SamsungAllShareV2.0 => 2
MSCONFIG\Services: Serviio => 2
MSCONFIG\Services: TunngleService => 2
MSCONFIG\Services: TVCapSvc => 2
MSCONFIG\Services: ufad-ws60 => 2
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk => C:\Windows\pss\TMMonitor.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: BrowserPlugInHelper => C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\BrowserPlugInHelper.exe
MSCONFIG\startupreg: CLMLServer_For_P2G8 => "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
MSCONFIG\startupreg: CLVirtualDrive => "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
MSCONFIG\startupreg: Corel File Shell Monitor => C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\ΣΤΕΛΙΟΣ\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
MSCONFIG\startupreg: HPCam_Menu => "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
MSCONFIG\startupreg: iSkysoft Helper Compact.exe => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~2\COMMON~1\INSTAL~1\UpdateService\isuspm.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: PowerDVD12Agent => "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
MSCONFIG\startupreg: QlbCtrl.exe => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: UpdatePPShortCut => "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\5.0"
MSCONFIG\startupreg: UpdatePRCShortCut => "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
MSCONFIG\startupreg: WirelessAssistant => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== Accounts: =============================

Administrator (S-1-5-21-3607668558-2623760651-2539539302-500 - Administrator - Disabled)
Guest (S-1-5-21-3607668558-2623760651-2539539302-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3607668558-2623760651-2539539302-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-3607668558-2623760651-2539539302-1006 - Limited - Enabled)
ΣΤΕΛΙΟΣ (S-1-5-21-3607668558-2623760651-2539539302-1000 - Administrator - Enabled) => C:\Users\ΣΤΕΛΙΟΣ

==================== Faulty Device Manager Devices =============

Name: archlp
Description: archlp
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ArcSec
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/02/2015 11:41:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Η δημιουργία περιβάλλοντος ενεργοποίησης για το "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1" απέτυχε. Παρουσιάστηκε σφάλμα στο αρχείο διακήρυξης ή πολιτικής "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" στη γραμμή C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Η έκδοση ενός στοιχείου που απαιτείται για την εφαρμογή έρχεται σε διένεξη με την έκδοση άλλου στοιχείου το οποίο είναι ήδη ενεργό.
Τα στοιχεία που έρχονται σε διένεξη είναι:.
Στοιχείο 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Στοιχείο 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/02/2015 11:41:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Η δημιουργία περιβάλλοντος ενεργοποίησης για το "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1" απέτυχε. Παρουσιάστηκε σφάλμα στο αρχείο διακήρυξης ή πολιτικής "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" στη γραμμή C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Η έκδοση ενός στοιχείου που απαιτείται για την εφαρμογή έρχεται σε διένεξη με την έκδοση άλλου στοιχείου το οποίο είναι ήδη ενεργό.
Τα στοιχεία που έρχονται σε διένεξη είναι:.
Στοιχείο 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Στοιχείο 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/02/2015 06:56:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Όνομα ελαττωματικής εφαρμογής TeamViewer_Service.exe, έκδοση 9.0.25790.0, χρονική σήμανση 0x52e8ba34
Όνομα ελαττωματικής λειτουργικής μονάδας TeamViewer_Service.exe, έκδοση 9.0.25790.0, χρονική σήμανση 0x52e8ba34
Κωδικός εξαίρεσης: 0xc0000005
Μετατόπιση σφάλματος: 0x00120647
Αναγνωριστικό ελαττωματικής διεργασίας: 0x8ac
Χρόνος έναρξης ελαττωματικής εφαρμογής: 0xTeamViewer_Service.exe0
Διαδρομή ελαττωματικής εφαρμογής: TeamViewer_Service.exe1
Διαδρομή ελλατωματικής λειτουργικής μονάδας:TeamViewer_Service.exe2
Αναγνωριστικό αναφοράς:TeamViewer_Service.exe3


System errors:
=============
Error: (03/03/2015 00:23:54 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Αποτυχία εγκατάστασης: Τα Windows απέτυχαν να εγκαταστήσουν την παρακάτω ενημέρωση με σφάλμα 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.193.1164.0).

Error: (03/03/2015 00:23:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Η υπηρεσία Windows Defender τερματίστηκε με το ακόλουθο σφάλμα:
%%126

Error: (03/02/2015 07:00:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Απέτυχε η φόρτωση των ακόλουθων προγραμμάτων οδήγησης της εκκίνησης του υπολογιστή ή της εκκίνησης του συστήματος:
ArcSec

Error: (03/02/2015 06:59:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: συγκεκριμένης εφαρμογήςΤοπικήΕκκίνηση{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Χρήση LRPC)

Error: (03/02/2015 06:58:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας lemsgt εξαιτίας του ακόλουθου σφάλματος:
%%1275

Error: (03/02/2015 06:58:22 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Εμποδίστηκε η φόρτωση του \SystemRoot\SysWow64\DRIVERS\lemsgt.sys επειδή δεν είναι συμβατή με αυτό το σύστημα. Επικοινωνήστε με τον προμηθευτή σας για μια συμβατή έκδοση του προγράμματος οδήγησης.

Error: (03/02/2015 06:58:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας hwpsgt εξαιτίας του ακόλουθου σφάλματος:
%%1275

Error: (03/02/2015 06:58:22 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Εμποδίστηκε η φόρτωση του \SystemRoot\SysWow64\DRIVERS\hwpsgt.sys επειδή δεν είναι συμβατή με αυτό το σύστημα. Επικοινωνήστε με τον προμηθευτή σας για μια συμβατή έκδοση του προγράμματος οδήγησης.

Error: (03/02/2015 06:56:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Η υπηρεσία TeamViewer 9 τερματίστηκε απροσδόκητα.  Αυτό έχει συμβεί 1 φορές.  Θα εκτελεστεί η ακόλουθη διορθωτική κίνηση σε 2000 χιλιοστά του δευτερολέπτου: Επανεκκίνηση της υπηρεσίας.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-03-02 23:36:22.023
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-02 23:35:40.498
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-02 19:30:41.190
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-02 19:30:32.218
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-02 19:04:12.445
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-02 19:03:23.191
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-02 19:01:08.250
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-02 19:01:07.670
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAC64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-02 18:56:16.432
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-02 18:44:44.873
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 58%
Total physical RAM: 4086.88 MB
Available physical RAM: 1708.62 MB
Total Pagefile: 8171.95 MB
Available Pagefile: 5617.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:450.56 GB) (Free:209.39 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:14.9 GB) (Free:2.46 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 296B532C)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================



#7 BrianDrab

BrianDrab

  • Malware Response Team
  • 266 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:54 AM

Posted 02 March 2015 - 09:56 PM

Thank you. Almost there. Please do the following.

 

Step#1 - FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   411bytes   2 downloads
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

Step#2 - VirusTotal Scan
There is one file (C:\Program Files (x86)\softendo.com\Mario Forever 5.01\Data\Mario Forever.exe) that I would like to get more information on. VirusTotal, a subsidiary of Google, provides a service that allows us to scan this file using many antiviurs engines to see if any are currently detecting this as a threat. Please follow the instructions below.
1. To use VirusTotal, please go here.
VirusTotal.JPG
2. Copy the following line to your clipboard. To do so, select the text with your mouse and then right-click your mouse and select Copy.
C:\Program Files (x86)\softendo.com\Mario Forever 5.01\Data\Mario Forever.exe
3. Click the Choose File button and paste in the contents of the clipboard into the "File name:" field.
4. Click the Scan It! button. VirusTotal will check this file against 50 different antivirus softwares to see if any detect this as a threat.
Note: If you receive a message stating that the File was already analysed, please click Reanalyse.
5. Once the scan finishes, please copy and paste the VirusTotal URL in your next reply. To do this, click your mouse at the very top of your browser window in the URL that starts with https:// and the entire line will turn blue. Right click your mouse and select copy. Paste this in your next reply.

6. Repeat the steps for the following file. C:\Program Files (x86)\Zuxxez\Battle vs. Chess\SKIDROW.dll

 

 

Step#3 - Security Check
 
1. Download Security Check from here or here or here.
2. Save it to your Desktop.
3. Right-click SecurityCheck.exe and select Run as administrator. Follow the onscreen instructions inside of the black box.
4. A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: Don't be alarmed if the process runs for 10 to 15 minutes before completing. If it runs for over 30 minutes, just close the program and try running it again.

NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.

 

Items for your next post

1. FRST Fix Log

2. VirusTotal scan Links

3. Security Check



#8 gtu1234

gtu1234
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:54 PM

Posted 03 March 2015 - 10:45 AM

FRST Fix Log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-02-2015
Ran by ΣΤΕΛΙΟΣ at 2015-03-03 16:47:46 Run:2
Running from C:\Users\ΣΤΕΛΙΟΣ\Desktop
Loaded Profiles: ΣΤΕΛΙΟΣ (Available profiles: ΣΤΕΛΙΟΣ)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Program Files\Adware-Removal-Tool\
C:\Users\OOAEEIO\AppData\Roaming\AIXOI
C:\Users\OOAEEIO\AppData\Roaming\MSVL
C:\Users\OOAEEIO\AppData\Roaming\NGTF
C:\Users\OOAEEIO\AppData\Roaming\VEWL
C:\Users\OOAEEIO\Downloads\kalokairaki.rar
Task: {0F5AFB44-2A42-449F-927B-DA0BD62B80E7} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)


*****************

C:\Program Files\Adware-Removal-Tool => Moved successfully.
"C:\Users\OOAEEIO\AppData\Roaming\AIXOI" => File/Directory not found.
"C:\Users\OOAEEIO\AppData\Roaming\MSVL" => File/Directory not found.
"C:\Users\OOAEEIO\AppData\Roaming\NGTF" => File/Directory not found.
"C:\Users\OOAEEIO\AppData\Roaming\VEWL" => File/Directory not found.
"C:\Users\OOAEEIO\Downloads\kalokairaki.rar" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F5AFB44-2A42-449F-927B-DA0BD62B80E7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F5AFB44-2A42-449F-927B-DA0BD62B80E7}" => Key deleted successfully.
C:\Windows\System32\Tasks\SidebarExecute => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SidebarExecute" => Key deleted successfully.

==== End of Fixlog 16:47:47 ====

 

VirusTotal scan Links:

https://www.virustotal.com/el/file/480fa3320a03360a675c03f314c308aa0f23e1dee96ae59c863ab35e3df87a09/analysis/1425394484/
https://www.virustotal.com/el/file/0474bec353472ed54de747abdbd3b714c20642efb72da4d4162ce5b3fdb25125/analysis/1425394672/

 

Security Check Log:

 Results of screen317's Security Check version 0.99.97  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
AVG Internet Security 2014   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
  Java 64-bit 8 Update 31  
 Adobe Flash Player 16.0.0.305  
 Adobe Reader 9 Adobe Reader out of Date!
 Mozilla Firefox 30.0 Firefox out of Date!  
 Google Chrome (40.0.2214.111)
 Google Chrome (40.0.2214.115)
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
 



#9 BrianDrab

BrianDrab

  • Malware Response Team
  • 266 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:54 AM

Posted 03 March 2015 - 11:54 AM

Thank you. It appears the following two programs came with malware so if you could remove those that would be great.
 
Battle vs. Chess
Mario Forever 5.01
 
Then do the following to ensure the remaining malware is cleaned up. We also need to button you up security-wise so that you are less prone to infection. Please do the following.
 
Step#1 - FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   137bytes   2 downloads
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.
 
Step#2 -  Keeping Java Updated
I had you uninstall this program because you had an outdated version. If you don't use Java or don't know if you use Java I highly recommend you simply skip this step. If you do use it, then proceed.
 
WARNING: Java is one of the most exploited programs at this time. The Department of Homeland Security recommends that computer users disable Java. You can read more about this here.
I would recommend that you completely uninstall Java unless you need it to run an important software. If you need it or are unsure or uncomfortable with removing it then I would recommend that you disable Java in your browsers until you need it and then enable it at that time. (See How to disable Java in your web browser and How to unplug Java from the browser). If you don't uninstall it, it's also important that you follow the directions below to update to the latest version of Java.
 
1. Go to this page to download the latest version of Java SE Runtime Environment JRE 8 Update 31.
2. When you click this link you will need to click the "Accept License Agreement" radio button and then click on the "Windows x86 Offline" installer link. You will notice that there is also a Windows x64 link option, however even if you are using a 64-bit operating system, it's very likely you aren't running a 64-bit browser and should only download the "Windows x86 Offline" installer. To determine if you are using a 64-bit browser you can follow these instructions. If you find that you ARE using a 64-bit browser then you can download the "Windows x64" one.
8u31.JPG
3. Once you click on the appropriate link, please download this to your Desktop like we have with all of our tools.
4. Close any programs you may have running - especially your web browser.
5. Now we need to uninstall all versions of Java that are currently on your machine before we install the newest version. Go to Add/Remove programs (instructions are here) and uninstall any item that appears in the list that has the following as part of the name: Already Uninstalled
6. Reboot your computer once all Java components are removed.
7. Then from your desktop, right click on the file that was downloaded (jre-8u31-windows-i586.exe or jre-8u31-windows-x64.exe) and select Run as an Administrator to install the latest version. Accept all the defaults and you're good to go.
Note: Java has been notorious for installing foistware (software downloaded without the users knowledge). If you follow the instructions I provided no foistware will be installed but that doesn't mean it won't in the future. While performing the install of this software or any software for that matter, pay attention to each screen and ensure you uncheck any extra software that you don't want installed (i.e. Ask Toolbar, Chrome Browser, etc.).
 
 
Step#3 - Keep Adobe Reader Updated
1. Uninstall Adobe Reader. Click here for instructions on how to uninstall a program.
2. Install the newest version from this website.
Note: Make sure to uncheck the Optional Offer (i.e. Google Chrome, Google Toolbar) unless you really want it.
NOTE: You should disable JavaScript in the program as this is a highly exploitable method for the bad guys to get in your machine. Follow these instructions to disable it in Adobe Reader.
1. Open Adobe Reader
2. Select Edit from the menu and select Preferences
3. Click on JavaScript in the left column and uncheck Enable Acrobat JavaScript.
4. Click OK and close the program.
NOTE: Many installers, including Adobe Reader, offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

 

Step#4 - Firefox - Update
1. Update Firefox to the most current version to prevent exploits.

 

 

Items for your next post

1. FRST Fix log



#10 gtu1234

gtu1234
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:54 PM

Posted 04 March 2015 - 04:52 PM

Unistalled suggested prograps, updated java, adobe reader and firefox.

 

FRST Fix log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-02-2015
Ran by ΣΤΕΛΙΟΣ at 2015-03-04 22:54:21 Run:3
Running from C:\Users\ΣΤΕΛΙΟΣ\Desktop
Loaded Profiles: ΣΤΕΛΙΟΣ (Available profiles: ΣΤΕΛΙΟΣ)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Program Files (x86)\softendo.com\Mario Forever 5.01\Data\Mario Forever.exe
C:\Program Files (x86)\Zuxxez\Battle vs. Chess\SKIDROW.dll
*****************

"C:\Program Files (x86)\softendo.com\Mario Forever 5.01\Data\Mario Forever.exe" => File/Directory not found.
C:\Program Files (x86)\Zuxxez\Battle vs. Chess\SKIDROW.dll => Moved successfully.

==== End of Fixlog 22:54:21 ====



#11 BrianDrab

BrianDrab

  • Malware Response Team
  • 266 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:54 AM

Posted 04 March 2015 - 05:56 PM

OK. If you are satisfied then I'll leave you with the following.

 

OK! Well done, your computer is clean again! :thumbsup: Part of our jobs here at G2G is to help you clean your computer. But beyond that and just as important is to provide you with some information to keep you safe and secure on the net as well as to share knowledge. Following is that information.
 
 
1. Clean Up!
We need to remove all the tools that we used so that should you ever be re-infected, you will download updated versions which may have updated detection logic.
1. Download Delfix from here.
2. Ensure everything is checked.
3. Click Run.
Note: The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.
Note: Delete any  other .bat, .log, .reg, .txt,  and any other files created during this process, and left on the desktop and empty the Recycle Bin.
 
2. Windows Updates
Another essential task is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats. Microsoft releases security updates that help your computer from becoming vulnerable. It is best if you have these set to download automatically. Follow the instructions below to ensure your settings are optimal.
1. Click the Start Orb in the lower left corner of the screen.
2. Type Windows Update in the search box that appears
3. Click on the Windows Update program that appears in the search results.
Windows%20Update.JPG
4. Click on Change Settings.
CheckForUpdates.JPG
5. Select "Install updates automatically (recommended)" from the Important updates drop-down.
WUChangeSettings.JPG
6. Choose a day and a time when you know the computer will be on and connected to the internet. The default is 3:00AM every day.
7. Ensure that all of the other check boxes are checked.
8. Click OK.
 
3. Keeping Programs Updated
You need to ensure that any programs installed on your machine are kept current. The bad guys exploit vulnerabilities that are found in older versions of software. A very good piece of software that keeps your programs up-to-date is Secunia Personal Software Inspector (PSI). You can download and install it from here. You can read more information about this free software as well as a video walkthrough from here.
 
 4. Antimalware- Preventative

Note: Let's keep Malwarebytes installed as it's a fantastic piece of software. Malwarebytes is an anti-malware software and not an antivirus software so it won't conflict with the Antivirus that you are running. I would recommend that you open up this program, allow it to update and scan your machine at least quarterly...monthly if you can.
 
5. Crypto Warning!!!! - Complete Data Loss can occur!
There are particularly nasty infections out there at the moment that encrypt your data and hold it for ransom. You may read more about this here.
 


  • Download CryptoPrevent free for home use here following the instructions below.
  • Save the file to your desktop from the link above and then open the program by clicking Run when prompted from your browser or by going to the desktop where the file was saved and double-clicking.
  • Accept all the defaults during the install. The last screen of the install has a checkmark in "Launch CryptoPrevent". This is good and will launch the program once you click Finish.
  • You will get a prompt asking if you purchased a Product Key for Automatic Updates. You can answer No.
  • You will then be prompted to learn more about automatic updates or if you want to purchase a key. This is up to you but you don't have to.
  • You will be prompted to click OK to continue and select your protection level. Go ahead and click OK.
  • Click the Apply button to set Default protection.
  • You may get a message stating that Windows Sidebar and Desktop Gadgets are a major security vulnerability and asking you if you want to disable them. If you don't use these features, answer Yes.
  • That's it. The protection is in place.

Note: The free version doesn't provide automatic updates. Periodically, you should open up the program (there is a shortcut on your desktop now) and select the Updates! menu....and select Check for Updates to see if there are any as this infection has serious consequences.
 
UpdatesV7.4.11.JPG
 
 

For more information about computer security and how to protect yourself when on the internet, please read this guide Best Practices for Safe Computing
 
OK, all the best, and stay safe!
 
Items for your next post
1. Contents of the delfix log



#12 gtu1234

gtu1234
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:54 PM

Posted 06 March 2015 - 11:49 AM

That's great news! :thumbsup: Thank you! :clapping: Here is DelFix Log:

# DelFix v10.9 - Logfile created 05/03/2015 at 17:17:45
# Updated 27/02/2015 by Xplode
# Username : ΣΤΕΛΙΟΣ - STELIOS-LAPTOP
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\ΣΤΕΛΙΟΣ\Desktop\Addition.txt
Deleted : C:\Users\ΣΤΕΛΙΟΣ\Desktop\AdwCleaner.exe
Deleted : C:\Users\ΣΤΕΛΙΟΣ\Desktop\AdwCleaner[S0].txt
Deleted : C:\Users\ΣΤΕΛΙΟΣ\Desktop\Fixlog.txt
Deleted : C:\Users\ΣΤΕΛΙΟΣ\Desktop\FRST.txt
Deleted : C:\Users\ΣΤΕΛΙΟΣ\Desktop\FRST64.exe
Deleted : C:\Users\ΣΤΕΛΙΟΣ\Desktop\JRT.exe
Deleted : C:\Users\ΣΤΕΛΙΟΣ\Desktop\JRT.txt
Deleted : C:\Users\ΣΤΕΛΙΟΣ\Desktop\SecurityCheck.exe
Deleted : C:\Users\ΣΤΕΛΙΟΣ\Downloads\esetsmartinstaller_enu.exe
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #1108 [Windows Update | 02/23/2015 14:22:48]
Deleted : RP #1109 [Windows Update | 02/26/2015 19:50:14]
Deleted : RP #1110 [Windows Update | 02/26/2015 21:37:53]
Deleted : RP #1111 [TuneUp360's restore point | 02/28/2015 17:30:45]
Deleted : RP #1112 [Installed Microsoft Fix it 50907 | 03/01/2015 22:07:04]
Deleted : RP #1113 [Removed Java 7 Update 51 | 03/01/2015 22:17:17]
Deleted : RP #1114 [Removed Java 7 Update 51 (64-bit) | 03/01/2015 22:18:38]
Deleted : RP #1115 [Removed Skype Click to Call | 03/01/2015 22:20:48]
Deleted : RP #1117 [Restore Point Created by FRST | 03/01/2015 22:28:53]
Deleted : RP #1118 [Windows Update | 03/01/2015 22:40:27]
Deleted : RP #1119 [Windows Update | 03/04/2015 00:29:51]
Deleted : RP #1120 [Removed Adobe Reader X - Greek. | 03/04/2015 21:25:01]
Deleted : RP #1121 [Removed Adobe Reader X - Greek. | 03/04/2015 21:25:59]
Deleted : RP #1122 [Installed Adobe Reader X (10.1.10) - Greek. | 03/04/2015 21:31:29]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########
 



#13 BrianDrab

BrianDrab

  • Malware Response Team
  • 266 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:54 AM

Posted 07 March 2015 - 02:19 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users