Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

securityhelper.dll


  • This topic is locked This topic is locked
20 replies to this topic

#1 ankarage

ankarage

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 17 March 2015 - 12:04 PM

When my laptop startup ,Norton security notificates that there is a backdoor Trojan "ProgramData\Microsoft\Security\Client\SecurityHelper.dll"

and clean this.At the new startup I have the same problem.

What can I do?


Edited by ankarage, 17 March 2015 - 12:05 PM.


BC AdBot (Login to Remove)

 


m

#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:47 AM

Posted 17 March 2015 - 12:34 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 ankarage

ankarage
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 17 March 2015 - 01:44 PM

Dear deeprybka
I send you the two files FRST.txt and Addition.txt
I am waiting for your help.
Thanks

FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Ανδρέας (administrator) on ADMIN on 17-03-2015 20:27:22
Running from D:\downloads
Loaded Profiles: Ανδρέας (Available profiles: Ανδρέας)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe
(New Softwares.net) C:\Windows\SysWOW64\WinFLService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrvProxy.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrAdm.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrDba.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrHis.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrPas.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrSaz.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\NS.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrvProxy.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Volkswagen AG) C:\ElsaWin\bin\LcSvrAuf.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
( New Softwares.net) C:\Windows\SysWOW64\WinFLTray.exe
(New Softwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
( New Softwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServ.exe
(BitTorrent Inc.) C:\Users\Ανδρέας\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(DuckLink Software) C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(i-Funbox.com) C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3\TMMonitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\TscHelp.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\NS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagitEditor.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_305_ActiveX.exe
() C:\Program Files (x86)\Roxio Creator NXT 2\Roxio Burn\RoxioBurnLauncher.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\MSOSYNC.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcfgex.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-07-21] ()
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-05-20] (Hewlett-Packard Company)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7780696 2013-08-22] (Acronis)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2010-02-25] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1103424 2013-01-10] (Acronis)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Roxio Creator NXT 2\Common\RoxWatchTray15.exe [294632 2013-08-19] (Corel Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3723728 2015-03-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [WinFLTray] => C:\Windows\SysWow64\WinFLTray.exe [321736 2013-11-18] ( New Softwares.net)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [FLBackup] => C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe [275656 2013-11-18] (New Softwares.net)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [uTorrent] => C:\Users\Ανδρέας\AppData\Roaming\uTorrent\uTorrent.exe [1677904 2015-01-22] (BitTorrent Inc.)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [Google Update] => C:\Users\Ανδρέας\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-24] (Google Inc.)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3837520 2014-09-26] (Tonec Inc.)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [DuckCapture] => C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe [436736 2011-11-03] (DuckLink Software)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [iFunBox Fast App Install Handler] => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe [2508288 2015-02-10] (i-Funbox.com)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2015-02-16] (Google Inc.)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\MountPoints2: {dcb285dc-ad34-11df-a070-806e6f6e6963} - "G:\WD SmartWare.exe" autoplay=true
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 10.lnk
ShortcutTarget: Snagit 10.lnk -> C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe (TechSmith Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3\TMMonitor.exe (ArcSoft, Inc.)
ShellIconOverlayIdentifiers: [0WinSecurityProvider] -> {F76FA5C2-3B6A-451E-8CA5-34C8D0AE0637} => C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
BootExecute: autocheck autochk * auto_reactivate \\?\Volume{98d62216-90ff-11de-a416-806e6f6e6963}\bootwiz\asrm.bin

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://gr.msn.com/?mkt=el-gr&ocid=iehp
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = ${SEARCH_URL}{searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> {DB6EB4DB-4BD7-41B2-91E8-665A5D8C6B47} URL = https://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2014-06-05] (Internet Download Manager, Tonec Inc.)
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll [2010-04-13] (TechSmith Corporation)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-08-12] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.1.0.9\coIEPlg.dll [2014-12-05] (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06] (Google Inc.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll [2014-07-31] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-07-27] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: No Name -> {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} -> No File
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2014-06-05] (Internet Download Manager, Tonec Inc.)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll [2010-04-13] (TechSmith Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-08-12] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\coIEPlg.dll [2014-12-05] (Symantec Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-17] (Oracle Corporation)
BHO-x32: Βοηθός εισόδου του Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-06] (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-07-27] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-17] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll [2010-04-13] (TechSmith Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll [2014-07-31] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06] (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.1.0.9\coIEPlg.dll [2014-12-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll [2010-04-13] (TechSmith Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-06] (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\coIEPlg.dll [2014-12-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> No Name - {1C376F3E-105A-47F1-BC4F-A5EAFB1E62E2} - No File
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06] (Google Inc.)
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> No Name - {5B291E6C-9A74-4034-971B-A4B007A0B315} - No File
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> No Name - {D44C9227-30BD-47D4-8137-95D32189D02A} - No File
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1259.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - C:\ElsaWin\bin\wiprot.dll [2011-12-06] (TODO: <Company name>)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Ανδρέας\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2012-05-30] (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-11-15] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-08-29] (Nero AG)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2852 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2008-04-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.46 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2008-04-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2008-04-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2008-04-28] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @veetle.com/vbp;version=0.9.17 -> C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll [2010-03-23] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [2010-10-16] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [2010-09-21] (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3641372981-3819987845-3030416424-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-3641372981-3819987845-3030416424-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-11-15] (Microsoft Corporation)
FF Extension: Anaglyph Class - C:\Users\Ανδρέας\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default\Extensions\{35D85EC0-7688-5B01-DE09-5CC22DA897FF} [2015-02-25]
FF Extension: DownloadHelper - C:\Users\Ανδρέας\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-10-20]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFPlgn [2015-03-17]
FF HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Ανδρέας\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Ανδρέας\AppData\Roaming\IDM\idmmzcc5 [2014-09-26]
FF HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Ανδρέας\AppData\Roaming\IDM\idmmzcc5
FF Extension: No Name - C:\Users\Ανδρέας\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default\extensions\plugin@yontoo.com.xpi [Not Found]
FF Extension: No Name - C:\Users\Ανδρέας\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com [Not Found]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1424107781&from=cor&uid=WDCXWD3200BEKT-60F3T1_WD-WX10AA9U5177U5177"
CHR DefaultSuggestURL: Default -> http://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\ΑνδΟΞ­Ξ±Ο‚\AppData\Local\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\ΑνδΟΞ­Ξ±Ο‚\AppData\Local\Google\Chrome\Application\40.0.2214.115\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\ΑνδΟΞ­Ξ±Ο‚\AppData\Local\Google\Chrome\Application\40.0.2214.115\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Norton Confidential) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.2.5_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.230.5) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U23) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle Broadcaster Plugin) - C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Ανδρέας\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Anaglyph Class) - C:\Users\Ανδρέας\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-03-05]
CHR Extension: (Norton Identity Safe) - C:\Users\Ανδρέας\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-10]
CHR Extension: (IDM Integration Module) - C:\Users\Ανδρέας\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-01-26]
CHR Extension: (Norton Safe) - C:\Users\Ανδρέας\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2014-08-10]
CHR Extension: (Google Wallet) - C:\Users\Ανδρέας\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-15]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-06-05]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - [Not Found]
StartMenuInternet: Google Chrome - C:\Users\Ανδρέας\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457960 2013-08-19] ()
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-06] (AVG Technologies CZ, s.r.o.)
R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22760 2013-08-19] ()
S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-11-01] (CyberLink)
R2 DiskDoctorService; C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe [1029480 2010-11-30] (Symantec Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2015-03-02] (Macrovision Europe Ltd.) [File not signed]
R2 FLService; C:\Windows\SysWow64\WinFLService.exe [92360 2013-11-18] (New Softwares.net)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
R2 LcSvrAdm; C:\ElsaWin\bin\LcSvrAdm.exe [240640 2011-12-06] (Volkswagen AG) [File not signed]
R3 LcSvrAuf; C:\ElsaWin\bin\LcSvrAuf.exe [1321472 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrDba; C:\ElsaWin\bin\LcSvrDba.exe [392704 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrHis; C:\ElsaWin\bin\LcSvrHis.exe [335360 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrPAS; C:\ElsaWin\bin\LcSvrPas.exe [477696 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrSaz; C:\ElsaWin\bin\LcSvrSaz.exe [373248 2011-12-06] (Volkswagen AG) [File not signed]
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe [130104 2014-07-31] (Symantec Corporation)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\NS.exe [282528 2014-12-10] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()
R2 RoxioBurnLauncher; C:\Program Files (x86)\Roxio Creator NXT 2\Roxio Burn\RoxioBurnLauncher.exe [535184 2012-09-27] ()
S3 RoxMediaDB15; C:\Program Files (x86)\Roxio Creator NXT 2\Common\RoxMediaDB15.exe [1097448 2013-08-19] (Corel Corporation)
S2 RoxWatch15; C:\Program Files (x86)\Roxio Creator NXT 2\Common\RoxWatch15.exe [341736 2013-08-19] (Corel Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SpeedDiskService; C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe [1037672 2010-11-30] (Symantec Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AESTAud; C:\Windows\System32\drivers\AESTAu64.sys [146048 2009-04-20] (Andrea Electronics Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [280544 2015-02-24] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [284128 2015-02-25] (AVG Technologies CZ, s.r.o.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\BASHDefs\20150309.001\BHDrvx64.sys [1622744 2015-02-24] (Symantec Corporation)
R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1601000.009\ccSetx64.sys [165080 2014-09-09] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-11-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-11-25] (Symantec Corporation)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\IPSDefs\20150316.001\IDSvia64.sys [669400 2015-03-06] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20150316.017\ENG64.SYS [129752 2014-11-15] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20150316.017\EX64.SYS [2137304 2014-11-15] (Symantec Corporation)
U5 NBVol; C:\Windows\System32\Drivers\NBVol.sys [72240 2011-07-13] (Nero AG)
U5 NBVolUp; C:\Windows\System32\Drivers\NBVolUp.sys [15920 2011-07-13] (Nero AG)
R2 NEWDRIVER; C:\Windows\SysWow64\WinVDEdrv6.sys [197648 2013-11-18] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S1 ntiomin; No ImagePath
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RT-USB; C:\Windows\System32\drivers\RT-USB64.SYS [70984 2010-06-16] (Ross-Tech LLC)
S3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [238096 2012-05-21] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [39016 2011-12-29] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832U_IRHID; C:\Windows\SysWOW64\DRIVERS\RTL2832U_IRHID.sys [44320 2009-10-05] (Realtek)
S3 RTL8187; C:\Windows\System32\DRIVERS\wg111v2.sys [340992 2007-12-26] (NETGEAR Inc.)
R0 Sahdad64; C:\Windows\System32\Drivers\Sahdad64.sys [28304 2013-08-19] (Corel Corporation)
R0 Saibad64; C:\Windows\System32\Drivers\Saibad64.sys [20112 2013-08-19] (Corel Corporation)
R1 SaibVdAd64; C:\Windows\System32\Drivers\SaibVdAd64.sys [27792 2013-08-19] (Corel Corporation)
R1 SRTSP; C:\Windows\system32\drivers\NSx64\1601000.009\SRTSP64.SYS [914648 2014-12-02] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1601000.009\SRTSPX64.SYS [42200 2014-12-02] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NSx64\1601000.009\SYMDS64.SYS [490712 2014-09-09] (Symantec Corporation)
S3 SymDSMon; C:\Windows\system32\drivers\SymDSMon.sys [191232 2010-11-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NSx64\1601000.009\SYMEFA64.SYS [1151704 2014-09-09] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [102616 2015-03-08] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSx64\1601000.009\Ironx64.SYS [271576 2014-09-09] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NSx64\1601000.009\SYMNETS.SYS [565464 2014-09-09] (Symantec Corporation)
S3 SYMSpeedDisk; C:\Windows\system32\drivers\SymSpeedDisk.sys [163384 2010-11-30] (Symantec Corporation)
S3 SYMSpeedDisk; C:\Windows\SysWOW64\drivers\SymSpeedDisk.sys [108800 2010-11-30] (Symantec Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-10-27] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-10-27] (Acronis)
S1 vflt; C:\Windows\System32\DRIVERS\vfilter.sys [20992 2009-11-19] (Shrew Soft Inc) [File not signed]
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-10-27] (Acronis International GmbH)
S3 vnet; C:\Windows\System32\DRIVERS\virtualnet.sys [12800 2009-11-19] (Shrew Soft Inc) [File not signed]
R1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [34816 2013-11-18] ()
R2 WinVDEDrv; C:\Windows\SysWow64\WinVDEdrv.sys [225680 2013-11-18] (NewSoftwares.net, Inc.)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-17 20:27 - 2015-03-17 20:27 - 00000000 ____D () C:\FRST
2015-03-17 16:38 - 2015-03-17 16:38 - 00000000 ____D () C:\0fadfdac6f4049db0ba763cbc6b73074
2015-03-17 16:38 - 2015-03-17 16:38 - 00000000 ____D () C:\0a7fbe604d11990eef47d1
2015-03-17 16:37 - 2015-03-17 16:38 - 00000000 ____D () C:\7e436305061e55d5836c738933a4a2
2015-03-16 20:07 - 2015-03-16 20:07 - 11960320 _____ () C:\Windows\system32\config\software.rrr
2015-03-16 20:07 - 2015-03-16 20:07 - 00819200 _____ () C:\Windows\system32\config\default.rrr
2015-03-16 20:07 - 2015-03-16 20:07 - 00003072 _____ () C:\Windows\system32\Cache.db
2015-03-16 07:54 - 2015-03-16 07:54 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-16 07:20 - 2015-03-16 07:20 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\AVG
2015-03-16 07:19 - 2015-03-16 07:19 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\Avg
2015-03-16 07:18 - 2015-03-16 07:22 - 00000000 ____D () C:\ProgramData\AVG
2015-03-15 22:15 - 2015-03-15 22:15 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\AVG2015
2015-03-15 22:13 - 2015-03-15 22:13 - 00000967 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-03-15 22:13 - 2015-03-15 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-03-15 22:11 - 2015-03-16 07:20 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-03-15 22:11 - 2015-03-15 22:17 - 00000000 ____D () C:\ProgramData\AVG2015
2015-03-15 22:11 - 2015-03-15 22:11 - 00000000 ___HD () C:\$AVG
2015-03-15 21:53 - 2015-03-17 20:11 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-15 21:53 - 2015-03-15 22:19 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\Avg2015
2015-03-15 21:53 - 2015-03-15 21:53 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\MFAData
2015-03-15 21:49 - 2015-03-15 21:49 - 00110033 _____ () C:\ProgramData\1426448826.bdinstall.bin
2015-03-15 16:52 - 2015-03-15 16:52 - 00097892 _____ () C:\ProgramData\1426430219.bdinstall.bin
2015-03-15 16:36 - 2015-03-15 16:36 - 00037823 _____ () C:\ProgramData\1426430215.bdinstall.bin
2015-03-15 16:34 - 2015-03-15 16:34 - 00202594 _____ () C:\ProgramData\1426419554.bdinstall.bin
2015-03-15 13:42 - 2012-11-02 14:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-03-15 13:39 - 2015-03-16 07:35 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\QuickScan
2015-03-15 13:20 - 2015-03-15 21:59 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2015-03-14 12:47 - 2015-03-16 07:07 - 00004966 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ADMIN-Ανδρέας admin
2015-03-13 03:38 - 2015-03-13 03:39 - 00005361 _____ () C:\Windows\wininit.ini
2015-03-12 21:38 - 2015-03-12 21:38 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-03-12 21:37 - 2015-03-16 07:58 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-03-12 21:37 - 2015-03-13 03:39 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-12 21:37 - 2015-03-12 21:37 - 00001397 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-03-12 21:37 - 2015-03-12 21:37 - 00001385 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-03-12 21:37 - 2015-03-12 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-03-12 21:37 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-03-11 13:56 - 2015-03-11 13:56 - 00000000 ____D () C:\Users\Ανδρέας\Documents\Control4
2015-03-11 13:56 - 2015-03-11 13:56 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\Control4
2015-03-11 11:49 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 11:49 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 11:49 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 11:49 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 11:49 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 11:49 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 11:49 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 11:49 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 11:49 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 11:49 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 11:49 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 11:49 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 11:49 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 11:49 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 11:49 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 11:49 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 11:49 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 11:49 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 11:49 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 11:49 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 11:49 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 11:49 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 11:49 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 11:49 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 11:49 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 11:48 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 11:48 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 11:48 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 11:48 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 11:48 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 11:48 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 11:48 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 11:48 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 11:48 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 11:48 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 11:48 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 11:48 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 11:48 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 11:48 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 11:48 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 11:48 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 11:48 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 11:48 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 11:48 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 11:48 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 11:48 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 11:48 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 11:48 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 11:48 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 11:48 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 11:48 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 11:48 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 11:48 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 11:48 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 11:48 - 2015-01-31 05:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 11:48 - 2015-01-31 05:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 11:48 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 11:48 - 2015-01-31 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 11:48 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 11:48 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 11:48 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 11:48 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 11:47 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 11:47 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 11:47 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 11:47 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 11:47 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 11:47 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 11:47 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 11:47 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 11:47 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 11:47 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 11:47 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 11:47 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 11:47 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 11:47 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 11:47 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 11:47 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 11:47 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 11:47 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 11:47 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 11:47 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 11:47 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 11:47 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 11:47 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 11:47 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 11:47 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 11:47 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 11:47 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 11:47 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 11:47 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 11:47 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 11:47 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 11:47 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 11:47 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 11:47 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 11:47 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 11:47 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 11:47 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 11:47 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 11:47 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 11:47 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 11:47 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 11:47 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 11:47 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 11:47 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 11:47 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 11:47 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 11:47 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 11:47 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 11:47 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 11:47 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 11:47 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 11:47 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 11:47 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 11:47 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 11:47 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 11:47 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 11:47 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 11:47 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 11:47 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-10 19:01 - 2015-03-10 19:01 - 00000000 ____D () C:\Users\Public\Documents\Songs
2015-03-08 22:34 - 2015-03-08 22:34 - 00002483 _____ () C:\Users\Public\Desktop\ImageShack Uploader.lnk
2015-03-08 22:34 - 2015-03-08 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageShack Uploader
2015-03-08 22:34 - 2015-03-08 22:34 - 00000000 ____D () C:\Program Files (x86)\ImageShack Uploader
2015-03-08 08:06 - 2015-03-08 08:06 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security
2015-03-08 08:04 - 2015-03-08 08:04 - 00102616 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-03-08 08:04 - 2015-03-08 08:04 - 00008214 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-03-08 08:04 - 2015-03-08 08:04 - 00003214 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-03-08 08:04 - 2015-03-08 08:04 - 00002455 _____ () C:\Users\Public\Desktop\Norton Security.lnk
2015-03-08 08:04 - 2015-03-08 08:04 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-03-08 07:59 - 2015-03-08 07:59 - 00000000 ____D () C:\Windows\system32\Drivers\NSx64
2015-03-08 07:58 - 2015-03-08 08:04 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2015-03-08 07:58 - 2015-03-08 07:59 - 00000000 ____D () C:\Program Files (x86)\Norton Security
2015-03-07 22:21 - 2015-03-07 22:21 - 00000000 ____D () C:\SUPERDelete
2015-03-07 22:03 - 2015-03-07 23:51 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-02 19:25 - 2008-04-07 05:38 - 00024416 ____R (Adobe Systems Inc.) C:\Windows\system32\AdobePDFUI.dll
2015-03-02 19:24 - 2015-03-02 19:24 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 9.lnk
2015-03-02 19:24 - 2015-03-02 19:24 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 9 Pro.lnk
2015-03-02 19:24 - 2015-03-02 19:24 - 00002173 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer ES 8.2.lnk
2015-03-02 19:24 - 2015-03-02 19:24 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk
2015-02-28 16:25 - 2015-02-28 16:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-27 19:20 - 2015-02-27 19:20 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-27 19:20 - 2015-02-27 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-27 19:19 - 2015-02-27 19:20 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-27 19:19 - 2015-02-27 19:19 - 00000000 ____D () C:\Program Files\iTunes
2015-02-27 19:19 - 2015-02-27 19:19 - 00000000 ____D () C:\Program Files\iPod
2015-02-26 09:53 - 2015-02-26 09:53 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\WinZip
2015-02-26 09:52 - 2015-02-26 09:52 - 00002213 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-02-26 09:52 - 2015-02-26 09:52 - 00002207 _____ () C:\Users\Public\Desktop\WinZip.lnk
2015-02-26 09:52 - 2015-02-26 09:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-02-26 09:52 - 2015-02-26 09:52 - 00000000 ____D () C:\Program Files\WinZip
2015-02-25 21:50 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 21:50 - 2015-01-09 01:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 19:25 - 2015-03-14 13:30 - 00000000 ____D () C:\NPE
2015-02-25 17:37 - 2015-02-25 17:37 - 00284128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2015-02-25 14:36 - 2015-03-16 07:54 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\Ecttion
2015-02-25 14:36 - 2015-03-15 22:17 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\ISsoft
2015-02-24 16:46 - 2015-02-24 16:46 - 00280544 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-02-21 18:37 - 2015-02-21 18:37 - 00000000 ____D () C:\ProgramData\PCSettings
2015-02-17 18:40 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-17 18:40 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-17 18:40 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-17 18:40 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-16 19:48 - 2015-02-16 19:48 - 00001336 _____ () C:\Users\Public\Desktop\iBackupBot for iTunes.lnk
2015-02-16 19:48 - 2015-02-16 19:48 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\VOWSoft
2015-02-16 19:48 - 2015-02-16 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VOWSoft iPod Software
2015-02-16 19:29 - 2015-03-10 17:32 - 00003824 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1424107746
2015-02-16 19:29 - 2015-02-16 19:29 - 00001141 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-02-16 19:29 - 2015-02-16 19:29 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-02-16 19:29 - 2015-02-16 19:29 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\Opera Software
2015-02-16 19:29 - 2015-02-16 19:29 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\Opera Software
2015-02-16 19:27 - 2015-03-10 17:32 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-16 19:27 - 2015-02-16 19:27 - 05880800 _____ () C:\Users\Ανδρέας\Downloads\ibackupbot_setup.exe
2015-02-16 14:59 - 2015-02-16 14:59 - 00000193 _____ () C:\Windows\WORDPAD.INI
2015-02-16 14:32 - 2015-03-09 22:23 - 00000000 ____D () C:\Program Files (x86)\93f50bdf-d9f0-4c81-9043-83de3bcdfe0f

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-17 20:28 - 2009-12-24 22:16 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\uTorrent
2015-03-17 20:26 - 2012-03-22 21:57 - 00001202 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3641372981-3819987845-3030416424-1001UA.job
2015-03-17 20:24 - 2009-12-24 22:05 - 00001184 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-17 20:16 - 2009-12-24 06:39 - 00000000 ____D () C:\Users\Ανδρέας\Tracing
2015-03-17 20:13 - 2009-12-24 22:05 - 00001180 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-17 20:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-17 20:13 - 2009-07-14 06:51 - 17508155 _____ () C:\Windows\setupact.log
2015-03-17 20:11 - 2013-08-16 22:17 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\DuckLink
2015-03-17 20:11 - 2011-09-05 12:51 - 00000000 ____D () C:\Users\Ανδρέας
2015-03-17 20:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-03-17 20:06 - 2011-09-05 13:51 - 01854757 _____ () C:\Windows\WindowsUpdate.log
2015-03-17 20:06 - 2010-01-06 20:04 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\DMCache
2015-03-17 19:34 - 2013-01-26 17:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-17 18:20 - 2009-07-14 06:45 - 00030512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-17 18:20 - 2009-07-14 06:45 - 00030512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-17 12:56 - 2012-03-22 21:57 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3641372981-3819987845-3030416424-1001Core.job
2015-03-17 10:22 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-17 10:19 - 2012-06-13 12:34 - 00000000 ____D () C:\Users\Ανδρέας\Documents\Outlook Files
2015-03-17 09:11 - 2014-08-17 10:40 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\Adobe
2015-03-16 20:17 - 2009-09-17 22:57 - 00000000 ____D () C:\ProgramData\Temp
2015-03-16 20:13 - 2012-03-12 21:15 - 00000264 _____ () C:\Windows\Tasks\NUSchedule.job
2015-03-16 20:08 - 2012-06-20 13:30 - 14508032 _____ () C:\Users\Ανδρέας\s-1-5-21-3641372981-3819987845-3030416424-1001.rrr
2015-03-16 12:25 - 2010-11-21 05:47 - 06685494 _____ () C:\Windows\PFRO.log
2015-03-16 07:38 - 2013-12-17 12:48 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Subtitle Workshop
2015-03-16 07:38 - 2012-08-15 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative
2015-03-16 07:38 - 2010-04-12 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-03-16 07:35 - 2009-12-25 00:04 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\PowerCinema
2015-03-16 07:35 - 2009-12-23 21:55 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\HpUpdate
2015-03-16 07:35 - 2009-12-23 21:49 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\hpqlog
2015-03-16 07:34 - 2012-07-17 17:28 - 00000000 ____D () C:\Windows\Minidump
2015-03-16 07:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-03-16 07:33 - 2012-08-29 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-03-16 07:33 - 2012-08-14 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPhoneBrowser
2015-03-16 07:33 - 2012-06-06 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP600
2015-03-16 07:33 - 2012-03-13 08:43 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ChessBase
2015-03-16 07:33 - 2011-01-03 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft DirectX SDK (March 2009)
2015-03-16 07:33 - 2011-01-02 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Classic - Home Cinema
2015-03-16 07:33 - 2010-09-05 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub
2015-03-16 07:33 - 2010-08-14 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-03-16 07:33 - 2009-12-23 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2015-03-15 22:30 - 2010-03-14 21:44 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\CrashDumps
2015-03-15 22:13 - 2013-08-18 19:09 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\TuneUp Software
2015-03-14 13:47 - 2012-09-09 09:16 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\NPE
2015-03-13 21:40 - 2015-02-12 13:39 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForΑνδρέας
2015-03-13 21:40 - 2015-02-12 13:39 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForΑνδρέας.job
2015-03-13 05:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 17:37 - 2009-12-26 20:32 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-03-12 16:12 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-12 16:12 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-12 16:06 - 2009-07-14 06:45 - 05322704 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 16:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 16:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 22:02 - 2013-08-15 23:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 21:52 - 2012-07-21 09:38 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 21:45 - 2012-08-29 19:28 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-03-11 21:43 - 2012-11-06 20:39 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-03-10 19:01 - 2012-06-22 21:42 - 00000000 ____D () C:\Users\Public\Documents\Notation
2015-03-09 22:23 - 2010-04-18 17:27 - 00000000 ____D () C:\Program Files (x86)\RadioBar
2015-03-09 22:23 - 2010-04-17 08:55 - 00000000 ____D () C:\Program Files (x86)\Online_Radio_India
2015-03-09 15:34 - 2010-01-06 20:11 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\IDM
2015-03-08 23:04 - 2013-10-11 17:43 - 00000000 ____D () C:\Program Files (x86)\PC Connectivity Solution
2015-03-08 09:56 - 2014-08-16 23:04 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2015-03-08 08:08 - 2012-09-09 07:02 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-03-08 08:08 - 2009-09-17 22:24 - 00000000 ____D () C:\ProgramData\Norton
2015-03-07 23:51 - 2014-06-02 07:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-03-07 23:45 - 2012-09-08 12:40 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\CRE
2015-03-07 17:20 - 2013-09-28 14:31 - 00000000 ____D () C:\temp
2015-03-07 15:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-06 17:03 - 2009-12-24 22:05 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\Google
2015-03-02 19:44 - 2011-09-05 14:14 - 00168792 _____ () C:\Users\Ανδρέας\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-02 19:29 - 2013-04-19 18:37 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-03-02 19:27 - 2012-11-07 19:11 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-02 19:21 - 2009-12-23 10:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-02 14:07 - 2010-07-25 10:15 - 00000000 ____D () C:\ProgramData\ChessBase
2015-03-02 14:07 - 2010-01-24 10:04 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\ChessBase
2015-03-02 14:07 - 2010-01-24 09:55 - 00000000 ____D () C:\Users\Ανδρέας\Documents\ChessBase
2015-03-02 14:06 - 2009-12-23 10:26 - 00000000 __RHD () C:\MSOCache
2015-02-27 20:56 - 2009-07-14 07:13 - 00786538 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-27 19:19 - 2014-01-29 19:44 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-27 19:19 - 2013-02-21 18:11 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-26 09:53 - 2012-11-10 19:33 - 00000000 ____D () C:\ProgramData\WinZip
2015-02-23 12:33 - 2015-02-14 09:07 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\JihoiTunesExtractor
2015-02-21 18:47 - 2010-03-13 17:10 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2015-02-21 18:34 - 2012-09-09 07:02 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2015-02-21 13:55 - 2013-08-16 19:37 - 00000810 _____ () C:\Users\Public\Desktop\ElsaWin.lnk
2015-02-21 13:55 - 2013-08-16 19:37 - 00000810 _____ () C:\Users\Public\Desktop\ElsaWin Administration.lnk
2015-02-21 13:54 - 2012-06-14 23:56 - 00000344 _____ () C:\Windows\ODBC.INI
2015-02-21 12:44 - 2012-03-22 21:58 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-20 16:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2015-02-16 19:48 - 2015-01-11 11:21 - 00000000 ____D () C:\Program Files (x86)\VOWSoft iPod Software
2015-02-16 13:20 - 2009-12-24 22:04 - 00000000 ____D () C:\ProgramData\Google
2015-02-16 13:20 - 2009-12-24 22:04 - 00000000 ____D () C:\Program Files\Google
2015-02-16 13:20 - 2009-12-24 22:04 - 00000000 ____D () C:\Program Files (x86)\Google

==================== Files in the root of some directories =======

2011-08-29 19:41 - 2011-09-07 11:49 - 0042821 _____ () C:\Users\Ανδρέας\AppData\Roaming\Apple ComputerMobileSyncBackupdc9162f1c4973c7505f6ec77109158f6e0aac23fInfo.plist
2013-05-18 08:07 - 2013-05-18 08:07 - 0226846 _____ () C:\Users\Ανδρέας\AppData\Roaming\AvidLicenseControl_Install.log
2011-02-01 20:54 - 2011-06-17 21:10 - 0001854 _____ () C:\Users\Ανδρέας\AppData\Roaming\GhostObjGAFix.xml
2010-06-23 19:14 - 2010-10-12 19:53 - 0000068 _____ () C:\Users\Ανδρέας\AppData\Roaming\LSV6.dat
2012-06-14 23:57 - 2012-06-14 23:57 - 0022248 _____ () C:\Users\Ανδρέας\AppData\Roaming\Microsoft Excel 97-2003.ADR
2012-06-15 02:09 - 2012-09-08 16:39 - 0009312 _____ () C:\Users\Ανδρέας\AppData\Roaming\Microsoft Excel 97-2003.EML
2010-11-04 19:57 - 2013-12-30 18:53 - 0000600 _____ () C:\Users\Ανδρέας\AppData\Roaming\winscp.rnd
2011-08-01 13:23 - 2011-08-01 13:23 - 0000290 _____ () C:\Users\Ανδρέας\AppData\Roaming\wklnhst.dat
2011-09-05 14:13 - 2011-09-05 14:13 - 0000000 _____ () C:\Users\Ανδρέας\AppData\Local\AtStart.txt
2014-01-26 16:33 - 2014-01-26 16:33 - 0003584 _____ () C:\Users\Ανδρέας\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-05 14:13 - 2011-09-05 14:13 - 0000000 _____ () C:\Users\Ανδρέας\AppData\Local\DSwitch.txt
2013-11-29 21:21 - 2013-12-28 16:42 - 0000092 _____ () C:\Users\Ανδρέας\AppData\Local\HackLogs.dat
2011-09-05 14:13 - 2011-09-05 14:13 - 0000000 _____ () C:\Users\Ανδρέας\AppData\Local\QSwitch.txt
2012-11-06 17:15 - 2012-11-06 17:15 - 0000017 _____ () C:\Users\Ανδρέας\AppData\Local\resmon.resmoncfg
2012-08-29 19:33 - 2013-11-15 18:23 - 0000700 ___SH () C:\Users\Ανδρέας\AppData\Local\systemFL7.$dk
2012-08-24 19:59 - 2013-11-18 15:15 - 0000700 ___SH () C:\Users\Ανδρέας\AppData\Local\systemFL7.dat
2013-11-18 15:32 - 2014-10-28 06:21 - 0001213 ___SH () C:\Users\Ανδρέας\AppData\Local\win_fldb_sys.dat
2013-11-18 15:15 - 2014-10-28 06:20 - 0003465 ___SH () C:\Users\Ανδρέας\AppData\Local\win_stlthdb_sys.dat
2015-03-15 16:34 - 2015-03-15 16:34 - 0202594 _____ () C:\ProgramData\1426419554.bdinstall.bin
2015-03-15 16:36 - 2015-03-15 16:36 - 0037823 _____ () C:\ProgramData\1426430215.bdinstall.bin
2015-03-15 16:52 - 2015-03-15 16:52 - 0097892 _____ () C:\ProgramData\1426430219.bdinstall.bin
2015-03-15 21:49 - 2015-03-15 21:49 - 0110033 _____ () C:\ProgramData\1426448826.bdinstall.bin
2013-04-29 22:30 - 2015-03-16 08:00 - 0000201 _____ () C:\ProgramData\HPWALog.txt
2013-11-08 20:51 - 2014-07-13 20:36 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2013-05-02 21:43 - 2013-05-02 21:45 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2013-09-13 05:56 - 2013-09-13 05:56 - 0002456 _____ () C:\ProgramData\regid.2012-08.com.Corel,Roxio_76C7858E-078C-4C49-AB1A-2A7072664935.swidtag
2013-11-18 15:13 - 2014-10-28 06:20 - 0002568 ___SH () C:\ProgramData\win_mpwd_sys.dat

Files to move or delete:
====================
C:\ProgramData\win_mpwd_sys.dat


Some content of TEMP:
====================
C:\Users\Ανδρέας\AppData\Local\Temp\NOSEventMessages.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-16 18:09

==================== End Of Log ============================




 
 
Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Ανδρέας at 2015-03-17 20:30:01
Running from D:\downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: Norton Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
Acronis True Image 2014 (HKLM-x32\...\{1F91344A-B963-4431-89E8-4F80DEE282BE}Visible) (Version: 17.0.5560 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.5560 - Acronis) Hidden
Adobe Acrobat 9 Pro - English, Franηais, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - )
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft TotalMedia 3 (HKLM-x32\...\{268CF0B8-CA38-4E20-9E99-514A07F7C1F1}) (Version: - ArcSoft)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ATI Catalyst Registration (x32 Version: 2.01.0000 - ATI Technologies Inc.) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5856 - AVG Technologies)
AVG 2015 (Version: 15.0.4306 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5856 - AVG Technologies) Hidden
Avid License Control (HKLM-x32\...\{F187D064-F101-4E95-8D05-4027809AA0F8}) (Version: 3.0.0 - Avid Technology, Inc.)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.65.1074 - AB Team, d.o.o.)
Canon MP600 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP600) (Version: - )
CBReader (HKLM-x32\...\CBReader ) (Version: - ChessBase GmbH)
ChessBase Reader (HKLM-x32\...\{9664C520-5725-4885-B286-A4EC43A6B738}) (Version: 12.32.0.0 - ChessBase)
Cisco AnyConnect Mobile VPN Client ActiveSync Installer (HKLM-x32\...\{F9F51E3A-BC68-4F58-9FB1-907DFE35C492}) (Version: 2.4.0202 - Cisco Systems, Inc.)
Cisco AnyConnect VPN Client (HKLM-x32\...\{2A6355EB-273D-4368-9DB6-FB99EBA9FABD}) (Version: 2.4.0202 - Cisco Systems, Inc.)
Cisco AnyConnect VPN Client Start Before Login Components (HKLM-x32\...\{EFE0CDC6-876B-4474-AFC0-3C22B51FA012}) (Version: 2.4.0202 - Cisco Systems, Inc.)
CoreAAC (HKLM-x32\...\CoreAAC) (Version: - )
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dazzle Video Capture DVC100 X64 Driver 1.06 (x32 Version: 1.06.0000 - Pinnacle) Hidden
DC++ 0.802 (HKLM-x32\...\DC++) (Version: 0.802 - Jacek Sieka)
Deep Rybka 3 (x32 Version: 3.0 - ChessBase) Hidden
DNE Update (HKLM\...\{9F67FDDC-C889-1017-9044-BFF9EA58EC3B}) (Version: 3.22.5.18002 - Deterministic Networks, Inc.)
DuckCapture Standard 2.7 (HKLM-x32\...\DuckCapture_is1) (Version: 2.7 - DuckLink)
ElsaWin (HKLM-x32\...\ElsaWin) (Version: 4.00 - )
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Folder Lock (HKLM-x32\...\Folder Lock) (Version: - New Softwares.net)
Folder Lock (HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\FolderLock6) (Version: - New Sofware.net Inc.)
Free iTunes Backup Extractor version 2.1.0.1 (HKLM-x32\...\{F891E77B-EB1C-4035-BCC4-4DEF91EDD69E}_is1) (Version: 2.1.0.1 - Jihosoft Studio)
Fritz 12 (x32 Version: 12.0.0 - ) Hidden
Fritz 13 (HKLM-x32\...\{85EB0F56-3DB3-42CC-9384-A665C5FC5D08}) (Version: 13.0.0.0 - ChessBase)
Garmin Communicator Plugin (HKLM-x32\...\{13F054F3-0B07-4D15-9E80-C55B496AB557}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.56.5181 - Gretech Corporation)
Google Chrome (HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hauppauge MCE XP/Vista Software Encoder (2.0.27022) (HKLM-x32\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.27022 - Hauppauge Computer Works, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{844EC6B5-8435-47CE-93FA-842BC5EB22C2}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Integrated Module with Bluetooth wireless technology (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9602 - Broadcom Corporation)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4701 - Hewlett-Packard)
HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.0.1916 - Hewlett-Packard)
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4327 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.0.30.1 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4322 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.1913 - Hewlett-Packard)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.16.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0153 (HKLM-x32\...\{2EBA8202-FBD5-4004-81EA-BDC38C054CE2}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{F9A43C0C-F274-4EC0-B02E-202C15C09C00}) (Version: 3.50.12.1 - Hewlett-Packard)
iBackupBot for iTunes 3.6.5 (HKLM-x32\...\iBackupBot for iTunes) (Version: 3.6.5 - VOWSoft, Ltd.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6230.0 - IDT)
iFunbox (v2.94.2520.758), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.94.2520.758 - )
ImageShack Uploader 2.2.0 (HKLM-x32\...\{8BCD7AE7-F713-4D50-BAB9-7839B9386870}) (Version: 2.2.0 - ImageShack Corp.)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
iPhoneBrowser (HKLM-x32\...\{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}) (Version: 1.9.3 - Cranium Consulting and Custom Software)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.32.1 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 5.8.3 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.8.3 - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1913 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1913 - CyberLink Corp.) Hidden
LAV Filters 0.63.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.63.0 - Hendrik Leppkes)
Lotto Pro (HKLM-x32\...\Lotto Pro) (Version: - Data Solutions)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.0.5.2000 - Maxthon International Limited)
Media Player Classic - Home Cinema v1.4.2499.0 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.4.2499.0 - MPC-HC Team)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Ελληνικά) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1032) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Greek/Ελληνικά (HKLM-x32\...\Office15.OMUI.el-gr) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual Basic Power Packs 3.0 (HKLM-x32\...\{7B4D193B-D76D-308B-8B12-5D9BB1CBCE6C}) (Version: 9.0.30214 - Microsoft)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{784B4EE3-E308-4706-B3DC-51029944240B}) (Version: 08.05.0822 - Microsoft Corporation)
MKVToolNix 7.4.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.4.0 - Moritz Bunkus)
MobileMe Control Panel (HKLM\...\{AF5020D9-116A-46AC-A922-087592F37EC9}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 11.0 (x86 el) (HKLM-x32\...\Mozilla Firefox 11.0 (x86 el)) (Version: 11.0 - Mozilla)
MPEG2 Codec(libmpeg2/mad) (HKLM-x32\...\MPEG2 Codec(libmpeg2/mad)) (Version: - )
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 2015 (HKLM-x32\...\{763EF8DC-4CC0-47CA-BE1C-BDE731462250}) (Version: 16.0.02900 - Nero AG)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.6.15 - Symantec Corporation)
Norton Security (HKLM-x32\...\NS) (Version: 22.1.0.9 - Symantec Corporation)
Norton Utilities 15 (HKLM-x32\...\Norton Utilities 15_is1) (Version: 15.0 - Symantec Corporation)
Opera Stable 28.0.1750.40 (HKLM-x32\...\Opera 28.0.1750.40) (Version: 28.0.1750.40 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.5615 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.5615 - CyberLink Corp.) Hidden
Playchess (x32 Version: 1.00.000 - ) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
Prerequisite installer (x32 Version: 16.0.0000 - Nero AG) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Real Alternative 1.8.0 (HKLM-x32\...\RealAlt_is1) (Version: 1.8.0 - )
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
REALTEK DTV USB DEVICE (HKLM-x32\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 1.00.0000 - Realtek Semiconductor Corp.)
Recover Keys (HKLM-x32\...\Recover Keys_is1) (Version: 6.0.2.63 - Recover Keys)
Roxio Creator NXT 2 (HKLM-x32\...\{F6514099-C638-4F5D-878B-E1C68875B0E6}) (Version: 15.0.5.2 - Roxio)
Roxio Virtual Drive x64 (Version: 1.00.0000 - Roxio, Inc.) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0100-0408-0000-0000000FF1CE}_Office15.OMUI.el-gr_{4BFA9DD3-F090-430E-A37D-52FE52C8AC80}) (Version: - Microsoft)
Sibelius 7 OpenType Fonts (HKLM-x32\...\{623C2BD8-1B28-4F98-B578-E9D139827269}) (Version: 7.1.3 - Avid)
Sibelius 7.1.3.77 (HKLM\...\Sibelius 7.0.0.23_is1) (Version: 7.1.3.77 - Avid)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
Snagit 10 (HKLM-x32\...\{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}) (Version: 10.0.0 - TechSmith Corporation)
SopCast 3.5.0 (HKLM-x32\...\SopCast) (Version: 3.5.0 - www.sopcast.com)
SP45990 - Wallpaper Picture Position Enabler for Windows 7 (HKLM-x32\...\{86391634-A94B-4355-8397-3D85C2F942DA}) (Version: 1.0.0 - Hewlett-Packard International Pte. Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.22 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Subtitle Edit 3.4.4 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.4.4.0 - Nikse)
Subtitle Workshop 6.0b (HKLM-x32\...\SubtitleWorkshop) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Time Adjuster STANDARD 3.1 (HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\TimeAdjuster) (Version: - IrekSoftware.com)
TotalMedia Setup (HKLM-x32\...\{24C4BB38-F45D-4247-90B9-7E6CAA877FF3}) (Version: 1.00.0000 - Conexant)
VCDS Release 12.12.0 (HKLM-x32\...\VCDS Release 12.12) (Version: 12.12.0 - Ross-Tech)
Veetle TV 0.9.18 (HKLM-x32\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSCP 4.2.9 (HKLM-x32\...\winscp3_is1) (Version: 4.2.9 - Martin Prikryl)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E5}) (Version: 19.0.11293 - WinZip Computing, S.L. )
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2013 - Ελληνικά (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Κέντρο συσκευών των Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Υποστήριξη εφαρμογών Apple (32 bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Υποστήριξη εφαρμογών Apple (64 bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001_Classes\CLSID\{1F6DE925-8416-40D4-BC66-D69DB9D4360B}\InprocServer32 -> C:\Program Files\Roxio Creator NXT 2\Virtual Drive 10\DC_ShellExt64.dll (Corel Corporation)
CustomCLSID: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

13-03-2015 03:42:10 Cleaner (Spybot - Search & Destroy 2.4, administrator privileges
13-03-2015 13:39:31 Windows Update
13-03-2015 22:48:23 Windows Update
15-03-2015 03:00:16 Windows Update
15-03-2015 22:10:07 Installed AVG 2015
15-03-2015 22:11:23 Installed AVG 2015
16-03-2015 03:00:13 Windows Update
16-03-2015 07:19:28 Installed AVG PC TuneUp 2015
16-03-2015 07:44:12 Made by Norton Utilities δε
16-03-2015 08:52:23 Removed AVG PC TuneUp 2015
16-03-2015 08:54:07 Removed AVG PC TuneUp 2015 (en-US)
16-03-2015 20:02:32 Made by Norton Utilities δε
16-03-2015 20:07:21 Made by Norton Utilities lζ
16-03-2015 21:23:46 Windows Update
17-03-2015 16:37:05 Windows Update
17-03-2015 20:05:25 Restore Operation

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-07-08 16:39 - 00001093 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.acronis.com
127.0.0.1 www.password-protect-folders.net
127.0.0.1 www.password-protect-folders.net


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0380BDBD-198C-4DBC-A358-FF537B451EAD} - System32\Tasks\{2191A59C-7A22-4F22-800A-FD1A337AD7B5} => F:\Setup\setup.exe
Task: {0637DDD1-C329-4FB7-9AED-A1D72929FDE6} - System32\Tasks\{3FF9DB43-B0AE-4D9E-9523-3FA06CC27FC7} => pcalua.exe -a "D:\rapishare\Cisco VPN Client 5.0.0.4.0300\setup.exe" -d "D:\rapishare\Cisco VPN Client 5.0.0.4.0300"
Task: {07E22E3D-09FE-4FF3-BE88-B159EBE80767} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {08636482-AD33-417A-BAAA-2AFD52E25039} - System32\Tasks\{24B8FA2E-DF48-4F70-A479-E98FAE9BDB42} => pcalua.exe -a "C:\ETKA 7.3 Español + Actualizador 3.5 - Germany 05.2011 - AU.SE.SK.VW\ETKA v7.3 Germany 2011\ETKA73_Germany_2011.exe" -d "C:\ETKA 7.3 Español + Actualizador 3.5 - Germany 05.2011 - AU.SE.SK.VW\ETKA v7.3 Germany 2011"
Task: {0AE90636-1441-4BB8-AE50-1938343D8A13} - System32\Tasks\{713AD031-1E73-4450-9A51-4F93B1072F1B} => D:\downloads\ETKA 7.4 2013\ETKA74_Germany_2013.exe
Task: {0BC46EB8-F911-4F8E-A3A0-4783499F77EC} - System32\Tasks\{3D9E56A5-5BDF-4F55-A7E1-3EFBED6A1B67} => pcalua.exe -a "C:\Program Files (x86)\Windows Lotto Pro 2000\WiseUpdt.exe"
Task: {0BF1118E-3281-47F7-A1D4-16210033F55D} - System32\Tasks\{48B85A3E-3481-4591-933A-332068CFC359} => D:\downloads\Advanced System Optimizer 3.5.1000.14640 Datecode 13.12.2012 + Patch\Advanced System Optimizer 3.5.1000.14640\~Get Your Software Here\Advanced System Optimizer_setup.exe
Task: {0C4FF523-6178-4507-A9B2-7A1A0AF2C3DA} - System32\Tasks\{A75572D2-3BAB-4DA9-BC71-E1E2326A3313} => pcalua.exe -a "D:\Νέος φάκελος\Setup\setup.exe" -d "D:\Νέος φάκελος\Setup"
Task: {0EA90A46-B40A-443A-8762-6FB903CD892D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {0F714762-C026-4FD4-BFE0-983935860E91} - System32\Tasks\{59A0216D-5B17-44D9-BA51-B8950C2AC754} => pcalua.exe -a "D:\downloads\Steinberg Cubase 5.1\Autorun.exe" -d "D:\downloads\Steinberg Cubase 5.1"
Task: {0F891E2D-1E20-4B3F-9E36-78A6B44D6667} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\WSCStub.exe [2014-12-10] (Symantec Corporation)
Task: {180C6D08-2CBE-4E69-9F28-587B27DF5155} - System32\Tasks\{BDB2D282-8653-4A08-AE02-9FEEBE10B3A4} => D:\rapdishare\Roxio.Creator.2011.Pro.Multilingual.ISO-CORE\setup.exe
Task: {193310BC-E9B8-4EF0-9DE3-635D99669CF8} - System32\Tasks\Opera scheduled Autoupdate 1424107746 => C:\Program Files (x86)\Opera\launcher.exe [2015-03-05] (Opera Software)
Task: {19F4A01E-FCD3-4697-BA13-C0D8B2F57532} - System32\Tasks\{A475FCE9-A91F-4B55-B937-B9928BD84AC9} => pcalua.exe -a C:\Windows\ETKA7.3_Germany\uninstall.exe
Task: {1B0825FF-1ECB-4A4B-B934-280121329444} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {1B2854AD-32A7-45BA-BD3A-3AE059C98325} - System32\Tasks\{353413B8-2D8E-4770-B9E4-8E6EFFE1C8B1} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe" -c RealNetworks|RealPlayer|6.0
Task: {1C64AF90-5AB8-4FCE-8EA9-EDDABB4FF294} - System32\Tasks\{98D942BD-38AF-4B1C-963C-DB95AF8A7572} => pcalua.exe -a D:\downloads\sp50843_5.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {1D7BCDD0-A23B-44E0-BD79-ABB32329876E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {1FD2765F-C8FF-42FF-B891-8CE1A6A06550} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2014-12-10] (Maxthon International ltd.)
Task: {20733021-3828-411C-91FC-A9E81946815B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {207B317D-4035-4C7C-B0CC-F65B113C77DB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {214569BA-7038-4A52-9D34-8C4BA9CFE9F0} - System32\Tasks\{7AA0FC6D-F14A-4359-AFA0-A863AEC46266} => pcalua.exe -a "C:\Users\Ανδρέας\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W0SEDZP1\sp45046[1].exe" -d C:\Users\Ανδρέας\Desktop
Task: {2492197C-3DC9-4885-8863-C2327C38E258} - System32\Tasks\FixCleaner Scan => C:\Program Files (x86)\FixCleaner\FixCleaner.exe
Task: {2517D1AF-014A-4086-8A6A-F1FA0C1AFAAA} - System32\Tasks\{1115A378-89EE-4544-9966-97DA96DF41D1} => pcalua.exe -a "C:\Users\Ανδρέας\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V1UKJ4FX\sp45817[1].exe" -d C:\Users\Ανδρέας\Desktop
Task: {25952623-C0CE-4690-9EB3-E4968ED48E66} - System32\Tasks\{F8F44EF7-9C1E-4A17-B9D7-D896C27468E7} => pcalua.exe -a D:\downloads\sp45973_2.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {25F560A4-D150-4113-85F7-92B899EF6B2A} - System32\Tasks\{DF996CF0-2981-4371-A436-A7B928965F82} => pcalua.exe -a "C:\Users\Ανδρέας\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W0SEDZP1\winfix[1].exe" -d C:\Users\Ανδρέας\Desktop
Task: {25FA054E-76C7-4F3E-B663-235447C644A6} - System32\Tasks\{8A490DAC-3B30-4917-8098-DA35B9E55BFC} => pcalua.exe -a F:\Setup\setup.exe -d F:\Setup
Task: {26866ECE-37CF-47B7-B6BE-BE783CFE4B9D} - System32\Tasks\{C2BE56CE-E9D4-4B2D-94C4-A8A2E21B3474} => pcalua.exe -a D:\downloads\sp45974.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {275A284D-F20A-41BF-968B-93F1BCEE8B8E} - System32\Tasks\{81D9DA9D-6D1F-4A7A-A0BF-63DFF07F1C76} => pcalua.exe -a D:\downloads\mp600win64111ea23_3.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {30744A0E-31BD-41E7-B96D-6ABC11404E63} - System32\Tasks\AutoKMS
Task: {31AC812D-1024-4644-ABDE-B9578BA214AD} - System32\Tasks\{9541833D-BCCC-409F-8C8A-A9C1376E63DD} => pcalua.exe -a "D:\rapdishare\winrar_3.91_PRO_final_activated_latest_akhilesh910\winrar_3.91_PRO_final_activated_latest_akhilesh910\WinRARactivated akhilesh910.exe" -d D:\rapdishare\winrar_3.91_PRO_final_activated_latest_akhilesh910\winrar_3.91_PRO_final_activated_latest_akhilesh910
Task: {34537320-14F0-4776-9072-FC55906E9C3E} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {3611FA14-F0EF-43EF-A1C6-D6D7968AA83F} - System32\Tasks\KMS Activation => C:\Program Files\KMSpico\RandomFile.exe
Task: {36599FE2-A1A2-4DF8-B9D0-3C6347899D48} - System32\Tasks\{29E2829C-D843-42E5-B945-2EF378792015} => D:\rapdishare\CommView_For_WiFi_6.0.581\CommView_For_WiFi_6.0.581\Commview.for.Wifi.6.0.581.FullInstall.exe
Task: {392BF4F3-5E86-46AD-B4F6-693FB6CB6C58} - System32\Tasks\{7890D806-EFBD-4EDF-8805-BB494A13D22D} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {3AA75946-B924-4B7B-B829-AABC9B79118F} - System32\Tasks\{B956E16D-2BF7-4C73-99CB-07936652CFAD} => pcalua.exe -a "D:\downloads\Audi\audi data en\setup.exe" -d "D:\downloads\Audi\audi data en"
Task: {3C193CCF-B6D6-4059-9F24-0C15FBF4E3D7} - System32\Tasks\AdobeAAMUpdater-1.0-ADMIN-Ανδρέας => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {3D35B5F2-DEC8-4CC3-850B-667EA1D7E272} - System32\Tasks\{028DA932-0AD9-4471-BE6D-29677B08E3FC} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {3D96D6F0-545B-4A87-BBC0-2D1657793BD5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3641372981-3819987845-3030416424-1001UA => C:\Users\Ανδρέας\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {3DBEE674-BA70-4085-BF17-14760D80CEB0} - System32\Tasks\{C2610CDF-AEFE-4DD9-BCB1-28CCFD84DFA3} => pcalua.exe -a D:\rapishare\Cisco_VPN__Client_v5.0.05.0290\zwt\setup.exe -d D:\rapishare\Cisco_VPN__Client_v5.0.05.0290\zwt
Task: {47F4E908-4BB6-454F-937B-7033EC1EB1A9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {4AC98087-F58E-41D8-A162-9104BEE4C100} - System32\Tasks\{7C1F3CEE-06D3-422C-BECD-EAA56F425C0E} => pcalua.exe -a D:\downloads\bsplayer_pro257.1051\bsplayer_pro257.1051.exe -d D:\downloads\bsplayer_pro257.1051
Task: {4B09D4F1-3E5C-4491-80B8-6DB4EE2DC5C8} - System32\Tasks\{0A05D1F6-B1D8-4253-A227-51DF4C878706} => F:\Setup\setup.exe
Task: {4B27D1D7-0DCE-479A-AB9A-CFD24526A4D4} - System32\Tasks\{E26D6B79-6134-4683-A430-DEDD1213FD0F} => D:\downloads\ETKA 7.4 2013\ETKA74_Germany_2013.exe
Task: {5070F905-8913-46DE-B8B8-FC3804DB2BB3} - System32\Tasks\{59B3B77A-2CDD-4325-BE0F-B5F5B4A86E4A} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {523F91D3-FE71-4F95-B09E-7BCD2B66F04A} - System32\Tasks\{8E342E8D-531A-45AC-A14B-8A1440FBC2F1} => pcalua.exe -a D:\downloads\sp48482_3.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {52A83E2D-C1F2-4251-BEC5-581A4218E3EC} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {53969D1D-7401-4A03-90BF-028F4FB6E7FE} - System32\Tasks\{0C2537B8-8138-495C-A5DE-CD2736155204} => pcalua.exe -a D:\rapdishare\Roxio.Creator.2011.Pro.Multilingual.ISO-CORE\setup.exe -d D:\rapdishare\Roxio.Creator.2011.Pro.Multilingual.ISO-CORE
Task: {5724A085-0416-4581-BF5A-68A8964A9F1B} - System32\Tasks\{45797922-44E0-441C-B477-D4955EFFA815} => pcalua.exe -a "C:\Program Files (x86)\Windows Lotto Pro 2000\proupdt.exe" -d C:\Users\Ανδρέας\Desktop
Task: {592C65EC-AB6F-4800-9A2E-42694CA27273} - System32\Tasks\{4288CFB4-E879-46D3-8DCA-158C3C9190C7} => pcalua.exe -a D:\downloads\sp45975.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {5AF6B5CD-C0D2-4F5A-A608-C6BA9049E75B} - System32\Tasks\{02734E9E-E43B-418A-B397-D96F5C52E1DD} => D:\downloads\ETKA 7.4 2013\ETKA74_Germany_2013.exe
Task: {5D23FF7C-9F9D-446D-A655-C78AF1BC2C40} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {5EAFB111-E0FF-44D6-923F-663A84BB5ED4} - System32\Tasks\{07CC970C-0C61-4ECB-AF29-54E1BEBAC5CE} => D:\downloads\ETKA 7.4 2013\ETKA74_Germany_2013.exe
Task: {6070B784-79F7-40FE-9F07-89DF6AEE8403} - System32\Tasks\{6010115A-E762-4E52-8850-5C7275E51FA4} => pcalua.exe -a F:\setup.exe -d F:\
Task: {6A184DB3-5311-4F26-8762-65CD243FAEFF} - System32\Tasks\{141B1F51-8F3C-454B-8DF5-B252644EC54D} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {6F064DBF-F37B-4B87-A509-35C49A7DBED5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {705FCC93-18D8-43B5-84C8-1AD11DAC7F4A} - System32\Tasks\{234B7D43-6C45-4B5A-A62E-3E7C09F525B3} => D:\downloads\ETKA 7.4 2013\ETKA74_Germany_2013.exe
Task: {71619EB2-E063-4CAD-B513-DD3AC2ECE9EB} - System32\Tasks\{A5001C3F-DF37-4E66-9A0B-86D8DF63DE5E} => pcalua.exe -a "D:\downloads\Acronis True Image Home 2014 17 Build 5560+BootCD [ChingLiu]\Activation\ActivationAcronisTIH.exe" -d "D:\downloads\Acronis True Image Home 2014 17 Build 5560+BootCD [ChingLiu]\Activation"
Task: {71DC9C95-2945-4348-A1B3-661C71395431} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {74060C08-10A4-4A6D-AE62-7E46ABD23ECB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {757D5025-F658-4CBE-846A-D84E882E27FE} - System32\Tasks\{D3223229-347B-4AF8-BB8B-D14776C534A6} => pcalua.exe -a D:\downloads\sp45048.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {77945D0E-48E6-4CD8-ABC5-BBED1201EACE} - System32\Tasks\{76FC4E66-1312-4A0E-927C-FCAEC8858794} => pcalua.exe -a D:\downloads\lotto-sorcerer-6.31.exe -d D:\downloads
Task: {7C1A50ED-9802-4CCB-84A7-AE947687C152} - System32\Tasks\{1C281354-F79F-4B62-BABA-E30CB77DF702} => pcalua.exe -a D:\downloads\incomplete\lotto-sorcerer-6.31.exe -d D:\downloads\incomplete
Task: {7F590821-94B3-444C-9CE6-E6F3E16ABFAA} - System32\Tasks\{A95C4F69-BB1A-4A30-A88E-8B9CADB584FD} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {81F21CB5-C33D-418F-BD56-4AC4E8CFBBC3} - System32\Tasks\{C4A99942-96F2-4D94-88C6-EB3CA6D07EF4} => F:\Setup\setup.exe
Task: {83C0D99D-66BD-4291-BA78-4FB43677859E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {85E7BD4E-7741-41A4-9A17-D94E8CC1B854} - System32\Tasks\{F52E476C-FB64-4186-9DB7-6A215401D1CE} => pcalua.exe -a D:\downloads\780\780_Upgrade_R62T2_sip_3.exe -d D:\downloads\780
Task: {898C04BB-4274-4108-97D5-45C8D33DDD41} - System32\Tasks\{14F2AD16-176F-4793-A0CB-9046BEF22B8F} => D:\downloads\ETKA 7.4 2013\ETKA74_Germany_2013.exe
Task: {89B74A9B-C4D9-4731-A3C8-72A49FF0AD93} - System32\Tasks\Microsoft\Internet Explorer\Εκκαθάριση προηγούμενων εκδόσεων του Internet Explorer => C:\Windows\SYSTEM32\ie4uinit.EXE [2015-02-20] (Microsoft Corporation)
Task: {89BC46B0-725B-45B9-8555-C1CD62929BD3} - System32\Tasks\{9C97907F-6175-4E74-B549-D67607BC01D7} => pcalua.exe -a D:\downloads\sp50401_2.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {8AB808A8-79AF-4CA0-8DAB-6D4E5E692FE2} - System32\Tasks\{7431C176-32B5-4B00-AAEC-A5FDBA612832} => pcalua.exe -a D:\downloads\sp50516_2.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {8C73494D-0123-49BA-BAC8-46800473C581} - System32\Tasks\{61CD1AEA-AD33-49E6-8039-95FB981AFBBA} => pcalua.exe -a "D:\downloads\Vagcom 311.2 + Crack\Vagcom 311.2 + Crack\VAG_COM_v311.2\Release3112n2.exe" -d "D:\downloads\Vagcom 311.2 + Crack\Vagcom 311.2 + Crack\VAG_COM_v311.2"
Task: {8E7D2F6D-767E-47C9-933C-0128A7F838C8} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\SymErr.exe [2014-12-03] (Symantec Corporation)
Task: {90024778-2ED5-40B0-9AA7-C9E1BCCA3072} - System32\Tasks\{3A7E677B-6A0E-4276-B9C5-D35724051682} => pcalua.exe -a D:\downloads\ibackupbot3_setup_2.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {963CE7C9-C53E-4994-A064-2AFE74E6A051} - System32\Tasks\{A692D3BC-7A83-4149-8459-9E2ED1EBEE24} => pcalua.exe -a D:\rapdishare\Vistalizator.v1.36\Vistalizator.exe -d D:\rapdishare\Vistalizator.v1.36
Task: {96DE2257-5E11-4646-BABC-3A287EFE9A01} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-07-24] (CyberLink Corp.)
Task: {99DAA147-203F-433E-B267-6E3A806DD1E6} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ADMIN-Ανδρέας admin => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {9A3D300A-0CCD-4F4A-8CDC-CD9EE81F2D02} - System32\Tasks\{7DA3C50C-5084-46ED-8191-D944CCB872E0} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {9C9A86F9-09F0-4DEF-A92C-5C1A71B621F5} - System32\Tasks\{1C25D6F7-45E0-4239-A174-24E49CB42402} => pcalua.exe -a "D:\downloads\Openings Laboratory\AutoPlay\Chess course\Programs\video_player.exe" -d "D:\downloads\Openings Laboratory\"
Task: {A513A520-0990-466F-8EAF-C0907FCE81EF} - System32\Tasks\HPCeeScheduleForΑνδρέας => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {A5A3771E-1DE3-46E2-BECC-6FF7FC6BFB54} - System32\Tasks\{E53A9BEE-6CFB-44C1-9CDF-6C1E31096547} => pcalua.exe -a D:\downloads\mp600win64111ej.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {A6CAC04D-047A-44EE-A9B3-3EFA8FE81757} - System32\Tasks\{1CCFA693-B05B-46CD-91DE-646EDBD0249C} => pcalua.exe -a D:\downloads\fritz_12_[tfile.ru]\sr-fritz12\Setup\setup.exe -d D:\downloads\fritz_12_[tfile.ru]\sr-fritz12\Setup
Task: {A735D3F7-586C-4CF1-95D3-30DF920595A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {A943554D-84C9-4997-BF04-FE8619DACDF1} - System32\Tasks\{414C0A7D-59AA-42D5-8975-2E68CF354339} => pcalua.exe -a D:\downloads\sp41646.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {A95B29E4-C892-4AA3-9887-7262AB563D23} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {AA2E8F58-764C-4C42-A9A8-6FE0DC71D768} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3641372981-3819987845-3030416424-1001Core => C:\Users\Ανδρέας\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {AA6DA245-47C8-4411-AF74-CB5ECCB43E2E} - System32\Tasks\NUSchedule => C:\Program Files (x86)\Norton Utilities 15\nu.exe [2013-04-30] (Symantec Corporation)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {AD66E448-AC3D-46E4-86BF-32227DBA890C} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {AD8DCA05-932B-44D3-A145-60A81F968533} - System32\Tasks\{7909EFB5-8243-44C0-8134-B0D9499C99B6} => D:\downloads\windows6.1-kb972813-x86-en-us_22ee3397a02372681b375ddabf6ffa33662fd500.exe
Task: {AE257ACD-4727-4EF2-A297-0780E6007DA7} - System32\Tasks\{57D082BB-1EE6-4590-A47F-820A3B47C5A0} => pcalua.exe -a D:\downloads\sp50935_2.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {AEDC4747-0EC5-4D51-A249-FF2596DEE6F6} - System32\Tasks\{855B5DBE-FF6C-49AB-BFD1-9C42A59F86A1} => pcalua.exe -a D:\downloads\sp45047.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {AF1CAF5A-9B19-4F03-8A72-D514FBA02D09} - System32\Tasks\{8D7A8227-83F4-49BB-8F0D-592752E8CDDB} => pcalua.exe -a "D:\rapishare\RealPlayer v. 10.6 Premium\Setup.exe" -d "D:\rapishare\RealPlayer v. 10.6 Premium"
Task: {B1CADF2D-EBFF-44A5-834E-8E4F0E512E11} - System32\Tasks\{31C44640-9FB1-4ECB-913F-DD25CEC66D8D} => F:\Setup.exe
Task: {B26CE3E4-2715-41FE-AF47-A68C10E940B2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {B48F5F2B-78BE-4855-804A-EAAFFAC2BE84} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3641372981-3819987845-3030416424-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {B528D208-033C-4377-80F6-E4F85CD45E1A} - System32\Tasks\{D36D56C1-21A3-49EF-B0B1-5A8320A8FEB3} => pcalua.exe -a D:\rapdishare\Folder_Lock_v5.9.5_2b\Folder_Lock_v5.9.5_2b\Setup_Folder_Lock.exe -d D:\rapdishare\Folder_Lock_v5.9.5_2b\Folder_Lock_v5.9.5_2b
Task: {B68E1434-6B43-4AD5-94B5-B7FFD9BADF68} - System32\Tasks\{65C0DE28-A591-402B-8EC5-E8544DC5EED1} => F:\Setup.exe
Task: {BF1CCFB8-C2E0-44D6-8E42-B755B7339967} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {BFA43E3E-BD76-43FA-9F55-CDDC51B77363} - System32\Tasks\{CA518F9A-0C8C-4D3F-B7DB-5725B16704FE} => pcalua.exe -a "D:\downloads\Acronis True Image Home 2014 17 Build 5560+BootCD [ChingLiu]\Activation\ActivationAcronisTIH.exe" -d "D:\downloads\Acronis True Image Home 2014 17 Build 5560+BootCD [ChingLiu]\Activation"
Task: {C11CFAE6-647A-4887-8551-32D68F645670} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe [2009-07-24] (CL)
Task: {C14AE31F-EFEC-48EE-BAD2-6793A5C6AC27} - System32\Tasks\{AA726CD0-96D9-4FE8-86C4-D4C07C91A366} => pcalua.exe -a "C:\Program Files (x86)\Lotto Sorcerer\Setup.exe" -d "C:\Program Files (x86)\Lotto Sorcerer" -c /remove /q0
Task: {C18BD476-A2C0-4BB2-BFFA-32F42D7211D7} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\SymErr.exe [2014-12-03] (Symantec Corporation)
Task: {C45ECF5F-2617-435F-B454-6B14BE9F5DED} - System32\Tasks\{53D4D17F-3852-4C58-A873-EC00EE6224AC} => pcalua.exe -a "C:\Program Files (x86)\Recover Keys\RecoverKeys.exe" -d C:\Users\Ανδρέας\Desktop
Task: {C501CE5A-5C61-489C-A3ED-9F33CEB4E4F3} - System32\Tasks\{9438D44D-8874-4232-AD85-66B615998EC0} => F:\VCDS-Beta-11.3.0-Installer.exe
Task: {C57C6784-BB8A-44F6-ABE0-D1D36A9FBFFB} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {C690DA8C-D667-49FE-9B32-7020E323E04D} - System32\Tasks\{96A37C2C-095D-4838-97A4-8F2C274A5C38} => pcalua.exe -a "D:\downloads\Audi ELSAWIN\audi data en\setup.exe" -d "D:\downloads\Audi ELSAWIN\audi data en"
Task: {C7769075-A7F6-4E15-B127-36728978E738} - System32\Tasks\{990769D1-FEB0-45B8-8A52-834A72CC0F00} => C:\Program Files (x86)\ChessBase\ChessProgram13\ChessProgram13.exe [2015-02-25] (ChessBase GmbH)
Task: {CAA411FE-D5E3-4982-B82B-57011A7DFC9C} - System32\Tasks\{BE6C6ECD-21E5-4C03-ABAE-1B2874E9E7C9} => pcalua.exe -a "D:\downloads\BSplayer Pro 2.62.1068 Final + Keys By FANTOMAS77\BSplayer Pro 2.62.1068 Final + Keys By FANTOMAS77.exe" -d "D:\downloads\BSplayer Pro 2.62.1068 Final + Keys By FANTOMAS77"
Task: {CAB139E9-DFA9-4973-BDB9-DC515D603625} - System32\Tasks\Norton Management\Norton Error Processor => C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\SymErr.exe
Task: {CDEF1B33-661F-4E58-8B29-A5DB23354093} - System32\Tasks\{03C2B2FD-0875-436E-A839-6F357F3AC64D} => pcalua.exe -a "C:\Users\Ανδρέας\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V1UKJ4FX\sp45974[1].exe" -d C:\Users\Ανδρέας\Desktop
Task: {D0BED1C7-DCC4-47E9-A6D4-CC5733E4CA8E} - System32\Tasks\{049A84D9-6A8D-4B27-B9B6-0A3CA4202C0B} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {D364B8A2-469E-43AE-A635-C416656C38EB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3641372981-3819987845-3030416424-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {D574C168-8C1F-408E-9872-B004271D358C} - System32\Tasks\{072463E7-F3D9-4320-96E2-C9EA19D6B293} => pcalua.exe -a "C:\Users\Ανδρέας\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8HFFYO3X\sp45524[1].exe" -d C:\Users\Ανδρέας\Desktop
Task: {D79816F8-BAB8-42BC-8078-92B180A3227B} - System32\Tasks\{A77D6617-4AB4-4153-BC9C-65E4B7B2F4DB} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {DB5B9867-FBE2-4601-9FBC-D7CBA27BA355} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {DCE0DF53-0E42-4949-BDB6-CF619578214B} - System32\Tasks\{0096695D-4410-4E86-A3E9-A29B415AE293} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {DDE52B1F-4F5E-4387-8A20-95F658A662BB} - System32\Tasks\{6962E49D-423E-4C6A-B424-38B75146C5F4} => pcalua.exe -a D:\downloads\sp45046.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {DE3B880F-94A8-4ECE-B0DD-42504F536745} - System32\Tasks\Norton Management\Norton Error Analyzer => C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\SymErr.exe
Task: {DE6E2FC1-393B-45B9-8E60-C471E85BC0AE} - System32\Tasks\{88090CC0-D815-4194-BC64-C787D8A04975} => D:\downloads\ETKA 7.4 2013\ETKA74_Germany_2013.exe
Task: {DEB0F96C-8A86-4559-A44B-384AA831734D} - System32\Tasks\{97D6DB61-65A6-4E98-B9E4-DF82811C6CD1} => pcalua.exe -a D:\downloads\lotto-sorcerer-6.33.exe -d D:\downloads
Task: {DF6C6C91-FA44-4025-90F1-6418C82ABA39} - System32\Tasks\{A7D625CC-1BC5-4C25-B24E-A5E3E88D2AF1} => pcalua.exe -a "D:\downloads\ETKA7.3\Crack by Voliacom\Beta Emulator\hldrv32.exe" -d "D:\downloads\ETKA7.3\Crack by Voliacom\Beta Emulator"
Task: {E0E30241-13AE-49FB-87E5-FFEDF1B4A683} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-03-05] (Microsoft)
Task: {E17670BD-6120-4BAE-84F7-15DC96BBD5E2} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe [2009-07-24] (CL)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {E41DB473-29DB-49A2-99E3-114EC9831D13} - System32\Tasks\{A5656D16-2CDA-4C70-9E09-75C7AED4467E} => pcalua.exe -a D:\downloads\cain20.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {E662DC2A-5013-4C28-8129-102A3B88038D} - System32\Tasks\{680465E9-7DBB-45FC-B08B-475614A227B9} => pcalua.exe -a D:\downloads\ETKA7.3\ms_system\Hardlock\install\hldrv32.exe -d D:\downloads\ETKA7.3\ms_system\Hardlock\install
Task: {E96F3B37-1473-4687-844D-4D34AF6882C0} - System32\Tasks\{FD9EBB5F-E9C7-47C8-B1A1-EA463A340B81} => pcalua.exe -a D:\downloads\ETKA7.3\connect\sapoci\SapOcicfg.EXE -d D:\downloads\ETKA7.3\connect\sapoci
Task: {EBC0C9EE-8B83-4875-B10E-A3880DAFCF60} - System32\Tasks\{1CCBAEBE-05E3-4510-8F48-2BA54B96236B} => pcalua.exe -a "D:\downloads\incomplete\FL Studio 10.0.9 XXL Bundle + 24 Plugins Retail [ChingLiu]\flstudio_10.0.9.exe" -d "D:\downloads\incomplete\FL Studio 10.0.9 XXL Bundle + 24 Plugins Retail [ChingLiu]"
Task: {ED3F130A-1783-4D64-B9BE-752CC09689C6} - System32\Tasks\{4DF5F4B8-F0BA-4D2F-9342-6A6156CF24A1} => pcalua.exe -a "C:\Users\Ανδρέας\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8HFFYO3X\sp45041[1].exe" -d C:\Users\Ανδρέας\Desktop
Task: {EEC67853-977D-4A62-A39A-E4940EAA8177} - System32\Tasks\{1C697FB1-1D02-4874-9AE1-F060BFC4E54B} => F:\Setup\setup.exe
Task: {EFBFB22E-5D76-41DE-BFC3-B4F8B20FBEF8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {F348B185-5FEE-43CE-AC55-8DBFDCF3175E} - System32\Tasks\{D54EF487-8CDD-44EC-9EC3-43B4BA3D822E} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {F42977D6-560B-41BE-9644-13F6E27826FD} - System32\Tasks\{AA0218D2-A432-4837-9B26-BAAAAB726CD7} => pcalua.exe -a D:\downloads\sp48591.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {F4D7B955-8E3B-4415-B194-05E4B4D4C20F} - System32\Tasks\{882906EA-99E9-4203-B581-DAA8A078E5A3} => pcalua.exe -a D:\downloads\sp48482_5.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {F597B6B5-1536-4AC1-AD70-B0BA66435198} - System32\Tasks\{43DD6850-7E19-4C03-9F51-3BE614DE585D} => pcalua.exe -a "C:\Program Files (x86)\Windows Lotto Pro 2000\lotpro2000.exe" -d C:\Users\Ανδρέας\Desktop
Task: {F8666ED1-4882-4190-AE30-EF5B92BC0D33} - System32\Tasks\{B8678CAD-37FC-4DC9-B54B-46880375565A} => pcalua.exe -a D:\downloads\sp45974_2.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {FB4B96E0-7DEA-40E2-BDF2-771801FBDD84} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {FB65A763-A662-4C58-B9BC-1BE620539E9B} - System32\Tasks\{896DAF0E-8C93-43D0-BF91-4F5E1DF65BD6} => pcalua.exe -a C:\Users\Ανδρέας\Documents\Downloads\Programs\uninstall_flash_player.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {FF70AB13-7776-4CA0-BF72-A8496368AA86} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe [2009-07-24] (CL)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3641372981-3819987845-3030416424-1001Core.job => C:\Users\‘½΄Α­±Β\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3641372981-3819987845-3030416424-1001UA.job => C:\Users\‘½΄Α­±Β\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForΑνδρέας.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\NUSchedule.job => C:\Program Files (x86)\Norton Utilities 15\nu.exe

==================== Loaded Modules (whitelisted) ==============

2013-08-19 00:35 - 2013-08-19 00:35 - 00457960 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-27 10:41 - 2014-07-27 10:41 - 08892576 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-02-16 15:01 - 2015-02-16 15:01 - 02623488 _____ () C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll
2013-08-19 01:04 - 2013-08-19 01:04 - 00022760 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
2009-09-17 23:14 - 2009-01-21 20:47 - 00247152 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-01-20 22:35 - 2015-01-20 22:35 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2012-11-16 14:09 - 2012-11-16 14:09 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-07-01 14:44 - 2009-07-01 14:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2012-09-27 18:23 - 2012-09-27 18:23 - 00535184 _____ () C:\Program Files (x86)\Roxio Creator NXT 2\Roxio Burn\RoxioBurnLauncher.exe
2013-08-19 01:04 - 2013-08-19 01:04 - 03322600 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BEngine.dll
2013-08-19 01:04 - 2013-08-19 01:04 - 00524520 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\TRREngine.dll
2013-08-19 01:04 - 2013-08-19 01:04 - 00108776 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\Logging.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2015-03-12 21:37 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-03-12 21:37 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-03-12 21:37 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-03-12 21:37 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-03-12 21:37 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-07-27 10:41 - 2014-07-27 10:41 - 08892576 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-08-16 22:17 - 2011-10-30 13:28 - 00029696 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\QtSolutions_SingleApplication-head.dll
2013-08-16 22:17 - 2011-10-22 07:05 - 08343040 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\QtGui4.dll
2013-08-16 22:17 - 2011-08-28 19:41 - 02305536 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\QtCore4.dll
2013-08-16 22:17 - 2011-08-28 19:42 - 00862720 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\QtNetwork4.dll
2013-08-16 22:17 - 2011-10-30 13:28 - 00582144 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\QtSolutions_PropertyBrowser-head.dll
2013-08-16 22:17 - 2011-08-28 19:57 - 01339904 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\QtScript4.dll
2013-08-16 22:17 - 2011-08-28 20:50 - 00581120 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\QtScriptTools4.dll
2013-08-16 22:17 - 2011-11-03 20:20 - 00617984 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\QxtGui.dll
2013-08-16 22:17 - 2011-11-03 20:21 - 00395264 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\QxtCore.dll
2013-08-16 22:17 - 2011-08-28 20:51 - 00026624 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qgif4.dll
2013-08-16 22:17 - 2011-08-28 20:51 - 00029184 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qico4.dll
2013-08-16 22:17 - 2011-08-28 20:51 - 00200704 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qjpeg4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 08507232 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 02354016 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 01014624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00364384 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 02480992 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 01346912 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00206176 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 02653024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00033120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00035680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00207200 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 11166560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00276832 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2014-11-11 10:21 - 2014-11-11 10:21 - 00392552 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2014-11-11 10:21 - 2014-11-11 10:21 - 00059752 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2014-11-19 12:47 - 2014-11-19 12:47 - 00438624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00446304 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00520544 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00720736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2014-11-19 12:46 - 2014-11-19 12:46 - 00606560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00093024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2013-08-22 11:38 - 2013-08-22 11:38 - 00036672 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2013-08-22 11:38 - 2013-08-22 11:38 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2014-07-27 21:08 - 2005-08-05 15:24 - 00028672 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3\uPiApi.dll
2014-07-27 21:08 - 2004-12-14 11:00 - 00430080 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3\fpxlib.dll
2014-07-27 21:08 - 2006-01-06 13:51 - 00266303 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3\magengin.dll
2014-07-27 21:08 - 2004-12-01 16:21 - 00180224 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3\kgl.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-22 11:41 - 2013-08-22 11:41 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:1F8C9007
AlternateDataStreams: C:\ProgramData\Temp:C8B8CEBD
AlternateDataStreams: C:\ProgramData\Temp:D287FACF
AlternateDataStreams: C:\ProgramData\Temp:D3A96964
AlternateDataStreams: C:\ProgramData\Temp:EDA8E5DF
AlternateDataStreams: C:\Users\Ανδρέας\AppData\Roaming\Microsoft Excel 97-2003.EML:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: BCSSync =>
MSCONFIG\startupreg: DuckCapture => "C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe" /autorun
MSCONFIG\startupreg: Google Update => "C:\Users\Ανδρέας\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: iFunBox Price Watch => D:\downloads\ifunbox2014\iFunBox2014.exe /tray
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray

==================== Accounts: =============================

Administrator (S-1-5-21-3641372981-3819987845-3030416424-500 - Administrator - Disabled)
Guest (S-1-5-21-3641372981-3819987845-3030416424-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3641372981-3819987845-3030416424-1004 - Limited - Enabled)
Ανδρέας (S-1-5-21-3641372981-3819987845-3030416424-1001 - Administrator - Enabled) => C:\Users\Ανδρέας

==================== Faulty Device Manager Devices =============

Name: Shrew Soft Lightweight Filter
Description: Shrew Soft Lightweight Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vflt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/17/2015 08:26:12 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x800700b7, Failed to add Gather Application: Windows>.

Error: (03/17/2015 08:26:11 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x800700b7, Failed to add Gather Application: Windows>.

Error: (03/17/2015 08:18:26 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x800700b7, Failed to add Gather Application: Windows>.

Error: (03/17/2015 08:15:09 PM) (Source: SmartMenu) (EventID: 100) (User: )
Description: Failed to load resources

Error: (03/17/2015 08:15:07 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Windows Update). Additional information: 0x80070005.

Error: (03/17/2015 08:14:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/17/2015 07:18:01 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x800700b7, Failed to add Gather Application: Windows>.

Error: (03/17/2015 07:17:27 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x800700b7, Failed to add Gather Application: Windows>.

Error: (03/17/2015 07:17:09 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x800700b7, Failed to add Gather Application: Windows>.

Error: (03/17/2015 07:16:50 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x800700b7, Failed to add Gather Application: Windows>.


System errors:
=============
Error: (03/17/2015 08:26:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 10 time(s).

Error: (03/17/2015 08:26:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Search service terminated with the following error:
%%183

Error: (03/17/2015 08:26:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 9 time(s).

Error: (03/17/2015 08:26:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Search service terminated with the following error:
%%183

Error: (03/17/2015 08:22:43 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Acronis Sync Agent Service service hung on starting.

Error: (03/17/2015 08:18:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 8 time(s).

Error: (03/17/2015 08:18:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Search service terminated with the following error:
%%183

Error: (03/17/2015 08:16:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 7 time(s).

Error: (03/17/2015 08:16:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Search service terminated with the following error:
%%183

Error: (03/17/2015 08:15:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 6 time(s).


Microsoft Office Sessions:
=========================
Error: (03/17/2015 08:26:12 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 10x800700b7Failed to add Gather Application: Windows

Error: (03/17/2015 08:26:11 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 10x800700b7Failed to add Gather Application: Windows

Error: (03/17/2015 08:18:26 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 10x800700b7Failed to add Gather Application: Windows

Error: (03/17/2015 08:15:09 PM) (Source: SmartMenu) (EventID: 100) (User: )
Description: Failed to load resources

Error: (03/17/2015 08:15:07 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Windows Update0x80070005

Error: (03/17/2015 08:14:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/17/2015 07:18:01 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 10x800700b7Failed to add Gather Application: Windows

Error: (03/17/2015 07:17:27 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 10x800700b7Failed to add Gather Application: Windows

Error: (03/17/2015 07:17:09 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 10x800700b7Failed to add Gather Application: Windows

Error: (03/17/2015 07:16:50 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 10x800700b7Failed to add Gather Application: Windows


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU P8800 @ 2.66GHz
Percentage of memory in use: 51%
Total physical RAM: 4063.19 MB
Available physical RAM: 1967.77 MB
Total Pagefile: 8124.56 MB
Available Pagefile: 4977.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:297.89 GB) (Free:149.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:298.09 GB) (Free:132.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: EB8DFADB)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 9222066C)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:47 AM

Posted 17 March 2015 - 04:01 PM

Hi,
you are a chessplayer? :)
 
 
warning.gif P2P warning

Going over your logs I noticed that you have µTorrent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via  hidden2.png > Control Panel > Add/Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.


goGMWSt.gifCRACKED SOFTWARE WARNING

Participating in the use of cracked/pirated/keygen software is not only illegal but also a security risk. Were you aware your machine has cracked software installed? I do not approve of nor support illegal software.

Malware authors promote and release cracked software to spread their infections. I strongly recommend you refrain from participating in this activity; your computer will be repeatedly infected otherwise. Simply visiting a cracked software site can result in infection via drive-by exploits of vulnerable software.

Cracked software will make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. In some instances an infection may cause so much damage to your system that recovery is not possible and the only option is to reformat your Hard Drive and reinstall your Operating System. Please read the following articles for more information.

127.0.0.1 activation.acronis.com
127.0.0.1 www.password-protect-folders.net
127.0.0.1 www.password-protect-folders.net

 Please remove these programs.
 

warning.gif Multiple Anti-Virus Software

I see that you're running more than one antivirus program at the same time.
This is a bad idea.
Using more than one AV will not give you any better protection, but may cause interferences between them, slow your machine or even completely block your OS. You should choose only one to stay, and remove any others. Think carefully and stay with only one AV. It should be done before any other steps in malware removal will be taken.

Please uninstall all but one using the tools you may find in the following link: Uninstallers (removal tools) for common Windows antivirus software.

warning.gif Malware Warning

If your computer was used for online banking, has credit card information or other sensitive data, using a non-infected computer/device you should immediately change all account information (including those used for banking, Email, eBay, Paypal, online forums, etc).

Step 1

frst.pngfrstfix.png

Press thew7.png + R on your keyboard at the same time. Type notepad and click OK.

  • Copy the entire content of the codebox below and paste into the notepad document:
    CloseProcesses:
    2015-02-16 15:01 - 2015-02-16 15:01 - 02623488 _____ () C:\ProgramData\Microsoft\Security\
    AlternateDataStreams: C:\ProgramData\Temp:1F8C9007
    AlternateDataStreams: C:\ProgramData\Temp:C8B8CEBD
    AlternateDataStreams: C:\ProgramData\Temp:D287FACF
    AlternateDataStreams: C:\ProgramData\Temp:D3A96964
    AlternateDataStreams: C:\ProgramData\Temp:EDA8E5DF
    HKLM-x32\...\Run: [] => [X]
    ShellIconOverlayIdentifiers: [0WinSecurityProvider] -> {F76FA5C2-3B6A-451E-8CA5-34C8D0AE0637} => C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll ()
    CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1424107781&from=cor&uid=WDCXWD3200BEKT-60F3T1_WD-WX10AA9U5177U5177"
    CHR DefaultSuggestURL: Default -> http://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
    
    
  • Click File, Save As and type fixlist.txt as the File Name.

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.


Step 2

Please download and install mbam.pngMalwarebytes Anti-Malware

  • Please open Malwarebytes Anti-Malware.
  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine All" [5]. Then click the button: Apply Actions. [6]
  • A window with an option to view the detailed log will appear.
    mbamlog.png
  • Click on "View detailed log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.

mbameng.gif


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 ankarage

ankarage
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 18 March 2015 - 07:47 AM

Yes,I am a chess player.It is my favorite game.

I have Fritz13 ,i suppose that you have Rybka.

I applied exactly your procedure and i send you the log files.

I notice that at the end and after rebooting i see  the backdoor file securityhelper.dll again!(recreate)
I am waiting for your instructions.

Thanks
 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 18/3/2015
Scan Time: 13:50:28
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.03.18.03
Rootkit Database: v2015.02.25.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: ÎνδÏέαÏ

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 475738
Time Elapsed: 24 min, 16 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
PUP.Optional.Babylon.A, C:\Users\ÎνδÏέαÏ\AppData\Local\Google\Chrome\User Data\Default\BrowserMngrPreferences, Good: (), Bad: ( "homepage" : "http://search.babylon.com/?affID=110809&tt=130812_ppcs0_3312_4&babsrc=HP_ss&mntrId=5667a9080000000000000ceee69a84ad",), Replaced,[109964bebcce8caa5f096cbf28de4cb4]

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

Fixlog.txt

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Ανδρέας at 2015-03-18 13:39:43 Run:1
Running from C:\FRST\Logs
Loaded Profiles: Ανδρέας (Available profiles: Ανδρέας)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
• CloseProcesses:
• 2015-02-16 15:01 - 2015-02-16 15:01 - 02623488 _____ () C:\ProgramData\Microsoft\Security\
• AlternateDataStreams: C:\ProgramData\Temp:1F8C9007
• AlternateDataStreams: C:\ProgramData\Temp:C8B8CEBD
• AlternateDataStreams: C:\ProgramData\Temp:D287FACF
• AlternateDataStreams: C:\ProgramData\Temp:D3A96964
• AlternateDataStreams: C:\ProgramData\Temp:EDA8E5DF
• HKLM-x32\...\Run: [] => [X]
• ShellIconOverlayIdentifiers: [0WinSecurityProvider] -> {F76FA5C2-3B6A-451E-8CA5-34C8D0AE0637} =>
• C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll ()
• CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1424107781&from=cor&uid=WDCXWD3200BEKT-60F3T1_WD-WX10AA9U5177U5177"
• CHR DefaultSuggestURL: Default -> http://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff

*****************

• CloseProcesses: => Error: No automatic fix found for this entry.
• 2015-02-16 15:01 - 2015-02-16 15:01 - 02623488 _____ () C:\ProgramData\Microsoft\Security\ => Error: No automatic fix found for this entry.
"• C:\ProgramData\Temp" => "• :1F8C9007" ADS not found.
"• C:\ProgramData\Temp" => "• :C8B8CEBD" ADS not found.
"• C:\ProgramData\Temp" => "• :D287FACF" ADS not found.
"• C:\ProgramData\Temp" => "• :D3A96964" ADS not found.
"• C:\ProgramData\Temp" => "• :EDA8E5DF" ADS not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\•  => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\• 0WinSecurityProvider => Key not found.
HKCR\CLSID\• {F76FA5C2-3B6A-451E-8CA5-34C8D0AE0637} => Key not found.
• C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll () => Error: No automatic fix found for this entry.
Chrome StartupUrls not detected.
Chrome DefaultSuggestURL not detected.

==== End of Fixlog 13:39:54 ====


Edited by ankarage, 18 March 2015 - 08:07 AM.


#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:47 AM

Posted 18 March 2015 - 07:56 AM

Hi,

Step 1

frst.pngfrstfix.png
Please download the attached fixlist txt.gif and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.
Attached File  fixlist.txt   794bytes   9 downloads


Step 2

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#7 ankarage

ankarage
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 18 March 2015 - 09:34 AM

i send you FRST.txt and Addition.txt


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Ανδρέας (administrator) on ADMIN on 18-03-2015 16:11:29
Running from C:\FRST\Logs
Loaded Profiles: Ανδρέας (Available profiles: Ανδρέας)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrAdm.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrDba.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrHis.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrPas.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrSaz.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Volkswagen AG) C:\ElsaWin\bin\LcSvrAuf.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(BitTorrent Inc.) C:\Users\Ανδρέας\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(DuckLink Software) C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(i-Funbox.com) C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3\TMMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\MSOSYNC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\TscHelp.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagitEditor.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
() C:\Program Files (x86)\Roxio Creator NXT 2\Roxio Burn\RoxioBurnLauncher.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_305_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-07-21] ()
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-05-20] (Hewlett-Packard Company)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2010-02-25] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Roxio Creator NXT 2\Common\RoxWatchTray15.exe [294632 2013-08-19] (Corel Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [uTorrent] => C:\Users\Ανδρέας\AppData\Roaming\uTorrent\uTorrent.exe [1677904 2015-01-22] (BitTorrent Inc.)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [Google Update] => C:\Users\Ανδρέας\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-24] (Google Inc.)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3837520 2014-09-26] (Tonec Inc.)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [DuckCapture] => C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe [436736 2011-11-03] (DuckLink Software)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [iFunBox Fast App Install Handler] => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe [2508288 2015-02-10] (i-Funbox.com)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2015-02-16] (Google Inc.)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\MountPoints2: {dcb285dc-ad34-11df-a070-806e6f6e6963} - "G:\WD SmartWare.exe" autoplay=true
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 10.lnk
ShortcutTarget: Snagit 10.lnk -> C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe (TechSmith Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3\TMMonitor.exe (ArcSoft, Inc.)
ShellIconOverlayIdentifiers: [0WinSecurityProvider] -> {F76FA5C2-3B6A-451E-8CA5-34C8D0AE0637} => C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll ()
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://gr.msn.com/?mkt=el-gr&ocid=iehp
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = ${SEARCH_URL}{searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> {DB6EB4DB-4BD7-41B2-91E8-665A5D8C6B47} URL = https://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2014-06-05] (Internet Download Manager, Tonec Inc.)
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll [2010-04-13] (TechSmith Corporation)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-08-12] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06] (Google Inc.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll [2014-07-31] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-07-27] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: No Name -> {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} -> No File
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2014-06-05] (Internet Download Manager, Tonec Inc.)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll [2010-04-13] (TechSmith Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-08-12] (Microsoft Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-17] (Oracle Corporation)
BHO-x32: Βοηθός εισόδου του Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-06] (Google Inc.)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll [2014-07-31] (Symantec Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-07-27] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-17] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll [2010-04-13] (TechSmith Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll [2014-07-31] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06] (Google Inc.)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll [2010-04-13] (TechSmith Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-06] (Google Inc.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll [2014-07-31] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> No Name - {1C376F3E-105A-47F1-BC4F-A5EAFB1E62E2} - No File
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06] (Google Inc.)
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> No Name - {5B291E6C-9A74-4034-971B-A4B007A0B315} - No File
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> No Name - {D44C9227-30BD-47D4-8137-95D32189D02A} - No File
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1259.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - C:\ElsaWin\bin\wiprot.dll [2011-12-06] (TODO: <Company name>)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Ανδρέας\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2012-05-30] (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-11-15] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-08-29] (Nero AG)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2852 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2008-04-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.46 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2008-04-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2008-04-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2008-04-28] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @veetle.com/vbp;version=0.9.17 -> C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll [2010-03-23] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [2010-10-16] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [2010-09-21] (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3641372981-3819987845-3030416424-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-3641372981-3819987845-3030416424-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-11-15] (Microsoft Corporation)
FF Extension: Anaglyph Class - C:\Users\Ανδρέας\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default\Extensions\{35D85EC0-7688-5B01-DE09-5CC22DA897FF} [2015-02-25]
FF Extension: DownloadHelper - C:\Users\Ανδρέας\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-10-20]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn [2015-03-18]
FF HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Ανδρέας\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Ανδρέας\AppData\Roaming\IDM\idmmzcc5 [2014-09-26]
FF HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Ανδρέας\AppData\Roaming\IDM\idmmzcc5
FF Extension: No Name - C:\Users\Ανδρέας\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default\extensions\plugin@yontoo.com.xpi [Not Found]
FF Extension: No Name - C:\Users\Ανδρέας\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com [Not Found]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1424107781&from=cor&uid=WDCXWD3200BEKT-60F3T1_WD-WX10AA9U5177U5177"
CHR DefaultSuggestURL: Default -> http://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\ΑνδΟΞ­Ξ±Ο‚\AppData\Local\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\ΑνδΟΞ­Ξ±Ο‚\AppData\Local\Google\Chrome\Application\40.0.2214.115\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\ΑνδΟΞ­Ξ±Ο‚\AppData\Local\Google\Chrome\Application\40.0.2214.115\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Norton Confidential) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.2.5_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.230.5) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U23) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle Broadcaster Plugin) - C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Ανδρέας\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Anaglyph Class) - C:\Users\Ανδρέας\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-03-05]
CHR Extension: (Norton Identity Safe) - C:\Users\Ανδρέας\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-10]
CHR Extension: (IDM Integration Module) - C:\Users\Ανδρέας\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-01-26]
CHR Extension: (Norton Safe) - C:\Users\Ανδρέας\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2014-08-10]
CHR Extension: (Google Wallet) - C:\Users\Ανδρέας\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-15]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-06-05]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\Exts\Chrome.crx [2014-08-08]
StartMenuInternet: Google Chrome - C:\Users\Ανδρέας\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457960 2013-08-19] ()
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22760 2013-08-19] ()
S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-11-01] (CyberLink)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2015-03-02] (Macrovision Europe Ltd.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
R2 LcSvrAdm; C:\ElsaWin\bin\LcSvrAdm.exe [240640 2011-12-06] (Volkswagen AG) [File not signed]
R3 LcSvrAuf; C:\ElsaWin\bin\LcSvrAuf.exe [1321472 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrDba; C:\ElsaWin\bin\LcSvrDba.exe [392704 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrHis; C:\ElsaWin\bin\LcSvrHis.exe [335360 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrPAS; C:\ElsaWin\bin\LcSvrPas.exe [477696 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrSaz; C:\ElsaWin\bin\LcSvrSaz.exe [373248 2011-12-06] (Volkswagen AG) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe [130104 2014-07-31] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()
R2 RoxioBurnLauncher; C:\Program Files (x86)\Roxio Creator NXT 2\Roxio Burn\RoxioBurnLauncher.exe [535184 2012-09-27] ()
S3 RoxMediaDB15; C:\Program Files (x86)\Roxio Creator NXT 2\Common\RoxMediaDB15.exe [1097448 2013-08-19] (Corel Corporation)
S2 RoxWatch15; C:\Program Files (x86)\Roxio Creator NXT 2\Common\RoxWatch15.exe [341736 2013-08-19] (Corel Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AESTAud; C:\Windows\System32\drivers\AESTAu64.sys [146048 2009-04-20] (Andrea Electronics Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
U5 NBVol; C:\Windows\System32\Drivers\NBVol.sys [72240 2011-07-13] (Nero AG)
U5 NBVolUp; C:\Windows\System32\Drivers\NBVolUp.sys [15920 2011-07-13] (Nero AG)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S1 ntiomin; No ImagePath
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RT-USB; C:\Windows\System32\drivers\RT-USB64.SYS [70984 2010-06-16] (Ross-Tech LLC)
S3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [238096 2012-05-21] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [39016 2011-12-29] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832U_IRHID; C:\Windows\SysWOW64\DRIVERS\RTL2832U_IRHID.sys [44320 2009-10-05] (Realtek)
S3 RTL8187; C:\Windows\System32\DRIVERS\wg111v2.sys [340992 2007-12-26] (NETGEAR Inc.)
R0 Sahdad64; C:\Windows\System32\Drivers\Sahdad64.sys [28304 2013-08-19] (Corel Corporation)
R0 Saibad64; C:\Windows\System32\Drivers\Saibad64.sys [20112 2013-08-19] (Corel Corporation)
R1 SaibVdAd64; C:\Windows\System32\Drivers\SaibVdAd64.sys [27792 2013-08-19] (Corel Corporation)
S1 vflt; C:\Windows\System32\DRIVERS\vfilter.sys [20992 2009-11-19] (Shrew Soft Inc) [File not signed]
S3 vnet; C:\Windows\System32\DRIVERS\virtualnet.sys [12800 2009-11-19] (Shrew Soft Inc) [File not signed]
S2 NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-18 13:43 - 2015-03-18 15:53 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-18 13:42 - 2015-03-18 13:42 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-18 13:42 - 2015-03-18 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-18 13:42 - 2015-03-18 13:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-18 13:42 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-18 13:42 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-18 13:42 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-18 13:17 - 2015-03-18 13:17 - 00000000 ____D () C:\8407210bffc95c87986bdfbb97
2015-03-18 13:17 - 2015-03-18 13:17 - 00000000 ____D () C:\5534359a370433fdf1cb1f3fbae3
2015-03-18 13:16 - 2015-03-18 13:17 - 00000000 ____D () C:\211383d1db0e5f95c439
2015-03-18 09:13 - 2015-03-18 09:14 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\{7CFC7DBB-9A39-44FE-A335-D1F1E1A55A16}
2015-03-17 22:30 - 2015-03-17 22:30 - 00000000 ____D () C:\d48726ec622b77c2d059e50c26
2015-03-17 22:30 - 2015-03-17 22:30 - 00000000 ____D () C:\64d755e0c2d58fe12663f6c2bd
2015-03-17 22:30 - 2015-03-17 22:30 - 00000000 ____D () C:\12dfb59266ad11b24ca67e
2015-03-17 21:12 - 2015-03-17 21:12 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\{18F40C63-BE6E-4971-80E6-48932D2E88C7}
2015-03-17 20:27 - 2015-03-18 16:11 - 00000000 ____D () C:\FRST
2015-03-17 16:38 - 2015-03-17 16:38 - 00000000 ____D () C:\0fadfdac6f4049db0ba763cbc6b73074
2015-03-17 16:38 - 2015-03-17 16:38 - 00000000 ____D () C:\0a7fbe604d11990eef47d1
2015-03-17 16:37 - 2015-03-17 16:38 - 00000000 ____D () C:\7e436305061e55d5836c738933a4a2
2015-03-16 20:07 - 2015-03-16 20:07 - 11960320 _____ () C:\Windows\system32\config\software.rrr
2015-03-16 20:07 - 2015-03-16 20:07 - 00819200 _____ () C:\Windows\system32\config\default.rrr
2015-03-16 20:07 - 2015-03-16 20:07 - 00003072 _____ () C:\Windows\system32\Cache.db
2015-03-16 07:54 - 2015-03-16 07:54 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-16 07:20 - 2015-03-16 07:20 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\AVG
2015-03-16 07:19 - 2015-03-16 07:19 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\Avg
2015-03-16 07:18 - 2015-03-16 07:22 - 00000000 ____D () C:\ProgramData\AVG
2015-03-15 22:11 - 2015-03-18 12:03 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-03-15 21:49 - 2015-03-15 21:49 - 00110033 _____ () C:\ProgramData\1426448826.bdinstall.bin
2015-03-15 16:52 - 2015-03-15 16:52 - 00097892 _____ () C:\ProgramData\1426430219.bdinstall.bin
2015-03-15 16:36 - 2015-03-15 16:36 - 00037823 _____ () C:\ProgramData\1426430215.bdinstall.bin
2015-03-15 16:34 - 2015-03-15 16:34 - 00202594 _____ () C:\ProgramData\1426419554.bdinstall.bin
2015-03-15 13:42 - 2012-11-02 14:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-03-15 13:39 - 2015-03-16 07:35 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\QuickScan
2015-03-15 13:20 - 2015-03-15 21:59 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2015-03-14 12:47 - 2015-03-16 07:07 - 00004966 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ADMIN-Ανδρέας admin
2015-03-13 03:38 - 2015-03-18 12:59 - 00005411 _____ () C:\Windows\wininit.ini
2015-03-12 21:38 - 2015-03-12 21:38 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-03-12 21:37 - 2015-03-18 12:59 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-11 13:56 - 2015-03-11 13:56 - 00000000 ____D () C:\Users\Ανδρέας\Documents\Control4
2015-03-11 13:56 - 2015-03-11 13:56 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\Control4
2015-03-11 11:49 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 11:49 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 11:49 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 11:49 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 11:49 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 11:49 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 11:49 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 11:49 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 11:49 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 11:49 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 11:49 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 11:49 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 11:49 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 11:49 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 11:49 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 11:49 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 11:49 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 11:49 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 11:49 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 11:49 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 11:49 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 11:49 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 11:49 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 11:49 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 11:49 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 11:48 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 11:48 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 11:48 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 11:48 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 11:48 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 11:48 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 11:48 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 11:48 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 11:48 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 11:48 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 11:48 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 11:48 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 11:48 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 11:48 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 11:48 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 11:48 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 11:48 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 11:48 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 11:48 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 11:48 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 11:48 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 11:48 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 11:48 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 11:48 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 11:48 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 11:48 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 11:48 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 11:48 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 11:48 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 11:48 - 2015-01-31 05:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 11:48 - 2015-01-31 05:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 11:48 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 11:48 - 2015-01-31 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 11:48 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 11:48 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 11:48 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 11:48 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 11:47 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 11:47 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 11:47 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 11:47 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 11:47 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 11:47 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 11:47 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 11:47 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 11:47 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 11:47 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 11:47 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 11:47 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 11:47 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 11:47 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 11:47 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 11:47 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 11:47 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 11:47 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 11:47 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 11:47 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 11:47 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 11:47 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 11:47 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 11:47 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 11:47 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 11:47 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 11:47 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 11:47 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 11:47 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 11:47 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 11:47 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 11:47 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 11:47 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 11:47 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 11:47 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 11:47 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 11:47 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 11:47 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 11:47 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 11:47 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 11:47 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 11:47 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 11:47 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 11:47 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 11:47 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 11:47 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 11:47 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 11:47 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 11:47 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 11:47 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 11:47 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 11:47 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 11:47 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 11:47 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 11:47 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 11:47 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 11:47 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 11:47 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 11:47 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-10 19:01 - 2015-03-10 19:01 - 00000000 ____D () C:\Users\Public\Documents\Songs
2015-03-08 22:34 - 2015-03-08 22:34 - 00002483 _____ () C:\Users\Public\Desktop\ImageShack Uploader.lnk
2015-03-08 22:34 - 2015-03-08 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageShack Uploader
2015-03-08 22:34 - 2015-03-08 22:34 - 00000000 ____D () C:\Program Files (x86)\ImageShack Uploader
2015-03-08 08:06 - 2015-03-08 08:06 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security
2015-03-08 08:04 - 2015-03-18 12:50 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-03-08 08:04 - 2015-03-08 08:04 - 00003214 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-03-08 07:59 - 2015-03-08 07:59 - 00000000 ____D () C:\Windows\system32\Drivers\NSx64
2015-03-07 22:21 - 2015-03-07 22:21 - 00000000 ____D () C:\SUPERDelete
2015-03-07 22:03 - 2015-03-07 23:51 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-02 19:25 - 2008-04-07 05:38 - 00024416 ____R (Adobe Systems Inc.) C:\Windows\system32\AdobePDFUI.dll
2015-03-02 19:24 - 2015-03-02 19:24 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 9.lnk
2015-03-02 19:24 - 2015-03-02 19:24 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 9 Pro.lnk
2015-03-02 19:24 - 2015-03-02 19:24 - 00002173 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer ES 8.2.lnk
2015-03-02 19:24 - 2015-03-02 19:24 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk
2015-02-28 16:25 - 2015-02-28 16:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-27 19:20 - 2015-02-27 19:20 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-27 19:20 - 2015-02-27 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-27 19:19 - 2015-02-27 19:20 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-27 19:19 - 2015-02-27 19:19 - 00000000 ____D () C:\Program Files\iTunes
2015-02-27 19:19 - 2015-02-27 19:19 - 00000000 ____D () C:\Program Files\iPod
2015-02-26 09:53 - 2015-02-26 09:53 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\WinZip
2015-02-26 09:52 - 2015-02-26 09:52 - 00002213 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-02-26 09:52 - 2015-02-26 09:52 - 00002207 _____ () C:\Users\Public\Desktop\WinZip.lnk
2015-02-26 09:52 - 2015-02-26 09:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-02-26 09:52 - 2015-02-26 09:52 - 00000000 ____D () C:\Program Files\WinZip
2015-02-25 21:50 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 21:50 - 2015-01-09 01:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 19:25 - 2015-03-14 13:30 - 00000000 ____D () C:\NPE
2015-02-25 14:36 - 2015-03-16 07:54 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\Ecttion
2015-02-25 14:36 - 2015-03-15 22:17 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\ISsoft
2015-02-21 18:37 - 2015-02-21 18:37 - 00000000 ____D () C:\ProgramData\PCSettings
2015-02-17 18:40 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-17 18:40 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-17 18:40 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-17 18:40 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-16 19:48 - 2015-02-16 19:48 - 00001336 _____ () C:\Users\Public\Desktop\iBackupBot for iTunes.lnk
2015-02-16 19:48 - 2015-02-16 19:48 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\VOWSoft
2015-02-16 19:48 - 2015-02-16 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VOWSoft iPod Software
2015-02-16 19:29 - 2015-03-18 14:59 - 00003824 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1424107746
2015-02-16 19:29 - 2015-02-16 19:29 - 00001141 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-02-16 19:29 - 2015-02-16 19:29 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-02-16 19:29 - 2015-02-16 19:29 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\Opera Software
2015-02-16 19:29 - 2015-02-16 19:29 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\Opera Software
2015-02-16 19:27 - 2015-03-18 14:59 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-16 19:27 - 2015-02-16 19:27 - 05880800 _____ () C:\Users\Ανδρέας\Downloads\ibackupbot_setup.exe
2015-02-16 14:59 - 2015-02-16 14:59 - 00000193 _____ () C:\Windows\WORDPAD.INI
2015-02-16 14:32 - 2015-03-09 22:23 - 00000000 ____D () C:\Program Files (x86)\93f50bdf-d9f0-4c81-9043-83de3bcdfe0f

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-18 16:10 - 2009-12-24 22:16 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\uTorrent
2015-03-18 16:01 - 2012-06-13 12:34 - 00000000 ____D () C:\Users\Ανδρέας\Documents\Outlook Files
2015-03-18 16:00 - 2009-07-14 06:45 - 00030512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-18 16:00 - 2009-07-14 06:45 - 00030512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-18 15:56 - 2011-09-05 13:51 - 01143342 _____ () C:\Windows\WindowsUpdate.log
2015-03-18 15:53 - 2009-12-24 06:39 - 00000000 ____D () C:\Users\Ανδρέας\Tracing
2015-03-18 15:52 - 2009-12-24 22:05 - 00001180 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-18 15:52 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-18 15:52 - 2009-07-14 06:51 - 17536099 _____ () C:\Windows\setupact.log
2015-03-18 15:50 - 2010-01-06 20:04 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\DMCache
2015-03-18 15:41 - 2013-01-26 17:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-18 15:41 - 2012-03-22 21:57 - 00001202 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3641372981-3819987845-3030416424-1001UA.job
2015-03-18 15:41 - 2009-12-24 22:05 - 00001184 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-18 14:52 - 2010-11-21 05:47 - 06816250 _____ () C:\Windows\PFRO.log
2015-03-18 12:50 - 2009-09-17 22:24 - 00000000 ____D () C:\ProgramData\Norton
2015-03-18 11:46 - 2012-03-22 21:57 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3641372981-3819987845-3030416424-1001Core.job
2015-03-18 08:48 - 2014-08-17 10:40 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\Adobe
2015-03-17 21:40 - 2015-02-12 13:39 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForΑνδρέας
2015-03-17 21:40 - 2015-02-12 13:39 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForΑνδρέας.job
2015-03-17 20:11 - 2013-08-16 22:17 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\DuckLink
2015-03-17 20:11 - 2011-09-05 12:51 - 00000000 ____D () C:\Users\Ανδρέας
2015-03-17 20:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-03-17 10:22 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-16 20:17 - 2009-09-17 22:57 - 00000000 ____D () C:\ProgramData\Temp
2015-03-16 20:08 - 2012-06-20 13:30 - 14508032 _____ () C:\Users\Ανδρέας\s-1-5-21-3641372981-3819987845-3030416424-1001.rrr
2015-03-16 07:38 - 2013-12-17 12:48 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Subtitle Workshop
2015-03-16 07:38 - 2012-08-15 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative
2015-03-16 07:38 - 2010-04-12 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-03-16 07:35 - 2009-12-25 00:04 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\PowerCinema
2015-03-16 07:35 - 2009-12-23 21:55 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\HpUpdate
2015-03-16 07:35 - 2009-12-23 21:49 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\hpqlog
2015-03-16 07:34 - 2012-07-17 17:28 - 00000000 ____D () C:\Windows\Minidump
2015-03-16 07:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-03-16 07:33 - 2012-08-29 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-03-16 07:33 - 2012-08-14 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPhoneBrowser
2015-03-16 07:33 - 2012-06-06 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP600
2015-03-16 07:33 - 2012-03-13 08:43 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ChessBase
2015-03-16 07:33 - 2011-01-03 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft DirectX SDK (March 2009)
2015-03-16 07:33 - 2011-01-02 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Classic - Home Cinema
2015-03-16 07:33 - 2010-09-05 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub
2015-03-16 07:33 - 2010-08-14 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-03-16 07:33 - 2009-12-23 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2015-03-15 22:30 - 2010-03-14 21:44 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\CrashDumps
2015-03-15 22:13 - 2013-08-18 19:09 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\TuneUp Software
2015-03-14 13:47 - 2012-09-09 09:16 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\NPE
2015-03-13 05:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 17:37 - 2009-12-26 20:32 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-03-12 16:12 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-12 16:12 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-12 16:06 - 2009-07-14 06:45 - 05322704 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 16:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 16:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 22:02 - 2013-08-15 23:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 21:52 - 2012-07-21 09:38 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 21:45 - 2012-08-29 19:28 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-03-11 21:43 - 2012-11-06 20:39 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-03-10 19:01 - 2012-06-22 21:42 - 00000000 ____D () C:\Users\Public\Documents\Notation
2015-03-09 22:23 - 2010-04-18 17:27 - 00000000 ____D () C:\Program Files (x86)\RadioBar
2015-03-09 22:23 - 2010-04-17 08:55 - 00000000 ____D () C:\Program Files (x86)\Online_Radio_India
2015-03-09 15:34 - 2010-01-06 20:11 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\IDM
2015-03-08 23:04 - 2013-10-11 17:43 - 00000000 ____D () C:\Program Files (x86)\PC Connectivity Solution
2015-03-08 09:56 - 2014-08-16 23:04 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2015-03-08 08:08 - 2012-09-09 07:02 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-03-07 23:51 - 2014-06-02 07:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-03-07 23:45 - 2012-09-08 12:40 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\CRE
2015-03-07 17:20 - 2013-09-28 14:31 - 00000000 ____D () C:\temp
2015-03-07 15:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-06 17:03 - 2009-12-24 22:05 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\Google
2015-03-02 19:44 - 2011-09-05 14:14 - 00168792 _____ () C:\Users\Ανδρέας\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-02 19:29 - 2013-04-19 18:37 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-03-02 19:27 - 2012-11-07 19:11 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-02 19:21 - 2009-12-23 10:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-02 14:07 - 2010-07-25 10:15 - 00000000 ____D () C:\ProgramData\ChessBase
2015-03-02 14:07 - 2010-01-24 10:04 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\ChessBase
2015-03-02 14:07 - 2010-01-24 09:55 - 00000000 ____D () C:\Users\Ανδρέας\Documents\ChessBase
2015-03-02 14:06 - 2009-12-23 10:26 - 00000000 __RHD () C:\MSOCache
2015-02-27 20:56 - 2009-07-14 07:13 - 00786538 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-27 19:19 - 2014-01-29 19:44 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-27 19:19 - 2013-02-21 18:11 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-26 09:53 - 2012-11-10 19:33 - 00000000 ____D () C:\ProgramData\WinZip
2015-02-24 04:17 - 2010-11-21 05:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-23 12:33 - 2015-02-14 09:07 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\JihoiTunesExtractor
2015-02-21 18:47 - 2010-03-13 17:10 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2015-02-21 18:34 - 2012-09-09 07:02 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2015-02-21 13:55 - 2013-08-16 19:37 - 00000810 _____ () C:\Users\Public\Desktop\ElsaWin.lnk
2015-02-21 13:55 - 2013-08-16 19:37 - 00000810 _____ () C:\Users\Public\Desktop\ElsaWin Administration.lnk
2015-02-21 13:54 - 2012-06-14 23:56 - 00000344 _____ () C:\Windows\ODBC.INI
2015-02-21 12:44 - 2012-03-22 21:58 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-20 16:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2015-02-16 19:48 - 2015-01-11 11:21 - 00000000 ____D () C:\Program Files (x86)\VOWSoft iPod Software
2015-02-16 13:20 - 2009-12-24 22:04 - 00000000 ____D () C:\ProgramData\Google
2015-02-16 13:20 - 2009-12-24 22:04 - 00000000 ____D () C:\Program Files\Google
2015-02-16 13:20 - 2009-12-24 22:04 - 00000000 ____D () C:\Program Files (x86)\Google

==================== Files in the root of some directories =======

2011-08-29 19:41 - 2011-09-07 11:49 - 0042821 _____ () C:\Users\Ανδρέας\AppData\Roaming\Apple ComputerMobileSyncBackupdc9162f1c4973c7505f6ec77109158f6e0aac23fInfo.plist
2013-05-18 08:07 - 2013-05-18 08:07 - 0226846 _____ () C:\Users\Ανδρέας\AppData\Roaming\AvidLicenseControl_Install.log
2011-02-01 20:54 - 2011-06-17 21:10 - 0001854 _____ () C:\Users\Ανδρέας\AppData\Roaming\GhostObjGAFix.xml
2010-06-23 19:14 - 2010-10-12 19:53 - 0000068 _____ () C:\Users\Ανδρέας\AppData\Roaming\LSV6.dat
2012-06-14 23:57 - 2012-06-14 23:57 - 0022248 _____ () C:\Users\Ανδρέας\AppData\Roaming\Microsoft Excel 97-2003.ADR
2012-06-15 02:09 - 2012-09-08 16:39 - 0009312 _____ () C:\Users\Ανδρέας\AppData\Roaming\Microsoft Excel 97-2003.EML
2010-11-04 19:57 - 2013-12-30 18:53 - 0000600 _____ () C:\Users\Ανδρέας\AppData\Roaming\winscp.rnd
2011-08-01 13:23 - 2011-08-01 13:23 - 0000290 _____ () C:\Users\Ανδρέας\AppData\Roaming\wklnhst.dat
2011-09-05 14:13 - 2011-09-05 14:13 - 0000000 _____ () C:\Users\Ανδρέας\AppData\Local\AtStart.txt
2014-01-26 16:33 - 2014-01-26 16:33 - 0003584 _____ () C:\Users\Ανδρέας\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-05 14:13 - 2011-09-05 14:13 - 0000000 _____ () C:\Users\Ανδρέας\AppData\Local\DSwitch.txt
2011-09-05 14:13 - 2011-09-05 14:13 - 0000000 _____ () C:\Users\Ανδρέας\AppData\Local\QSwitch.txt
2012-11-06 17:15 - 2012-11-06 17:15 - 0000017 _____ () C:\Users\Ανδρέας\AppData\Local\resmon.resmoncfg
2012-08-29 19:33 - 2013-11-15 18:23 - 0000700 ___SH () C:\Users\Ανδρέας\AppData\Local\systemFL7.$dk
2012-08-24 19:59 - 2013-11-18 15:15 - 0000700 ___SH () C:\Users\Ανδρέας\AppData\Local\systemFL7.dat
2015-03-15 16:34 - 2015-03-15 16:34 - 0202594 _____ () C:\ProgramData\1426419554.bdinstall.bin
2015-03-15 16:36 - 2015-03-15 16:36 - 0037823 _____ () C:\ProgramData\1426430215.bdinstall.bin
2015-03-15 16:52 - 2015-03-15 16:52 - 0097892 _____ () C:\ProgramData\1426430219.bdinstall.bin
2015-03-15 21:49 - 2015-03-15 21:49 - 0110033 _____ () C:\ProgramData\1426448826.bdinstall.bin
2013-04-29 22:30 - 2015-03-16 08:00 - 0000201 _____ () C:\ProgramData\HPWALog.txt
2013-11-08 20:51 - 2014-07-13 20:36 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2013-05-02 21:43 - 2013-05-02 21:45 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2013-09-13 05:56 - 2013-09-13 05:56 - 0002456 _____ () C:\ProgramData\regid.2012-08.com.Corel,Roxio_76C7858E-078C-4C49-AB1A-2A7072664935.swidtag

Some content of TEMP:
====================
C:\Users\Ανδρέας\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\Ανδρέας\AppData\Local\Temp\NOSEventMessages.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-16 18:09

==================== End Of Log ============================


======================================================================
======================================================================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Ανδρέας at 2015-03-18 16:12:44
Running from C:\FRST\Logs
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
Adobe Acrobat 9 Pro - English, Franηais, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - )
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft TotalMedia 3 (HKLM-x32\...\{268CF0B8-CA38-4E20-9E99-514A07F7C1F1}) (Version: - ArcSoft)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ATI Catalyst Registration (x32 Version: 2.01.0000 - ATI Technologies Inc.) Hidden
Avid License Control (HKLM-x32\...\{F187D064-F101-4E95-8D05-4027809AA0F8}) (Version: 3.0.0 - Avid Technology, Inc.)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.65.1074 - AB Team, d.o.o.)
Canon MP600 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP600) (Version: - )
CBReader (HKLM-x32\...\CBReader ) (Version: - ChessBase GmbH)
ChessBase Reader (HKLM-x32\...\{9664C520-5725-4885-B286-A4EC43A6B738}) (Version: 12.32.0.0 - ChessBase)
Cisco AnyConnect Mobile VPN Client ActiveSync Installer (HKLM-x32\...\{F9F51E3A-BC68-4F58-9FB1-907DFE35C492}) (Version: 2.4.0202 - Cisco Systems, Inc.)
Cisco AnyConnect VPN Client (HKLM-x32\...\{2A6355EB-273D-4368-9DB6-FB99EBA9FABD}) (Version: 2.4.0202 - Cisco Systems, Inc.)
Cisco AnyConnect VPN Client Start Before Login Components (HKLM-x32\...\{EFE0CDC6-876B-4474-AFC0-3C22B51FA012}) (Version: 2.4.0202 - Cisco Systems, Inc.)
CoreAAC (HKLM-x32\...\CoreAAC) (Version: - )
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dazzle Video Capture DVC100 X64 Driver 1.06 (x32 Version: 1.06.0000 - Pinnacle) Hidden
DC++ 0.802 (HKLM-x32\...\DC++) (Version: 0.802 - Jacek Sieka)
Deep Rybka 3 (x32 Version: 3.0 - ChessBase) Hidden
DNE Update (HKLM\...\{9F67FDDC-C889-1017-9044-BFF9EA58EC3B}) (Version: 3.22.5.18002 - Deterministic Networks, Inc.)
DuckCapture Standard 2.7 (HKLM-x32\...\DuckCapture_is1) (Version: 2.7 - DuckLink)
ElsaWin (HKLM-x32\...\ElsaWin) (Version: 4.00 - )
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Folder Lock (HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\FolderLock6) (Version: - New Sofware.net Inc.)
Free iTunes Backup Extractor version 2.1.0.1 (HKLM-x32\...\{F891E77B-EB1C-4035-BCC4-4DEF91EDD69E}_is1) (Version: 2.1.0.1 - Jihosoft Studio)
Fritz 12 (x32 Version: 12.0.0 - ) Hidden
Fritz 13 (HKLM-x32\...\{85EB0F56-3DB3-42CC-9384-A665C5FC5D08}) (Version: 13.0.0.0 - ChessBase)
Garmin Communicator Plugin (HKLM-x32\...\{13F054F3-0B07-4D15-9E80-C55B496AB557}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.56.5181 - Gretech Corporation)
Google Chrome (HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hauppauge MCE XP/Vista Software Encoder (2.0.27022) (HKLM-x32\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.27022 - Hauppauge Computer Works, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{844EC6B5-8435-47CE-93FA-842BC5EB22C2}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Integrated Module with Bluetooth wireless technology (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9602 - Broadcom Corporation)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4701 - Hewlett-Packard)
HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.0.1916 - Hewlett-Packard)
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4327 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.0.30.1 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4322 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.1913 - Hewlett-Packard)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.16.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0153 (HKLM-x32\...\{2EBA8202-FBD5-4004-81EA-BDC38C054CE2}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{F9A43C0C-F274-4EC0-B02E-202C15C09C00}) (Version: 3.50.12.1 - Hewlett-Packard)
iBackupBot for iTunes 3.6.5 (HKLM-x32\...\iBackupBot for iTunes) (Version: 3.6.5 - VOWSoft, Ltd.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6230.0 - IDT)
iFunbox (v2.94.2520.758), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.94.2520.758 - )
ImageShack Uploader 2.2.0 (HKLM-x32\...\{8BCD7AE7-F713-4D50-BAB9-7839B9386870}) (Version: 2.2.0 - ImageShack Corp.)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
iPhoneBrowser (HKLM-x32\...\{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}) (Version: 1.9.3 - Cranium Consulting and Custom Software)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.32.1 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 5.8.3 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.8.3 - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1913 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1913 - CyberLink Corp.) Hidden
LAV Filters 0.63.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.63.0 - Hendrik Leppkes)
Lotto Pro (HKLM-x32\...\Lotto Pro) (Version: - Data Solutions)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.0.5.2000 - Maxthon International Limited)
Media Player Classic - Home Cinema v1.4.2499.0 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.4.2499.0 - MPC-HC Team)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Ελληνικά) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1032) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Greek/Ελληνικά (HKLM-x32\...\Office15.OMUI.el-gr) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual Basic Power Packs 3.0 (HKLM-x32\...\{7B4D193B-D76D-308B-8B12-5D9BB1CBCE6C}) (Version: 9.0.30214 - Microsoft)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{784B4EE3-E308-4706-B3DC-51029944240B}) (Version: 08.05.0822 - Microsoft Corporation)
MKVToolNix 7.4.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.4.0 - Moritz Bunkus)
MobileMe Control Panel (HKLM\...\{AF5020D9-116A-46AC-A922-087592F37EC9}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 11.0 (x86 el) (HKLM-x32\...\Mozilla Firefox 11.0 (x86 el)) (Version: 11.0 - Mozilla)
MPEG2 Codec(libmpeg2/mad) (HKLM-x32\...\MPEG2 Codec(libmpeg2/mad)) (Version: - )
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 2015 (HKLM-x32\...\{763EF8DC-4CC0-47CA-BE1C-BDE731462250}) (Version: 16.0.02900 - Nero AG)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.6.15 - Symantec Corporation)
Opera Stable 28.0.1750.48 (HKLM-x32\...\Opera 28.0.1750.48) (Version: 28.0.1750.48 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.5615 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.5615 - CyberLink Corp.) Hidden
Playchess (x32 Version: 1.00.000 - ) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
Prerequisite installer (x32 Version: 16.0.0000 - Nero AG) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Real Alternative 1.8.0 (HKLM-x32\...\RealAlt_is1) (Version: 1.8.0 - )
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
REALTEK DTV USB DEVICE (HKLM-x32\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 1.00.0000 - Realtek Semiconductor Corp.)
Recover Keys (HKLM-x32\...\Recover Keys_is1) (Version: 6.0.2.63 - Recover Keys)
Roxio Creator NXT 2 (HKLM-x32\...\{F6514099-C638-4F5D-878B-E1C68875B0E6}) (Version: 15.0.5.2 - Roxio)
Roxio Virtual Drive x64 (Version: 1.00.0000 - Roxio, Inc.) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0100-0408-0000-0000000FF1CE}_Office15.OMUI.el-gr_{4BFA9DD3-F090-430E-A37D-52FE52C8AC80}) (Version: - Microsoft)
Sibelius 7 OpenType Fonts (HKLM-x32\...\{623C2BD8-1B28-4F98-B578-E9D139827269}) (Version: 7.1.3 - Avid)
Sibelius 7.1.3.77 (HKLM\...\Sibelius 7.0.0.23_is1) (Version: 7.1.3.77 - Avid)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
Snagit 10 (HKLM-x32\...\{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}) (Version: 10.0.0 - TechSmith Corporation)
SopCast 3.5.0 (HKLM-x32\...\SopCast) (Version: 3.5.0 - www.sopcast.com)
SP45990 - Wallpaper Picture Position Enabler for Windows 7 (HKLM-x32\...\{86391634-A94B-4355-8397-3D85C2F942DA}) (Version: 1.0.0 - Hewlett-Packard International Pte. Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.22 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Subtitle Edit 3.4.4 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.4.4.0 - Nikse)
Subtitle Workshop 6.0b (HKLM-x32\...\SubtitleWorkshop) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Time Adjuster STANDARD 3.1 (HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\TimeAdjuster) (Version: - IrekSoftware.com)
TotalMedia Setup (HKLM-x32\...\{24C4BB38-F45D-4247-90B9-7E6CAA877FF3}) (Version: 1.00.0000 - Conexant)
VCDS Release 12.12.0 (HKLM-x32\...\VCDS Release 12.12) (Version: 12.12.0 - Ross-Tech)
Veetle TV 0.9.18 (HKLM-x32\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSCP 4.2.9 (HKLM-x32\...\winscp3_is1) (Version: 4.2.9 - Martin Prikryl)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E5}) (Version: 19.0.11293 - WinZip Computing, S.L. )
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2013 - Ελληνικά (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Κέντρο συσκευών των Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Υποστήριξη εφαρμογών Apple (32 bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Υποστήριξη εφαρμογών Apple (64 bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001_Classes\CLSID\{1F6DE925-8416-40D4-BC66-D69DB9D4360B}\InprocServer32 -> C:\Program Files\Roxio Creator NXT 2\Virtual Drive 10\DC_ShellExt64.dll (Corel Corporation)
CustomCLSID: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

15-03-2015 03:00:16 Windows Update
15-03-2015 22:10:07 Installed AVG 2015
15-03-2015 22:11:23 Installed AVG 2015
16-03-2015 03:00:13 Windows Update
16-03-2015 07:19:28 Installed AVG PC TuneUp 2015
16-03-2015 07:44:12 Made by Norton Utilities δε
16-03-2015 08:52:23 Removed AVG PC TuneUp 2015
16-03-2015 08:54:07 Removed AVG PC TuneUp 2015 (en-US)
16-03-2015 20:02:32 Made by Norton Utilities δε
16-03-2015 20:07:21 Made by Norton Utilities lζ
16-03-2015 21:23:46 Windows Update
17-03-2015 16:37:05 Windows Update
17-03-2015 20:05:25 Restore Operation
17-03-2015 22:29:23 Windows Update
18-03-2015 11:54:22 Removed AVG 2015
18-03-2015 13:16:00 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-07-08 16:39 - 00001093 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.acronis.com
127.0.0.1 www.password-protect-folders.net
127.0.0.1 www.password-protect-folders.net


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0380BDBD-198C-4DBC-A358-FF537B451EAD} - System32\Tasks\{2191A59C-7A22-4F22-800A-FD1A337AD7B5} => F:\Setup\setup.exe
Task: {0637DDD1-C329-4FB7-9AED-A1D72929FDE6} - System32\Tasks\{3FF9DB43-B0AE-4D9E-9523-3FA06CC27FC7} => pcalua.exe -a "D:\rapishare\Cisco VPN Client 5.0.0.4.0300\setup.exe" -d "D:\rapishare\Cisco VPN Client 5.0.0.4.0300"
Task: {07E22E3D-09FE-4FF3-BE88-B159EBE80767} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {08636482-AD33-417A-BAAA-2AFD52E25039} - System32\Tasks\{24B8FA2E-DF48-4F70-A479-E98FAE9BDB42} => pcalua.exe -a "C:\ETKA 7.3 Español + Actualizador 3.5 - Germany 05.2011 - AU.SE.SK.VW\ETKA v7.3 Germany 2011\ETKA73_Germany_2011.exe" -d "C:\ETKA 7.3 Español + Actualizador 3.5 - Germany 05.2011 - AU.SE.SK.VW\ETKA v7.3 Germany 2011"
Task: {0AE90636-1441-4BB8-AE50-1938343D8A13} - System32\Tasks\{713AD031-1E73-4450-9A51-4F93B1072F1B} => D:\downloads\ETKA 7.4 2013\ETKA74_Germany_2013.exe
Task: {0BC46EB8-F911-4F8E-A3A0-4783499F77EC} - System32\Tasks\{3D9E56A5-5BDF-4F55-A7E1-3EFBED6A1B67} => pcalua.exe -a "C:\Program Files (x86)\Windows Lotto Pro 2000\WiseUpdt.exe"
Task: {0BF1118E-3281-47F7-A1D4-16210033F55D} - System32\Tasks\{48B85A3E-3481-4591-933A-332068CFC359} => D:\downloads\Advanced System Optimizer 3.5.1000.14640 Datecode 13.12.2012 + Patch\Advanced System Optimizer 3.5.1000.14640\~Get Your Software Here\Advanced System Optimizer_setup.exe
Task: {0C4FF523-6178-4507-A9B2-7A1A0AF2C3DA} - System32\Tasks\{A75572D2-3BAB-4DA9-BC71-E1E2326A3313} => pcalua.exe -a "D:\Νέος φάκελος\Setup\setup.exe" -d "D:\Νέος φάκελος\Setup"
Task: {0EA90A46-B40A-443A-8762-6FB903CD892D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {0F714762-C026-4FD4-BFE0-983935860E91} - System32\Tasks\{59A0216D-5B17-44D9-BA51-B8950C2AC754} => pcalua.exe -a "D:\downloads\Steinberg Cubase 5.1\Autorun.exe" -d "D:\downloads\Steinberg Cubase 5.1"
Task: {0F891E2D-1E20-4B3F-9E36-78A6B44D6667} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\WSCStub.exe
Task: {180C6D08-2CBE-4E69-9F28-587B27DF5155} - System32\Tasks\{BDB2D282-8653-4A08-AE02-9FEEBE10B3A4} => D:\rapdishare\Roxio.Creator.2011.Pro.Multilingual.ISO-CORE\setup.exe
Task: {19F4A01E-FCD3-4697-BA13-C0D8B2F57532} - System32\Tasks\{A475FCE9-A91F-4B55-B937-B9928BD84AC9} => pcalua.exe -a C:\Windows\ETKA7.3_Germany\uninstall.exe
Task: {1B0825FF-1ECB-4A4B-B934-280121329444} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {1B2854AD-32A7-45BA-BD3A-3AE059C98325} - System32\Tasks\{353413B8-2D8E-4770-B9E4-8E6EFFE1C8B1} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe" -c RealNetworks|RealPlayer|6.0
Task: {1C64AF90-5AB8-4FCE-8EA9-EDDABB4FF294} - System32\Tasks\{98D942BD-38AF-4B1C-963C-DB95AF8A7572} => pcalua.exe -a D:\downloads\sp50843_5.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {1D7BCDD0-A23B-44E0-BD79-ABB32329876E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {1FD2765F-C8FF-42FF-B891-8CE1A6A06550} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2014-12-10] (Maxthon International ltd.)
Task: {20733021-3828-411C-91FC-A9E81946815B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {207B317D-4035-4C7C-B0CC-F65B113C77DB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {214569BA-7038-4A52-9D34-8C4BA9CFE9F0} - System32\Tasks\{7AA0FC6D-F14A-4359-AFA0-A863AEC46266} => pcalua.exe -a "C:\Users\Ανδρέας\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W0SEDZP1\sp45046[1].exe" -d C:\Users\Ανδρέας\Desktop
Task: {2492197C-3DC9-4885-8863-C2327C38E258} - System32\Tasks\FixCleaner Scan => C:\Program Files (x86)\FixCleaner\FixCleaner.exe
Task: {2517D1AF-014A-4086-8A6A-F1FA0C1AFAAA} - System32\Tasks\{1115A378-89EE-4544-9966-97DA96DF41D1} => pcalua.exe -a "C:\Users\Ανδρέας\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V1UKJ4FX\sp45817[1].exe" -d C:\Users\Ανδρέας\Desktop
Task: {25952623-C0CE-4690-9EB3-E4968ED48E66} - System32\Tasks\{F8F44EF7-9C1E-4A17-B9D7-D896C27468E7} => pcalua.exe -a D:\downloads\sp45973_2.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {25F560A4-D150-4113-85F7-92B899EF6B2A} - System32\Tasks\{DF996CF0-2981-4371-A436-A7B928965F82} => pcalua.exe -a "C:\Users\Ανδρέας\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W0SEDZP1\winfix[1].exe" -d C:\Users\Ανδρέας\Desktop
Task: {25FA054E-76C7-4F3E-B663-235447C644A6} - System32\Tasks\{8A490DAC-3B30-4917-8098-DA35B9E55BFC} => pcalua.exe -a F:\Setup\setup.exe -d F:\Setup
Task: {26866ECE-37CF-47B7-B6BE-BE783CFE4B9D} - System32\Tasks\{C2BE56CE-E9D4-4B2D-94C4-A8A2E21B3474} => pcalua.exe -a D:\downloads\sp45974.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {275A284D-F20A-41BF-968B-93F1BCEE8B8E} - System32\Tasks\{81D9DA9D-6D1F-4A7A-A0BF-63DFF07F1C76} => pcalua.exe -a D:\downloads\mp600win64111ea23_3.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {30744A0E-31BD-41E7-B96D-6ABC11404E63} - System32\Tasks\AutoKMS
Task: {31AC812D-1024-4644-ABDE-B9578BA214AD} - System32\Tasks\{9541833D-BCCC-409F-8C8A-A9C1376E63DD} => pcalua.exe -a "D:\rapdishare\winrar_3.91_PRO_final_activated_latest_akhilesh910\winrar_3.91_PRO_final_activated_latest_akhilesh910\WinRARactivated akhilesh910.exe" -d D:\rapdishare\winrar_3.91_PRO_final_activated_latest_akhilesh910\winrar_3.91_PRO_final_activated_latest_akhilesh910
Task: {34537320-14F0-4776-9072-FC55906E9C3E} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {3611FA14-F0EF-43EF-A1C6-D6D7968AA83F} - System32\Tasks\KMS Activation => C:\Program Files\KMSpico\RandomFile.exe
Task: {36599FE2-A1A2-4DF8-B9D0-3C6347899D48} - System32\Tasks\{29E2829C-D843-42E5-B945-2EF378792015} => D:\rapdishare\CommView_For_WiFi_6.0.581\CommView_For_WiFi_6.0.581\Commview.for.Wifi.6.0.581.FullInstall.exe
Task: {392BF4F3-5E86-46AD-B4F6-693FB6CB6C58} - System32\Tasks\{7890D806-EFBD-4EDF-8805-BB494A13D22D} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {3AA75946-B924-4B7B-B829-AABC9B79118F} - System32\Tasks\{B956E16D-2BF7-4C73-99CB-07936652CFAD} => pcalua.exe -a "D:\downloads\Audi\audi data en\setup.exe" -d "D:\downloads\Audi\audi data en"
Task: {3C193CCF-B6D6-4059-9F24-0C15FBF4E3D7} - System32\Tasks\AdobeAAMUpdater-1.0-ADMIN-Ανδρέας => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {3D35B5F2-DEC8-4CC3-850B-667EA1D7E272} - System32\Tasks\{028DA932-0AD9-4471-BE6D-29677B08E3FC} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {3D96D6F0-545B-4A87-BBC0-2D1657793BD5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3641372981-3819987845-3030416424-1001UA => C:\Users\Ανδρέας\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {3DBEE674-BA70-4085-BF17-14760D80CEB0} - System32\Tasks\{C2610CDF-AEFE-4DD9-BCB1-28CCFD84DFA3} => pcalua.exe -a D:\rapishare\Cisco_VPN__Client_v5.0.05.0290\zwt\setup.exe -d D:\rapishare\Cisco_VPN__Client_v5.0.05.0290\zwt
Task: {47F4E908-4BB6-454F-937B-7033EC1EB1A9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {4AC98087-F58E-41D8-A162-9104BEE4C100} - System32\Tasks\{7C1F3CEE-06D3-422C-BECD-EAA56F425C0E} => pcalua.exe -a D:\downloads\bsplayer_pro257.1051\bsplayer_pro257.1051.exe -d D:\downloads\bsplayer_pro257.1051
Task: {4B09D4F1-3E5C-4491-80B8-6DB4EE2DC5C8} - System32\Tasks\{0A05D1F6-B1D8-4253-A227-51DF4C878706} => F:\Setup\setup.exe
Task: {4B27D1D7-0DCE-479A-AB9A-CFD24526A4D4} - System32\Tasks\{E26D6B79-6134-4683-A430-DEDD1213FD0F} => D:\downloads\ETKA 7.4 2013\ETKA74_Germany_2013.exe
Task: {5070F905-8913-46DE-B8B8-FC3804DB2BB3} - System32\Tasks\{59B3B77A-2CDD-4325-BE0F-B5F5B4A86E4A} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {523F91D3-FE71-4F95-B09E-7BCD2B66F04A} - System32\Tasks\{8E342E8D-531A-45AC-A14B-8A1440FBC2F1} => pcalua.exe -a D:\downloads\sp48482_3.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {52A83E2D-C1F2-4251-BEC5-581A4218E3EC} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {53969D1D-7401-4A03-90BF-028F4FB6E7FE} - System32\Tasks\{0C2537B8-8138-495C-A5DE-CD2736155204} => pcalua.exe -a D:\rapdishare\Roxio.Creator.2011.Pro.Multilingual.ISO-CORE\setup.exe -d D:\rapdishare\Roxio.Creator.2011.Pro.Multilingual.ISO-CORE
Task: {5724A085-0416-4581-BF5A-68A8964A9F1B} - System32\Tasks\{45797922-44E0-441C-B477-D4955EFFA815} => pcalua.exe -a "C:\Program Files (x86)\Windows Lotto Pro 2000\proupdt.exe" -d C:\Users\Ανδρέας\Desktop
Task: {592C65EC-AB6F-4800-9A2E-42694CA27273} - System32\Tasks\{4288CFB4-E879-46D3-8DCA-158C3C9190C7} => pcalua.exe -a D:\downloads\sp45975.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {5AF6B5CD-C0D2-4F5A-A608-C6BA9049E75B} - System32\Tasks\{02734E9E-E43B-418A-B397-D96F5C52E1DD} => D:\downloads\ETKA 7.4 2013\ETKA74_Germany_2013.exe
Task: {5D23FF7C-9F9D-446D-A655-C78AF1BC2C40} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {5EAFB111-E0FF-44D6-923F-663A84BB5ED4} - System32\Tasks\{07CC970C-0C61-4ECB-AF29-54E1BEBAC5CE} => D:\downloads\ETKA 7.4 2013\ETKA74_Germany_2013.exe
Task: {6070B784-79F7-40FE-9F07-89DF6AEE8403} - System32\Tasks\{6010115A-E762-4E52-8850-5C7275E51FA4} => pcalua.exe -a F:\setup.exe -d F:\
Task: {6A184DB3-5311-4F26-8762-65CD243FAEFF} - System32\Tasks\{141B1F51-8F3C-454B-8DF5-B252644EC54D} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {705FCC93-18D8-43B5-84C8-1AD11DAC7F4A} - System32\Tasks\{234B7D43-6C45-4B5A-A62E-3E7C09F525B3} => D:\downloads\ETKA 7.4 2013\ETKA74_Germany_2013.exe
Task: {71619EB2-E063-4CAD-B513-DD3AC2ECE9EB} - System32\Tasks\{A5001C3F-DF37-4E66-9A0B-86D8DF63DE5E} => pcalua.exe -a "D:\downloads\Acronis True Image Home 2014 17 Build 5560+BootCD [ChingLiu]\Activation\ActivationAcronisTIH.exe" -d "D:\downloads\Acronis True Image Home 2014 17 Build 5560+BootCD [ChingLiu]\Activation"
Task: {71DC9C95-2945-4348-A1B3-661C71395431} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {757D5025-F658-4CBE-846A-D84E882E27FE} - System32\Tasks\{D3223229-347B-4AF8-BB8B-D14776C534A6} => pcalua.exe -a D:\downloads\sp45048.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {77945D0E-48E6-4CD8-ABC5-BBED1201EACE} - System32\Tasks\{76FC4E66-1312-4A0E-927C-FCAEC8858794} => pcalua.exe -a D:\downloads\lotto-sorcerer-6.31.exe -d D:\downloads
Task: {7C1A50ED-9802-4CCB-84A7-AE947687C152} - System32\Tasks\{1C281354-F79F-4B62-BABA-E30CB77DF702} => pcalua.exe -a D:\downloads\incomplete\lotto-sorcerer-6.31.exe -d D:\downloads\incomplete
Task: {7F590821-94B3-444C-9CE6-E6F3E16ABFAA} - System32\Tasks\{A95C4F69-BB1A-4A30-A88E-8B9CADB584FD} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {81F21CB5-C33D-418F-BD56-4AC4E8CFBBC3} - System32\Tasks\{C4A99942-96F2-4D94-88C6-EB3CA6D07EF4} => F:\Setup\setup.exe
Task: {83C0D99D-66BD-4291-BA78-4FB43677859E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {85E7BD4E-7741-41A4-9A17-D94E8CC1B854} - System32\Tasks\{F52E476C-FB64-4186-9DB7-6A215401D1CE} => pcalua.exe -a D:\downloads\780\780_Upgrade_R62T2_sip_3.exe -d D:\downloads\780
Task: {898C04BB-4274-4108-97D5-45C8D33DDD41} - System32\Tasks\{14F2AD16-176F-4793-A0CB-9046BEF22B8F} => D:\downloads\ETKA 7.4 2013\ETKA74_Germany_2013.exe
Task: {89B74A9B-C4D9-4731-A3C8-72A49FF0AD93} - System32\Tasks\Microsoft\Internet Explorer\Εκκαθάριση προηγούμενων εκδόσεων του Internet Explorer => C:\Windows\SYSTEM32\ie4uinit.EXE [2015-02-20] (Microsoft Corporation)
Task: {89BC46B0-725B-45B9-8555-C1CD62929BD3} - System32\Tasks\{9C97907F-6175-4E74-B549-D67607BC01D7} => pcalua.exe -a D:\downloads\sp50401_2.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {8AB808A8-79AF-4CA0-8DAB-6D4E5E692FE2} - System32\Tasks\{7431C176-32B5-4B00-AAEC-A5FDBA612832} => pcalua.exe -a D:\downloads\sp50516_2.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {8C73494D-0123-49BA-BAC8-46800473C581} - System32\Tasks\{61CD1AEA-AD33-49E6-8039-95FB981AFBBA} => pcalua.exe -a "D:\downloads\Vagcom 311.2 + Crack\Vagcom 311.2 + Crack\VAG_COM_v311.2\Release3112n2.exe" -d "D:\downloads\Vagcom 311.2 + Crack\Vagcom 311.2 + Crack\VAG_COM_v311.2"
Task: {8E7D2F6D-767E-47C9-933C-0128A7F838C8} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\SymErr.exe
Task: {90024778-2ED5-40B0-9AA7-C9E1BCCA3072} - System32\Tasks\{3A7E677B-6A0E-4276-B9C5-D35724051682} => pcalua.exe -a D:\downloads\ibackupbot3_setup_2.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {963CE7C9-C53E-4994-A064-2AFE74E6A051} - System32\Tasks\{A692D3BC-7A83-4149-8459-9E2ED1EBEE24} => pcalua.exe -a D:\rapdishare\Vistalizator.v1.36\Vistalizator.exe -d D:\rapdishare\Vistalizator.v1.36
Task: {96DE2257-5E11-4646-BABC-3A287EFE9A01} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-07-24] (CyberLink Corp.)
Task: {99DAA147-203F-433E-B267-6E3A806DD1E6} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ADMIN-Ανδρέας admin => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {9A3D300A-0CCD-4F4A-8CDC-CD9EE81F2D02} - System32\Tasks\{7DA3C50C-5084-46ED-8191-D944CCB872E0} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {9C9A86F9-09F0-4DEF-A92C-5C1A71B621F5} - System32\Tasks\{1C25D6F7-45E0-4239-A174-24E49CB42402} => pcalua.exe -a "D:\downloads\Openings Laboratory\AutoPlay\Chess course\Programs\video_player.exe" -d "D:\downloads\Openings Laboratory\"
Task: {A513A520-0990-466F-8EAF-C0907FCE81EF} - System32\Tasks\HPCeeScheduleForΑνδρέας => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {A5A3771E-1DE3-46E2-BECC-6FF7FC6BFB54} - System32\Tasks\{E53A9BEE-6CFB-44C1-9CDF-6C1E31096547} => pcalua.exe -a D:\downloads\mp600win64111ej.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {A6CAC04D-047A-44EE-A9B3-3EFA8FE81757} - System32\Tasks\{1CCFA693-B05B-46CD-91DE-646EDBD0249C} => pcalua.exe -a D:\downloads\fritz_12_[tfile.ru]\sr-fritz12\Setup\setup.exe -d D:\downloads\fritz_12_[tfile.ru]\sr-fritz12\Setup
Task: {A735D3F7-586C-4CF1-95D3-30DF920595A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {A943554D-84C9-4997-BF04-FE8619DACDF1} - System32\Tasks\{414C0A7D-59AA-42D5-8975-2E68CF354339} => pcalua.exe -a D:\downloads\sp41646.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {AA2E8F58-764C-4C42-A9A8-6FE0DC71D768} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3641372981-3819987845-3030416424-1001Core => C:\Users\Ανδρέας\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {AD66E448-AC3D-46E4-86BF-32227DBA890C} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {AD8DCA05-932B-44D3-A145-60A81F968533} - System32\Tasks\{7909EFB5-8243-44C0-8134-B0D9499C99B6} => D:\downloads\windows6.1-kb972813-x86-en-us_22ee3397a02372681b375ddabf6ffa33662fd500.exe
Task: {AE257ACD-4727-4EF2-A297-0780E6007DA7} - System32\Tasks\{57D082BB-1EE6-4590-A47F-820A3B47C5A0} => pcalua.exe -a D:\downloads\sp50935_2.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {AEDC4747-0EC5-4D51-A249-FF2596DEE6F6} - System32\Tasks\{855B5DBE-FF6C-49AB-BFD1-9C42A59F86A1} => pcalua.exe -a D:\downloads\sp45047.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {AF1CAF5A-9B19-4F03-8A72-D514FBA02D09} - System32\Tasks\{8D7A8227-83F4-49BB-8F0D-592752E8CDDB} => pcalua.exe -a "D:\rapishare\RealPlayer v. 10.6 Premium\Setup.exe" -d "D:\rapishare\RealPlayer v. 10.6 Premium"
Task: {B1CADF2D-EBFF-44A5-834E-8E4F0E512E11} - System32\Tasks\{31C44640-9FB1-4ECB-913F-DD25CEC66D8D} => F:\Setup.exe
Task: {B2183785-22CF-489B-81F6-779C97402EFC} - System32\Tasks\Opera scheduled Autoupdate 1424107746 => C:\Program Files (x86)\Opera\launcher.exe [2015-03-16] (Opera Software)
Task: {B26CE3E4-2715-41FE-AF47-A68C10E940B2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {B48F5F2B-78BE-4855-804A-EAAFFAC2BE84} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3641372981-3819987845-3030416424-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {B528D208-033C-4377-80F6-E4F85CD45E1A} - System32\Tasks\{D36D56C1-21A3-49EF-B0B1-5A8320A8FEB3} => pcalua.exe -a D:\rapdishare\Folder_Lock_v5.9.5_2b\Folder_Lock_v5.9.5_2b\Setup_Folder_Lock.exe -d D:\rapdishare\Folder_Lock_v5.9.5_2b\Folder_Lock_v5.9.5_2b
Task: {B68E1434-6B43-4AD5-94B5-B7FFD9BADF68} - System32\Tasks\{65C0DE28-A591-402B-8EC5-E8544DC5EED1} => F:\Setup.exe
Task: {BF1CCFB8-C2E0-44D6-8E42-B755B7339967} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {BFA43E3E-BD76-43FA-9F55-CDDC51B77363} - System32\Tasks\{CA518F9A-0C8C-4D3F-B7DB-5725B16704FE} => pcalua.exe -a "D:\downloads\Acronis True Image Home 2014 17 Build 5560+BootCD [ChingLiu]\Activation\ActivationAcronisTIH.exe" -d "D:\downloads\Acronis True Image Home 2014 17 Build 5560+BootCD [ChingLiu]\Activation"
Task: {C11CFAE6-647A-4887-8551-32D68F645670} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe [2009-07-24] (CL)
Task: {C14AE31F-EFEC-48EE-BAD2-6793A5C6AC27} - System32\Tasks\{AA726CD0-96D9-4FE8-86C4-D4C07C91A366} => pcalua.exe -a "C:\Program Files (x86)\Lotto Sorcerer\Setup.exe" -d "C:\Program Files (x86)\Lotto Sorcerer" -c /remove /q0
Task: {C18BD476-A2C0-4BB2-BFFA-32F42D7211D7} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\SymErr.exe
Task: {C45ECF5F-2617-435F-B454-6B14BE9F5DED} - System32\Tasks\{53D4D17F-3852-4C58-A873-EC00EE6224AC} => pcalua.exe -a "C:\Program Files (x86)\Recover Keys\RecoverKeys.exe" -d C:\Users\Ανδρέας\Desktop
Task: {C501CE5A-5C61-489C-A3ED-9F33CEB4E4F3} - System32\Tasks\{9438D44D-8874-4232-AD85-66B615998EC0} => F:\VCDS-Beta-11.3.0-Installer.exe
Task: {C57C6784-BB8A-44F6-ABE0-D1D36A9FBFFB} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {C690DA8C-D667-49FE-9B32-7020E323E04D} - System32\Tasks\{96A37C2C-095D-4838-97A4-8F2C274A5C38} => pcalua.exe -a "D:\downloads\Audi ELSAWIN\audi data en\setup.exe" -d "D:\downloads\Audi ELSAWIN\audi data en"
Task: {C7769075-A7F6-4E15-B127-36728978E738} - System32\Tasks\{990769D1-FEB0-45B8-8A52-834A72CC0F00} => C:\Program Files (x86)\ChessBase\ChessProgram13\ChessProgram13.exe [2015-02-25] (ChessBase GmbH)
Task: {CAA411FE-D5E3-4982-B82B-57011A7DFC9C} - System32\Tasks\{BE6C6ECD-21E5-4C03-ABAE-1B2874E9E7C9} => pcalua.exe -a "D:\downloads\BSplayer Pro 2.62.1068 Final + Keys By FANTOMAS77\BSplayer Pro 2.62.1068 Final + Keys By FANTOMAS77.exe" -d "D:\downloads\BSplayer Pro 2.62.1068 Final + Keys By FANTOMAS77"
Task: {CAB139E9-DFA9-4973-BDB9-DC515D603625} - System32\Tasks\Norton Management\Norton Error Processor => C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\SymErr.exe
Task: {CDEF1B33-661F-4E58-8B29-A5DB23354093} - System32\Tasks\{03C2B2FD-0875-436E-A839-6F357F3AC64D} => pcalua.exe -a "C:\Users\Ανδρέας\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V1UKJ4FX\sp45974[1].exe" -d C:\Users\Ανδρέας\Desktop
Task: {D0BED1C7-DCC4-47E9-A6D4-CC5733E4CA8E} - System32\Tasks\{049A84D9-6A8D-4B27-B9B6-0A3CA4202C0B} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {D364B8A2-469E-43AE-A635-C416656C38EB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3641372981-3819987845-3030416424-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {D574C168-8C1F-408E-9872-B004271D358C} - System32\Tasks\{072463E7-F3D9-4320-96E2-C9EA19D6B293} => pcalua.exe -a "C:\Users\Ανδρέας\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8HFFYO3X\sp45524[1].exe" -d C:\Users\Ανδρέας\Desktop
Task: {D79816F8-BAB8-42BC-8078-92B180A3227B} - System32\Tasks\{A77D6617-4AB4-4153-BC9C-65E4B7B2F4DB} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {DB5B9867-FBE2-4601-9FBC-D7CBA27BA355} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {DCE0DF53-0E42-4949-BDB6-CF619578214B} - System32\Tasks\{0096695D-4410-4E86-A3E9-A29B415AE293} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {DDE52B1F-4F5E-4387-8A20-95F658A662BB} - System32\Tasks\{6962E49D-423E-4C6A-B424-38B75146C5F4} => pcalua.exe -a D:\downloads\sp45046.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {DE3B880F-94A8-4ECE-B0DD-42504F536745} - System32\Tasks\Norton Management\Norton Error Analyzer => C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\SymErr.exe
Task: {DE6E2FC1-393B-45B9-8E60-C471E85BC0AE} - System32\Tasks\{88090CC0-D815-4194-BC64-C787D8A04975} => D:\downloads\ETKA 7.4 2013\ETKA74_Germany_2013.exe
Task: {DEB0F96C-8A86-4559-A44B-384AA831734D} - System32\Tasks\{97D6DB61-65A6-4E98-B9E4-DF82811C6CD1} => pcalua.exe -a D:\downloads\lotto-sorcerer-6.33.exe -d D:\downloads
Task: {DF6C6C91-FA44-4025-90F1-6418C82ABA39} - System32\Tasks\{A7D625CC-1BC5-4C25-B24E-A5E3E88D2AF1} => pcalua.exe -a "D:\downloads\ETKA7.3\Crack by Voliacom\Beta Emulator\hldrv32.exe" -d "D:\downloads\ETKA7.3\Crack by Voliacom\Beta Emulator"
Task: {E0E30241-13AE-49FB-87E5-FFEDF1B4A683} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-03-05] (Microsoft)
Task: {E17670BD-6120-4BAE-84F7-15DC96BBD5E2} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe [2009-07-24] (CL)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {E41DB473-29DB-49A2-99E3-114EC9831D13} - System32\Tasks\{A5656D16-2CDA-4C70-9E09-75C7AED4467E} => pcalua.exe -a D:\downloads\cain20.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {E662DC2A-5013-4C28-8129-102A3B88038D} - System32\Tasks\{680465E9-7DBB-45FC-B08B-475614A227B9} => pcalua.exe -a D:\downloads\ETKA7.3\ms_system\Hardlock\install\hldrv32.exe -d D:\downloads\ETKA7.3\ms_system\Hardlock\install
Task: {E96F3B37-1473-4687-844D-4D34AF6882C0} - System32\Tasks\{FD9EBB5F-E9C7-47C8-B1A1-EA463A340B81} => pcalua.exe -a D:\downloads\ETKA7.3\connect\sapoci\SapOcicfg.EXE -d D:\downloads\ETKA7.3\connect\sapoci
Task: {EBC0C9EE-8B83-4875-B10E-A3880DAFCF60} - System32\Tasks\{1CCBAEBE-05E3-4510-8F48-2BA54B96236B} => pcalua.exe -a "D:\downloads\incomplete\FL Studio 10.0.9 XXL Bundle + 24 Plugins Retail [ChingLiu]\flstudio_10.0.9.exe" -d "D:\downloads\incomplete\FL Studio 10.0.9 XXL Bundle + 24 Plugins Retail [ChingLiu]"
Task: {ED3F130A-1783-4D64-B9BE-752CC09689C6} - System32\Tasks\{4DF5F4B8-F0BA-4D2F-9342-6A6156CF24A1} => pcalua.exe -a "C:\Users\Ανδρέας\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8HFFYO3X\sp45041[1].exe" -d C:\Users\Ανδρέας\Desktop
Task: {EEC67853-977D-4A62-A39A-E4940EAA8177} - System32\Tasks\{1C697FB1-1D02-4874-9AE1-F060BFC4E54B} => F:\Setup\setup.exe
Task: {EFBFB22E-5D76-41DE-BFC3-B4F8B20FBEF8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {F348B185-5FEE-43CE-AC55-8DBFDCF3175E} - System32\Tasks\{D54EF487-8CDD-44EC-9EC3-43B4BA3D822E} => C:\Program Files (x86)\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\CV.exe
Task: {F42977D6-560B-41BE-9644-13F6E27826FD} - System32\Tasks\{AA0218D2-A432-4837-9B26-BAAAAB726CD7} => pcalua.exe -a D:\downloads\sp48591.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {F4D7B955-8E3B-4415-B194-05E4B4D4C20F} - System32\Tasks\{882906EA-99E9-4203-B581-DAA8A078E5A3} => pcalua.exe -a D:\downloads\sp48482_5.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {F597B6B5-1536-4AC1-AD70-B0BA66435198} - System32\Tasks\{43DD6850-7E19-4C03-9F51-3BE614DE585D} => pcalua.exe -a "C:\Program Files (x86)\Windows Lotto Pro 2000\lotpro2000.exe" -d C:\Users\Ανδρέας\Desktop
Task: {F8666ED1-4882-4190-AE30-EF5B92BC0D33} - System32\Tasks\{B8678CAD-37FC-4DC9-B54B-46880375565A} => pcalua.exe -a D:\downloads\sp45974_2.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {FB4B96E0-7DEA-40E2-BDF2-771801FBDD84} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {FB65A763-A662-4C58-B9BC-1BE620539E9B} - System32\Tasks\{896DAF0E-8C93-43D0-BF91-4F5E1DF65BD6} => pcalua.exe -a C:\Users\Ανδρέας\Documents\Downloads\Programs\uninstall_flash_player.exe -d C:\Users\Ανδρέας\AppData\Roaming\IDM
Task: {FF70AB13-7776-4CA0-BF72-A8496368AA86} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe [2009-07-24] (CL)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3641372981-3819987845-3030416424-1001Core.job => C:\Users\‘½΄Α­±Β\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3641372981-3819987845-3030416424-1001UA.job => C:\Users\‘½΄Α­±Β\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForΑνδρέας.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) ==============

2013-08-19 00:35 - 2013-08-19 00:35 - 00457960 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
2014-07-27 10:41 - 2014-07-27 10:41 - 08892576 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-02-16 15:01 - 2015-02-16 15:01 - 02623488 _____ () C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll
2012-07-05 19:47 - 2012-07-05 19:47 - 00185488 _____ () C:\Program Files\Roxio\Roxio Burn\RB_ContextMenu64.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-19 01:04 - 2013-08-19 01:04 - 00022760 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
2009-09-17 23:14 - 2009-01-21 20:47 - 00247152 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-01-20 22:35 - 2015-01-20 22:35 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2012-11-16 14:09 - 2012-11-16 14:09 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-07-01 14:44 - 2009-07-01 14:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2012-09-27 18:23 - 2012-09-27 18:23 - 00535184 _____ () C:\Program Files (x86)\Roxio Creator NXT 2\Roxio Burn\RoxioBurnLauncher.exe
2013-08-19 01:04 - 2013-08-19 01:04 - 03322600 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BEngine.dll
2013-08-19 01:04 - 2013-08-19 01:04 - 00524520 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\TRREngine.dll
2013-08-19 01:04 - 2013-08-19 01:04 - 00108776 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\Logging.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2014-07-27 10:41 - 2014-07-27 10:41 - 08892576 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-08-16 22:17 - 2011-10-30 13:28 - 00029696 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\QtSolutions_SingleApplication-head.dll
2013-08-16 22:17 - 2011-10-22 07:05 - 08343040 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\QtGui4.dll
2013-08-16 22:17 - 2011-08-28 19:41 - 02305536 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\QtCore4.dll
2013-08-16 22:17 - 2011-08-28 19:42 - 00862720 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\QtNetwork4.dll
2013-08-16 22:17 - 2011-10-30 13:28 - 00582144 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\QtSolutions_PropertyBrowser-head.dll
2013-08-16 22:17 - 2011-08-28 19:57 - 01339904 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\QtScript4.dll
2013-08-16 22:17 - 2011-08-28 20:50 - 00581120 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\QtScriptTools4.dll
2013-08-16 22:17 - 2011-11-03 20:20 - 00617984 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\QxtGui.dll
2013-08-16 22:17 - 2011-11-03 20:21 - 00395264 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\QxtCore.dll
2013-08-16 22:17 - 2011-08-28 20:51 - 00026624 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qgif4.dll
2013-08-16 22:17 - 2011-08-28 20:51 - 00029184 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qico4.dll
2013-08-16 22:17 - 2011-08-28 20:51 - 00200704 _____ () C:\Program Files (x86)\DuckLink\DuckCapture\plugins\imageformats\qjpeg4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 08507232 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 02354016 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 01014624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00364384 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 02480992 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 01346912 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00206176 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 02653024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00033120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00035680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00207200 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 11166560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00276832 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2014-11-11 10:21 - 2014-11-11 10:21 - 00392552 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2014-11-11 10:21 - 2014-11-11 10:21 - 00059752 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2014-11-19 12:47 - 2014-11-19 12:47 - 00438624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00446304 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00520544 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00720736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2014-11-19 12:46 - 2014-11-19 12:46 - 00606560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2014-11-19 12:48 - 2014-11-19 12:48 - 00093024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2014-07-27 21:08 - 2005-08-05 15:24 - 00028672 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3\uPiApi.dll
2014-07-27 21:08 - 2004-12-14 11:00 - 00430080 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3\fpxlib.dll
2014-07-27 21:08 - 2006-01-06 13:51 - 00266303 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3\magengin.dll
2014-07-27 21:08 - 2004-12-01 16:21 - 00180224 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3\kgl.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-23 14:55 - 2014-01-23 14:55 - 01030312 _____ () C:\Program Files (x86)\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:1F8C9007
AlternateDataStreams: C:\ProgramData\Temp:C8B8CEBD
AlternateDataStreams: C:\ProgramData\Temp:D287FACF
AlternateDataStreams: C:\ProgramData\Temp:D3A96964
AlternateDataStreams: C:\ProgramData\Temp:EDA8E5DF
AlternateDataStreams: C:\Users\Ανδρέας\AppData\Roaming\Microsoft Excel 97-2003.EML:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: BCSSync =>
MSCONFIG\startupreg: DuckCapture => "C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe" /autorun
MSCONFIG\startupreg: Google Update => "C:\Users\Ανδρέας\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: iFunBox Price Watch => D:\downloads\ifunbox2014\iFunBox2014.exe /tray
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray

==================== Accounts: =============================

Administrator (S-1-5-21-3641372981-3819987845-3030416424-500 - Administrator - Disabled)
Guest (S-1-5-21-3641372981-3819987845-3030416424-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3641372981-3819987845-3030416424-1004 - Limited - Enabled)
Ανδρέας (S-1-5-21-3641372981-3819987845-3030416424-1001 - Administrator - Enabled) => C:\Users\Ανδρέας

==================== Faulty Device Manager Devices =============

Name: Shrew Soft Lightweight Filter
Description: Shrew Soft Lightweight Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vflt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/18/2015 04:06:20 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2015-03-24T11:31:20Z. Error Code: 0x80041321.

Error: (03/18/2015 04:05:50 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x800700b7, Failed to add Gather Application: Windows>.

Error: (03/18/2015 04:03:24 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x800700b7, Failed to add Gather Application: Windows>.

Error: (03/18/2015 04:02:36 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x800700b7, Failed to add Gather Application: Windows>.

Error: (03/18/2015 04:02:22 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x800700b7, Failed to add Gather Application: Windows>.

Error: (03/18/2015 04:01:39 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x800700b7, Failed to add Gather Application: Windows>.

Error: (03/18/2015 04:01:18 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x800700b7, Failed to add Gather Application: Windows>.

Error: (03/18/2015 03:59:01 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x800700b7, Failed to add Gather Application: Windows>.

Error: (03/18/2015 03:58:55 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x800700b7, Failed to add Gather Application: Windows>.

Error: (03/18/2015 03:58:15 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x800700b7, Failed to add Gather Application: Windows>.


System errors:
=============
Error: (03/18/2015 04:10:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 33 time(s).

Error: (03/18/2015 04:10:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Search service terminated with the following error:
%%183

Error: (03/18/2015 04:09:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 32 time(s).

Error: (03/18/2015 04:09:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Search service terminated with the following error:
%%183

Error: (03/18/2015 04:09:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 31 time(s).

Error: (03/18/2015 04:09:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Search service terminated with the following error:
%%183

Error: (03/18/2015 04:08:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 30 time(s).

Error: (03/18/2015 04:08:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Search service terminated with the following error:
%%183

Error: (03/18/2015 04:08:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 29 time(s).

Error: (03/18/2015 04:08:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Search service terminated with the following error:
%%183


Microsoft Office Sessions:
=========================
Error: (03/18/2015 04:06:20 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413212015-03-24T11:31:20Z

Error: (03/18/2015 04:05:50 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 10x800700b7Failed to add Gather Application: Windows

Error: (03/18/2015 04:03:24 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 10x800700b7Failed to add Gather Application: Windows

Error: (03/18/2015 04:02:36 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 10x800700b7Failed to add Gather Application: Windows

Error: (03/18/2015 04:02:22 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 10x800700b7Failed to add Gather Application: Windows

Error: (03/18/2015 04:01:39 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 10x800700b7Failed to add Gather Application: Windows

Error: (03/18/2015 04:01:18 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 10x800700b7Failed to add Gather Application: Windows

Error: (03/18/2015 03:59:01 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 10x800700b7Failed to add Gather Application: Windows

Error: (03/18/2015 03:58:55 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 10x800700b7Failed to add Gather Application: Windows

Error: (03/18/2015 03:58:15 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 10x800700b7Failed to add Gather Application: Windows


Edited by ankarage, 18 March 2015 - 09:42 AM.


#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:47 AM

Posted 18 March 2015 - 09:37 AM

What about step 1?

You must run thr fix to remove the malware.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 ankarage

ankarage
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 18 March 2015 - 10:14 AM

Its OK.
Sorry ,I forget to send the logfile of step 1.



Fixlog_18-03-2015_16-09-14
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Ανδρέας at 2015-03-18 16:08:59 Run:2
Running from C:\FRST\Logs\New folder
Loaded Profiles: Ανδρέας (Available profiles: Ανδρέας)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-3655513571-3204461518-4247198270-1000\...\Run: [AS2014] - C:\ProgramData\6XDvn37n\6XDvn37n.exe
C:\ProgramData\6XDvn37n
S2 vToolbarUpdater18.0.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe [X]
*****************

HKU\S-1-5-21-3655513571-3204461518-4247198270-1000\Software\Microsoft\Windows\CurrentVersion\Run\\HKU\S-1-5-21-3655513571-3204461518-4247198270-1000\...\Run: [AS2014] - C:\ProgramData\6XDvn37n\6XDvn37n.exe => Value not found.
"C:\ProgramData\6XDvn37n" => File/Directory not found.
vToolbarUpdater18.0.0 => Service not found.

==== End of Fixlog 16:09:00 ====


Edited by ankarage, 18 March 2015 - 10:16 AM.


#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:47 AM

Posted 18 March 2015 - 10:20 AM

Sorry.That is not my attached fixlist.
Please download the fixlist above.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 ankarage

ankarage
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 18 March 2015 - 10:59 AM

I apologize for my mistake.I repeated the procedure with correct fixlist.

I send you the correct logfiles,

Now i don't see the file  securityhelper.dll.!!!

 

FIXLOG

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Ανδρέας at 2015-03-18 17:29:15 Run:3
Running from C:\FRST\Logs\New folder
Loaded Profiles: Ανδρέας (Available profiles: Ανδρέας)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
2015-02-16 15:01 - 2015-02-16 15:01 - 02623488 _____ () C:\ProgramData\Microsoft\Security\
AlternateDataStreams: C:\ProgramData\Temp:1F8C9007
AlternateDataStreams: C:\ProgramData\Temp:C8B8CEBD
AlternateDataStreams: C:\ProgramData\Temp:D287FACF
AlternateDataStreams: C:\ProgramData\Temp:D3A96964
AlternateDataStreams: C:\ProgramData\Temp:EDA8E5DF
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [0WinSecurityProvider] -> {F76FA5C2-3B6A-451E-8CA5-34C8D0AE0637} => C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll ()
CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1424107781&from=cor&uid=WDCXWD3200BEKT-60F3T1_WD-WX10AA9U5177U5177"
CHR DefaultSuggestURL: Default -> http://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
*****************

Processes closed successfully.

"C:\ProgramData\Microsoft\Security" directory move:

Could not move "C:\ProgramData\Microsoft\Security" directory. => Scheduled to move on reboot.

C:\ProgramData\Temp => ":1F8C9007" ADS removed successfully.
C:\ProgramData\Temp => ":C8B8CEBD" ADS removed successfully.
C:\ProgramData\Temp => ":D287FACF" ADS removed successfully.
C:\ProgramData\Temp => ":D3A96964" ADS removed successfully.
C:\ProgramData\Temp => ":EDA8E5DF" ADS removed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\0WinSecurityProvider" => Key deleted successfully.
"HKCR\CLSID\{F76FA5C2-3B6A-451E-8CA5-34C8D0AE0637}" => Key deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSuggestURL not detected.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-03-18 17:31:15)<=

C:\ProgramData\Microsoft\Security => Is moved successfully.

==== End of Fixlog 17:31:15 ====

 

 

 

FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Ανδρέας (administrator) on ADMIN on 18-03-2015 17:36:42
Running from C:\FRST\Logs
Loaded Profiles: Ανδρέας (Available profiles: Ανδρέας)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrAdm.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrDba.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrHis.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrPas.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrSaz.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrAuf.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\MSOSYNC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(BitTorrent Inc.) C:\Users\Ανδρέας\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(DuckLink Software) C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(i-Funbox.com) C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3\TMMonitor.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\TscHelp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagitEditor.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
() C:\Program Files (x86)\Roxio Creator NXT 2\Roxio Burn\RoxioBurnLauncher.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Opera Software) C:\Program Files (x86)\Opera\launcher.exe
(Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
(Microsoft Corporation) C:\Windows\System32\Dism.exe
() C:\Program Files (x86)\Opera\28.0.1750.48\opera_autoupdate.exe
(Microsoft Corporation) C:\Users\Ανδρέας\AppData\Local\Temp\D4F165C3-25BD-41D3-B291-CCC4A3AE79D3\DismHost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-07-21] ()
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-05-20] (Hewlett-Packard Company)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2010-02-25] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Roxio Creator NXT 2\Common\RoxWatchTray15.exe [294632 2013-08-19] (Corel Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [uTorrent] => C:\Users\Ανδρέας\AppData\Roaming\uTorrent\uTorrent.exe [1677904 2015-01-22] (BitTorrent Inc.)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [Google Update] => C:\Users\Ανδρέας\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-24] (Google Inc.)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3837520 2014-09-26] (Tonec Inc.)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [DuckCapture] => C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe [436736 2011-11-03] (DuckLink Software)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [iFunBox Fast App Install Handler] => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe [2508288 2015-02-10] (i-Funbox.com)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2015-02-16] (Google Inc.)
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\MountPoints2: {dcb285dc-ad34-11df-a070-806e6f6e6963} - "G:\WD SmartWare.exe" autoplay=true
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 10.lnk
ShortcutTarget: Snagit 10.lnk -> C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe (TechSmith Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3\TMMonitor.exe (ArcSoft, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://gr.msn.com/?mkt=el-gr&ocid=iehp
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = ${SEARCH_URL}{searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> {DB6EB4DB-4BD7-41B2-91E8-665A5D8C6B47} URL = https://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2014-06-05] (Internet Download Manager, Tonec Inc.)
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll [2010-04-13] (TechSmith Corporation)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-08-12] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06] (Google Inc.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll [2014-07-31] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-07-27] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: No Name -> {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} ->  No File
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2014-06-05] (Internet Download Manager, Tonec Inc.)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll [2010-04-13] (TechSmith Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-08-12] (Microsoft Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-17] (Oracle Corporation)
BHO-x32: Βοηθός εισόδου του Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-06] (Google Inc.)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll [2014-07-31] (Symantec Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-07-27] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-17] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll [2010-04-13] (TechSmith Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll [2014-07-31] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06] (Google Inc.)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll [2010-04-13] (TechSmith Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-06] (Google Inc.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll [2014-07-31] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> No Name - {1C376F3E-105A-47F1-BC4F-A5EAFB1E62E2} -  No File
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06] (Google Inc.)
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} -  No File
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> No Name - {5B291E6C-9A74-4034-971B-A4B007A0B315} -  No File
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> No Name - {D44C9227-30BD-47D4-8137-95D32189D02A} -  No File
Toolbar: HKU\S-1-5-21-3641372981-3819987845-3030416424-1001 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1259.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - C:\ElsaWin\bin\wiprot.dll [2011-12-06] (TODO: <Company name>)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Ανδρέας\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2012-05-30] (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-11-15] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-08-29] (Nero AG)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2852 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2008-04-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.46 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2008-04-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2008-04-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2008-04-28] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @veetle.com/vbp;version=0.9.17 -> C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll [2010-03-23] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [2010-10-16] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [2010-09-21] (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3641372981-3819987845-3030416424-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-3641372981-3819987845-3030416424-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ανδρέας\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-11-15] (Microsoft Corporation)
FF Extension: Anaglyph Class - C:\Users\Ανδρέας\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default\Extensions\{35D85EC0-7688-5B01-DE09-5CC22DA897FF} [2015-02-25]
FF Extension: DownloadHelper - C:\Users\Ανδρέας\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-10-20]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn [2015-03-18]
FF HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Ανδρέας\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Ανδρέας\AppData\Roaming\IDM\idmmzcc5 [2014-09-26]
FF HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Ανδρέας\AppData\Roaming\IDM\idmmzcc5
FF Extension: No Name - C:\Users\Ανδρέας\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default\extensions\plugin@yontoo.com.xpi [Not Found]
FF Extension: No Name - C:\Users\Ανδρέας\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com [Not Found]

Chrome:
=======
CHR DefaultSuggestURL: Default -> http://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\ΑνδΟΞ­Ξ±Ο‚\AppData\Local\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\ΑνδΟΞ­Ξ±Ο‚\AppData\Local\Google\Chrome\Application\40.0.2214.115\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\ΑνδΟΞ­Ξ±Ο‚\AppData\Local\Google\Chrome\Application\40.0.2214.115\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Norton Confidential) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.2.5_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.230.5) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U23) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle Broadcaster Plugin) - C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Ανδρέας\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Anaglyph Class) - C:\Users\Ανδρέας\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-03-05]
CHR Extension: (Norton Identity Safe) - C:\Users\Ανδρέας\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-10]
CHR Extension: (IDM Integration Module) - C:\Users\Ανδρέας\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-01-26]
CHR Extension: (Norton Safe) - C:\Users\Ανδρέας\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2014-08-10]
CHR Extension: (Google Wallet) - C:\Users\Ανδρέας\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-15]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-06-05]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\Exts\Chrome.crx [2014-08-08]
StartMenuInternet: Google Chrome - C:\Users\Ανδρέας\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457960 2013-08-19] ()
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22760 2013-08-19] ()
S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-11-01] (CyberLink)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2015-03-02] (Macrovision Europe Ltd.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
R2 LcSvrAdm; C:\ElsaWin\bin\LcSvrAdm.exe [240640 2011-12-06] (Volkswagen AG) [File not signed]
R3 LcSvrAuf; C:\ElsaWin\bin\LcSvrAuf.exe [1321472 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrDba; C:\ElsaWin\bin\LcSvrDba.exe [392704 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrHis; C:\ElsaWin\bin\LcSvrHis.exe [335360 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrPAS; C:\ElsaWin\bin\LcSvrPas.exe [477696 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrSaz; C:\ElsaWin\bin\LcSvrSaz.exe [373248 2011-12-06] (Volkswagen AG) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe [130104 2014-07-31] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()
R2 RoxioBurnLauncher; C:\Program Files (x86)\Roxio Creator NXT 2\Roxio Burn\RoxioBurnLauncher.exe [535184 2012-09-27] ()
S3 RoxMediaDB15; C:\Program Files (x86)\Roxio Creator NXT 2\Common\RoxMediaDB15.exe [1097448 2013-08-19] (Corel Corporation)
S2 RoxWatch15; C:\Program Files (x86)\Roxio Creator NXT 2\Common\RoxWatch15.exe [341736 2013-08-19] (Corel Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AESTAud; C:\Windows\System32\drivers\AESTAu64.sys [146048 2009-04-20] (Andrea Electronics Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
U5 NBVol; C:\Windows\System32\Drivers\NBVol.sys [72240 2011-07-13] (Nero AG)
U5 NBVolUp; C:\Windows\System32\Drivers\NBVolUp.sys [15920 2011-07-13] (Nero AG)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S1 ntiomin; No ImagePath
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RT-USB; C:\Windows\System32\drivers\RT-USB64.SYS [70984 2010-06-16] (Ross-Tech LLC)
S3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [238096 2012-05-21] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [39016 2011-12-29] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832U_IRHID; C:\Windows\SysWOW64\DRIVERS\RTL2832U_IRHID.sys [44320 2009-10-05] (Realtek)
S3 RTL8187; C:\Windows\System32\DRIVERS\wg111v2.sys [340992 2007-12-26] (NETGEAR Inc.)
R0 Sahdad64; C:\Windows\System32\Drivers\Sahdad64.sys [28304 2013-08-19] (Corel Corporation)
R0 Saibad64; C:\Windows\System32\Drivers\Saibad64.sys [20112 2013-08-19] (Corel Corporation)
R1 SaibVdAd64; C:\Windows\System32\Drivers\SaibVdAd64.sys [27792 2013-08-19] (Corel Corporation)
S1 vflt; C:\Windows\System32\DRIVERS\vfilter.sys [20992 2009-11-19] (Shrew Soft Inc) [File not signed]
S3 vnet; C:\Windows\System32\DRIVERS\virtualnet.sys [12800 2009-11-19] (Shrew Soft Inc) [File not signed]
S2 NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-18 13:43 - 2015-03-18 17:31 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-18 13:42 - 2015-03-18 13:42 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-18 13:42 - 2015-03-18 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-18 13:42 - 2015-03-18 13:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-18 13:42 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-18 13:42 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-18 13:42 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-18 13:17 - 2015-03-18 13:17 - 00000000 ____D () C:\8407210bffc95c87986bdfbb97
2015-03-18 13:17 - 2015-03-18 13:17 - 00000000 ____D () C:\5534359a370433fdf1cb1f3fbae3
2015-03-18 13:16 - 2015-03-18 13:17 - 00000000 ____D () C:\211383d1db0e5f95c439
2015-03-18 09:13 - 2015-03-18 09:14 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\{7CFC7DBB-9A39-44FE-A335-D1F1E1A55A16}
2015-03-17 22:30 - 2015-03-17 22:30 - 00000000 ____D () C:\d48726ec622b77c2d059e50c26
2015-03-17 22:30 - 2015-03-17 22:30 - 00000000 ____D () C:\64d755e0c2d58fe12663f6c2bd
2015-03-17 22:30 - 2015-03-17 22:30 - 00000000 ____D () C:\12dfb59266ad11b24ca67e
2015-03-17 21:12 - 2015-03-17 21:12 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\{18F40C63-BE6E-4971-80E6-48932D2E88C7}
2015-03-17 20:27 - 2015-03-18 17:36 - 00000000 ____D () C:\FRST
2015-03-17 16:38 - 2015-03-17 16:38 - 00000000 ____D () C:\0fadfdac6f4049db0ba763cbc6b73074
2015-03-17 16:38 - 2015-03-17 16:38 - 00000000 ____D () C:\0a7fbe604d11990eef47d1
2015-03-17 16:37 - 2015-03-17 16:38 - 00000000 ____D () C:\7e436305061e55d5836c738933a4a2
2015-03-16 20:07 - 2015-03-16 20:07 - 11960320 _____ () C:\Windows\system32\config\software.rrr
2015-03-16 20:07 - 2015-03-16 20:07 - 00819200 _____ () C:\Windows\system32\config\default.rrr
2015-03-16 20:07 - 2015-03-16 20:07 - 00003072 _____ () C:\Windows\system32\Cache.db
2015-03-16 07:54 - 2015-03-16 07:54 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-16 07:20 - 2015-03-16 07:20 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\AVG
2015-03-16 07:19 - 2015-03-16 07:19 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\Avg
2015-03-16 07:18 - 2015-03-16 07:22 - 00000000 ____D () C:\ProgramData\AVG
2015-03-15 22:11 - 2015-03-18 12:03 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-03-15 21:49 - 2015-03-15 21:49 - 00110033 _____ () C:\ProgramData\1426448826.bdinstall.bin
2015-03-15 16:52 - 2015-03-15 16:52 - 00097892 _____ () C:\ProgramData\1426430219.bdinstall.bin
2015-03-15 16:36 - 2015-03-15 16:36 - 00037823 _____ () C:\ProgramData\1426430215.bdinstall.bin
2015-03-15 16:34 - 2015-03-15 16:34 - 00202594 _____ () C:\ProgramData\1426419554.bdinstall.bin
2015-03-15 13:42 - 2012-11-02 14:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-03-15 13:39 - 2015-03-16 07:35 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\QuickScan
2015-03-15 13:20 - 2015-03-15 21:59 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2015-03-14 12:47 - 2015-03-16 07:07 - 00004966 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ADMIN-Ανδρέας admin
2015-03-13 03:38 - 2015-03-18 12:59 - 00005411 _____ () C:\Windows\wininit.ini
2015-03-12 21:38 - 2015-03-12 21:38 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-03-12 21:37 - 2015-03-18 12:59 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-11 13:56 - 2015-03-11 13:56 - 00000000 ____D () C:\Users\Ανδρέας\Documents\Control4
2015-03-11 13:56 - 2015-03-11 13:56 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\Control4
2015-03-11 11:49 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 11:49 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 11:49 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 11:49 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 11:49 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 11:49 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 11:49 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 11:49 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 11:49 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 11:49 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 11:49 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 11:49 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 11:49 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 11:49 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 11:49 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 11:49 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 11:49 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 11:49 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 11:49 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 11:49 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 11:49 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 11:49 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 11:49 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 11:49 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 11:49 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 11:49 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 11:49 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 11:48 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 11:48 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 11:48 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 11:48 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 11:48 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 11:48 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 11:48 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 11:48 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 11:48 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 11:48 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 11:48 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 11:48 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 11:48 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 11:48 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 11:48 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 11:48 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 11:48 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 11:48 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 11:48 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 11:48 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 11:48 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 11:48 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 11:48 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 11:48 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 11:48 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 11:48 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 11:48 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 11:48 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 11:48 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 11:48 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 11:48 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 11:48 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 11:48 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 11:48 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 11:48 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 11:48 - 2015-01-31 05:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 11:48 - 2015-01-31 05:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 11:48 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 11:48 - 2015-01-31 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 11:48 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 11:48 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 11:48 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 11:48 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 11:47 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 11:47 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 11:47 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 11:47 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 11:47 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 11:47 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 11:47 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 11:47 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 11:47 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 11:47 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 11:47 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 11:47 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 11:47 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 11:47 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 11:47 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 11:47 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 11:47 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 11:47 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 11:47 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 11:47 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 11:47 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 11:47 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 11:47 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 11:47 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 11:47 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 11:47 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 11:47 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 11:47 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 11:47 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 11:47 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 11:47 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 11:47 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 11:47 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 11:47 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 11:47 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 11:47 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 11:47 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 11:47 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 11:47 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 11:47 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 11:47 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 11:47 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 11:47 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 11:47 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 11:47 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 11:47 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 11:47 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 11:47 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 11:47 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 11:47 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 11:47 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 11:47 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 11:47 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 11:47 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 11:47 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 11:47 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 11:47 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 11:47 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 11:47 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-10 19:01 - 2015-03-10 19:01 - 00000000 ____D () C:\Users\Public\Documents\Songs
2015-03-08 22:34 - 2015-03-08 22:34 - 00002483 _____ () C:\Users\Public\Desktop\ImageShack Uploader.lnk
2015-03-08 22:34 - 2015-03-08 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageShack Uploader
2015-03-08 22:34 - 2015-03-08 22:34 - 00000000 ____D () C:\Program Files (x86)\ImageShack Uploader
2015-03-08 08:06 - 2015-03-08 08:06 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security
2015-03-08 08:04 - 2015-03-18 12:50 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-03-08 08:04 - 2015-03-08 08:04 - 00003214 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-03-08 07:59 - 2015-03-08 07:59 - 00000000 ____D () C:\Windows\system32\Drivers\NSx64
2015-03-07 22:21 - 2015-03-07 22:21 - 00000000 ____D () C:\SUPERDelete
2015-03-07 22:03 - 2015-03-07 23:51 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-02 19:25 - 2008-04-07 05:38 - 00024416 ____R (Adobe Systems Inc.) C:\Windows\system32\AdobePDFUI.dll
2015-03-02 19:24 - 2015-03-02 19:24 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 9.lnk
2015-03-02 19:24 - 2015-03-02 19:24 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 9 Pro.lnk
2015-03-02 19:24 - 2015-03-02 19:24 - 00002173 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer ES 8.2.lnk
2015-03-02 19:24 - 2015-03-02 19:24 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk
2015-02-28 16:25 - 2015-02-28 16:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-27 19:20 - 2015-02-27 19:20 - 00001755 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-27 19:20 - 2015-02-27 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-27 19:19 - 2015-02-27 19:20 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-27 19:19 - 2015-02-27 19:19 - 00000000 ____D () C:\Program Files\iTunes
2015-02-27 19:19 - 2015-02-27 19:19 - 00000000 ____D () C:\Program Files\iPod
2015-02-26 09:53 - 2015-02-26 09:53 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\WinZip
2015-02-26 09:52 - 2015-02-26 09:52 - 00002213 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-02-26 09:52 - 2015-02-26 09:52 - 00002207 _____ () C:\Users\Public\Desktop\WinZip.lnk
2015-02-26 09:52 - 2015-02-26 09:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-02-26 09:52 - 2015-02-26 09:52 - 00000000 ____D () C:\Program Files\WinZip
2015-02-25 21:50 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 21:50 - 2015-01-09 01:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 19:25 - 2015-03-14 13:30 - 00000000 ____D () C:\NPE
2015-02-25 14:36 - 2015-03-16 07:54 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\Ecttion
2015-02-25 14:36 - 2015-03-15 22:17 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\ISsoft
2015-02-21 18:37 - 2015-02-21 18:37 - 00000000 ____D () C:\ProgramData\PCSettings
2015-02-17 18:40 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-17 18:40 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-17 18:40 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-17 18:40 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-16 19:48 - 2015-02-16 19:48 - 00001336 _____ () C:\Users\Public\Desktop\iBackupBot for iTunes.lnk
2015-02-16 19:48 - 2015-02-16 19:48 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\VOWSoft
2015-02-16 19:48 - 2015-02-16 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VOWSoft iPod Software
2015-02-16 19:29 - 2015-03-18 14:59 - 00003824 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1424107746
2015-02-16 19:29 - 2015-02-16 19:29 - 00001141 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-02-16 19:29 - 2015-02-16 19:29 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-02-16 19:29 - 2015-02-16 19:29 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\Opera Software
2015-02-16 19:29 - 2015-02-16 19:29 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\Opera Software
2015-02-16 19:27 - 2015-03-18 14:59 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-16 19:27 - 2015-02-16 19:27 - 05880800 _____ () C:\Users\Ανδρέας\Downloads\ibackupbot_setup.exe
2015-02-16 14:59 - 2015-02-16 14:59 - 00000193 _____ () C:\Windows\WORDPAD.INI
2015-02-16 14:32 - 2015-03-09 22:23 - 00000000 ____D () C:\Program Files (x86)\93f50bdf-d9f0-4c81-9043-83de3bcdfe0f

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-18 17:38 - 2009-12-24 22:16 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\uTorrent
2015-03-18 17:37 - 2011-09-05 13:51 - 01182172 _____ () C:\Windows\WindowsUpdate.log
2015-03-18 17:35 - 2012-06-13 12:34 - 00000000 ____D () C:\Users\Ανδρέας\Documents\Outlook Files
2015-03-18 17:34 - 2013-01-26 17:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-18 17:32 - 2009-12-24 06:39 - 00000000 ____D () C:\Users\Ανδρέας\Tracing
2015-03-18 17:30 - 2010-11-21 05:47 - 06816698 _____ () C:\Windows\PFRO.log
2015-03-18 17:30 - 2009-12-24 22:05 - 00001180 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-18 17:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-18 17:30 - 2009-07-14 06:51 - 17540091 _____ () C:\Windows\setupact.log
2015-03-18 17:26 - 2012-03-22 21:57 - 00001202 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3641372981-3819987845-3030416424-1001UA.job
2015-03-18 17:24 - 2009-12-24 22:05 - 00001184 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-18 16:24 - 2009-09-17 22:24 - 00000000 ____D () C:\ProgramData\Norton
2015-03-18 16:00 - 2009-07-14 06:45 - 00030512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-18 16:00 - 2009-07-14 06:45 - 00030512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-18 15:50 - 2010-01-06 20:04 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\DMCache
2015-03-18 11:46 - 2012-03-22 21:57 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3641372981-3819987845-3030416424-1001Core.job
2015-03-18 08:48 - 2014-08-17 10:40 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\Adobe
2015-03-17 21:40 - 2015-02-12 13:39 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForΑνδρέας
2015-03-17 21:40 - 2015-02-12 13:39 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForΑνδρέας.job
2015-03-17 20:11 - 2013-08-16 22:17 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\DuckLink
2015-03-17 20:11 - 2011-09-05 12:51 - 00000000 ____D () C:\Users\Ανδρέας
2015-03-17 20:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-03-17 10:22 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-16 20:17 - 2009-09-17 22:57 - 00000000 ____D () C:\ProgramData\Temp
2015-03-16 20:08 - 2012-06-20 13:30 - 14508032 _____ () C:\Users\Ανδρέας\s-1-5-21-3641372981-3819987845-3030416424-1001.rrr
2015-03-16 07:38 - 2013-12-17 12:48 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Subtitle Workshop
2015-03-16 07:38 - 2012-08-15 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative
2015-03-16 07:38 - 2010-04-12 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-03-16 07:35 - 2009-12-25 00:04 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\PowerCinema
2015-03-16 07:35 - 2009-12-23 21:55 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\HpUpdate
2015-03-16 07:35 - 2009-12-23 21:49 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\hpqlog
2015-03-16 07:34 - 2012-07-17 17:28 - 00000000 ____D () C:\Windows\Minidump
2015-03-16 07:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-03-16 07:33 - 2012-08-29 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-03-16 07:33 - 2012-08-14 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPhoneBrowser
2015-03-16 07:33 - 2012-06-06 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP600
2015-03-16 07:33 - 2012-03-13 08:43 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ChessBase
2015-03-16 07:33 - 2011-01-03 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft DirectX SDK (March 2009)
2015-03-16 07:33 - 2011-01-02 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Classic - Home Cinema
2015-03-16 07:33 - 2010-09-05 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub
2015-03-16 07:33 - 2010-08-14 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-03-16 07:33 - 2009-12-23 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2015-03-15 22:30 - 2010-03-14 21:44 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\CrashDumps
2015-03-15 22:13 - 2013-08-18 19:09 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\TuneUp Software
2015-03-14 13:47 - 2012-09-09 09:16 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\NPE
2015-03-13 05:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 17:37 - 2009-12-26 20:32 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-03-12 16:12 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-12 16:12 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-12 16:06 - 2009-07-14 06:45 - 05322704 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 16:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 16:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 22:02 - 2013-08-15 23:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 21:52 - 2012-07-21 09:38 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 21:45 - 2012-08-29 19:28 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-03-11 21:43 - 2012-11-06 20:39 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-03-10 19:01 - 2012-06-22 21:42 - 00000000 ____D () C:\Users\Public\Documents\Notation
2015-03-09 22:23 - 2010-04-18 17:27 - 00000000 ____D () C:\Program Files (x86)\RadioBar
2015-03-09 22:23 - 2010-04-17 08:55 - 00000000 ____D () C:\Program Files (x86)\Online_Radio_India
2015-03-09 15:34 - 2010-01-06 20:11 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\IDM
2015-03-08 23:04 - 2013-10-11 17:43 - 00000000 ____D () C:\Program Files (x86)\PC Connectivity Solution
2015-03-08 09:56 - 2014-08-16 23:04 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2015-03-08 08:08 - 2012-09-09 07:02 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-03-07 23:51 - 2014-06-02 07:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-03-07 23:45 - 2012-09-08 12:40 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\CRE
2015-03-07 17:20 - 2013-09-28 14:31 - 00000000 ____D () C:\temp
2015-03-07 15:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-06 17:03 - 2009-12-24 22:05 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\Google
2015-03-02 19:44 - 2011-09-05 14:14 - 00168792 _____ () C:\Users\Ανδρέας\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-02 19:29 - 2013-04-19 18:37 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-03-02 19:27 - 2012-11-07 19:11 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-02 19:21 - 2009-12-23 10:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-02 14:07 - 2010-07-25 10:15 - 00000000 ____D () C:\ProgramData\ChessBase
2015-03-02 14:07 - 2010-01-24 10:04 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Local\ChessBase
2015-03-02 14:07 - 2010-01-24 09:55 - 00000000 ____D () C:\Users\Ανδρέας\Documents\ChessBase
2015-03-02 14:06 - 2009-12-23 10:26 - 00000000 __RHD () C:\MSOCache
2015-02-27 20:56 - 2009-07-14 07:13 - 00786538 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-27 19:19 - 2014-01-29 19:44 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-27 19:19 - 2013-02-21 18:11 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-26 09:53 - 2012-11-10 19:33 - 00000000 ____D () C:\ProgramData\WinZip
2015-02-24 04:17 - 2010-11-21 05:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-23 12:33 - 2015-02-14 09:07 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\JihoiTunesExtractor
2015-02-21 18:47 - 2010-03-13 17:10 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2015-02-21 18:34 - 2012-09-09 07:02 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2015-02-21 13:55 - 2013-08-16 19:37 - 00000810 _____ () C:\Users\Public\Desktop\ElsaWin.lnk
2015-02-21 13:55 - 2013-08-16 19:37 - 00000810 _____ () C:\Users\Public\Desktop\ElsaWin Administration.lnk
2015-02-21 13:54 - 2012-06-14 23:56 - 00000344 _____ () C:\Windows\ODBC.INI
2015-02-21 12:44 - 2012-03-22 21:58 - 00000000 ____D () C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-20 16:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2015-02-16 19:48 - 2015-01-11 11:21 - 00000000 ____D () C:\Program Files (x86)\VOWSoft iPod Software
2015-02-16 13:20 - 2009-12-24 22:04 - 00000000 ____D () C:\ProgramData\Google
2015-02-16 13:20 - 2009-12-24 22:04 - 00000000 ____D () C:\Program Files\Google
2015-02-16 13:20 - 2009-12-24 22:04 - 00000000 ____D () C:\Program Files (x86)\Google

==================== Files in the root of some directories =======

2011-08-29 19:41 - 2011-09-07 11:49 - 0042821 _____ () C:\Users\Ανδρέας\AppData\Roaming\Apple ComputerMobileSyncBackupdc9162f1c4973c7505f6ec77109158f6e0aac23fInfo.plist
2013-05-18 08:07 - 2013-05-18 08:07 - 0226846 _____ () C:\Users\Ανδρέας\AppData\Roaming\AvidLicenseControl_Install.log
2011-02-01 20:54 - 2011-06-17 21:10 - 0001854 _____ () C:\Users\Ανδρέας\AppData\Roaming\GhostObjGAFix.xml
2010-06-23 19:14 - 2010-10-12 19:53 - 0000068 _____ () C:\Users\Ανδρέας\AppData\Roaming\LSV6.dat
2012-06-14 23:57 - 2012-06-14 23:57 - 0022248 _____ () C:\Users\Ανδρέας\AppData\Roaming\Microsoft Excel 97-2003.ADR
2012-06-15 02:09 - 2012-09-08 16:39 - 0009312 _____ () C:\Users\Ανδρέας\AppData\Roaming\Microsoft Excel 97-2003.EML
2010-11-04 19:57 - 2013-12-30 18:53 - 0000600 _____ () C:\Users\Ανδρέας\AppData\Roaming\winscp.rnd
2011-08-01 13:23 - 2011-08-01 13:23 - 0000290 _____ () C:\Users\Ανδρέας\AppData\Roaming\wklnhst.dat
2011-09-05 14:13 - 2011-09-05 14:13 - 0000000 _____ () C:\Users\Ανδρέας\AppData\Local\AtStart.txt
2014-01-26 16:33 - 2014-01-26 16:33 - 0003584 _____ () C:\Users\Ανδρέας\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-05 14:13 - 2011-09-05 14:13 - 0000000 _____ () C:\Users\Ανδρέας\AppData\Local\DSwitch.txt
2011-09-05 14:13 - 2011-09-05 14:13 - 0000000 _____ () C:\Users\Ανδρέας\AppData\Local\QSwitch.txt
2012-11-06 17:15 - 2012-11-06 17:15 - 0000017 _____ () C:\Users\Ανδρέας\AppData\Local\resmon.resmoncfg
2012-08-29 19:33 - 2013-11-15 18:23 - 0000700 ___SH () C:\Users\Ανδρέας\AppData\Local\systemFL7.$dk
2012-08-24 19:59 - 2013-11-18 15:15 - 0000700 ___SH () C:\Users\Ανδρέας\AppData\Local\systemFL7.dat
2015-03-15 16:34 - 2015-03-15 16:34 - 0202594 _____ () C:\ProgramData\1426419554.bdinstall.bin
2015-03-15 16:36 - 2015-03-15 16:36 - 0037823 _____ () C:\ProgramData\1426430215.bdinstall.bin
2015-03-15 16:52 - 2015-03-15 16:52 - 0097892 _____ () C:\ProgramData\1426430219.bdinstall.bin
2015-03-15 21:49 - 2015-03-15 21:49 - 0110033 _____ () C:\ProgramData\1426448826.bdinstall.bin
2013-04-29 22:30 - 2015-03-16 08:00 - 0000201 _____ () C:\ProgramData\HPWALog.txt
2013-11-08 20:51 - 2014-07-13 20:36 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2013-05-02 21:43 - 2013-05-02 21:45 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2013-09-13 05:56 - 2013-09-13 05:56 - 0002456 _____ () C:\ProgramData\regid.2012-08.com.Corel,Roxio_76C7858E-078C-4C49-AB1A-2A7072664935.swidtag

Some content of TEMP:
====================
C:\Users\Ανδρέας\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\Ανδρέας\AppData\Local\Temp\NOSEventMessages.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-03-16 18:09

==================== End Of Log ============================

 

 

ADDITION

==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU P8800 @ 2.66GHz
Percentage of memory in use: 60%
Total physical RAM: 4063.19 MB
Available physical RAM: 1615.7 MB
Total Pagefile: 8124.56 MB
Available Pagefile: 5183.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:297.89 GB) (Free:162.76 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:298.09 GB) (Free:132.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: EB8DFADB)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 9222066C)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#12 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:47 AM

Posted 18 March 2015 - 11:19 AM

:thumbup2:

Step 1

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

Step 2

zoek.jpg

Please download 51a612a8b27e2-Zoek.pngZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    systemspecs;
    filesrcm;
    emptyclsid;
    autoclean;
    
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.


Edited by deeprybka, 18 March 2015 - 11:24 AM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#13 ankarage

ankarage
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 18 March 2015 - 01:08 PM

I have uninstalled all antivirus prog.
Can i install now my antivirus(Norton Security)?

AdwCleaner
# AdwCleaner v4.112 - Logfile created 18/03/2015 at 19:16:24
# Updated 09/03/2015 by Xplode
# Database : 2015-03-15.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Ανδρέας - ADMIN
# Running from : D:\downloads\AdwCleaner_3.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v11.0 (el)

 

 

 

ZOEK

Zoek.exe v5.0.0.0 Updated 17-March-2015
Tool run by €¤›¨β on ’« 18/03/2015 at 19:26:04,14.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\downloads\zoek_2.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-03-18-172601.log 348 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 4064 MB
CPU Info: Intel® Core™2 Duo CPU     P8800  @ 2.66GHz
CPU Speed: 2256,4 MHz
Sound Card: Speakers and Dual Headphones (I |
Independent Dual Headphones (ID |
SPDIF (Digital Out via HP Dock) |
Display Adapters: ATI Mobility Radeon HD 4650 | ATI Mobility Radeon HD 4650 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1600 X 900 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Broadcom 802.11b/g WLAN | Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (F: | ) F: hp      BD ROM BC-5500S
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  297,9GB | D:  298,1GB
Hard Disks - Free: C:  172,9GB | D:  132,1GB
Manufacturer *: Hewlett-Packard
BIOS Info: AT/AT COMPATIBLE | 08/25/11 | HPQOEM - 1
Time Zone: GTB Standard Time
Motherboard *: Hewlett-Packard 3624
Country: Greece
Language: ELL

==== System Specs (Software) ======================

Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Opera Internet Browser 28.0.1750.48
Internet Explorer Version: 11.0.9600.17691
Mozilla Firefox version: 11.0 (x86 el)
Opera Browser version: 28.0.1750.48
Google Chrome version: 41.0.2272.89
Sun Java version: 1.7.0_67 (32-bit)
Flash Player version: 16.0.0.305
Shockwave Player version: 12.0.2r122

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\D5E7~1\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-03-11 09:49:25 965D6A2B30A95A9F7EF13653988D3D9F 299008 ----a-w- C:\Windows\SysWOW64\atmfd.dll
2015-03-11 09:49:24 ABB358777FDF4AF51B2FE26137D2B8D4 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll
2015-03-11 09:49:24 55273844B66D77A2F1A2213C17A9EA4A 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll
2015-03-11 09:49:24 274F0540FD4C88FC845C94CA1569688A 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll
2015-03-11 09:49:24 01D9C9A70323BC7E5835B92442DD7EC2 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll
2015-03-11 09:49:15 003C51B9FE38287BA4E0E58D3AE080BD 744960 ----a-w- C:\Windows\SysWOW64\blackbox.dll
2015-03-11 09:49:14 DCC148408770F2D55B201F8FC26438A1 988160 ----a-w- C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 09:49:12 833FCABCB5D95B1911BA6E62FC82AC04 617984 ----a-w- C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 09:49:12 5B0C6247027FCF5A2E2F150E298D2FFA 3209728 ----a-w- C:\Windows\SysWOW64\mf.dll
2015-03-11 09:49:11 B378B6A865C28CE5C1E23C35760A1199 11411968 ----a-w- C:\Windows\SysWOW64\wmp.dll
2015-03-11 09:49:09 BB73C907D1BD437B6C30F2C23BB089FC 406016 ----a-w- C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 09:49:08 74264B7F57A16D25CB581C07964D324A 1174528 ----a-w- C:\Windows\SysWOW64\crypt32.dll
2015-03-11 09:49:07 6C2D4DC5D2E271F4AE4016FD4587B0B2 3973048 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 09:49:06 2CFE69A0A8AFDA8DB9A773D728000BB7 3917760 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 09:49:05 96DB6A923DEDB58FC7CBBF5CFF73314D 1329664 ----a-w- C:\Windows\SysWOW64\quartz.dll
2015-03-11 09:49:05 2D4814D567E5A85C473228BA772A7AFB 489984 ----a-w- C:\Windows\SysWOW64\evr.dll
2015-03-11 09:49:03 C5667EE72D7364BE81516C0707FEF724 354816 ----a-w- C:\Windows\SysWOW64\mfplat.dll
2015-03-11 09:49:03 B7D2BB84C590F0AE9DA51DBB065A780E 1005056 ----a-w- C:\Windows\SysWOW64\cryptui.dll
2015-03-11 09:49:03 B54FD1991E659FD61EF1D34EC27AAECD 81408 ----a-w- C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 09:48:53 98C1191C862B44567FCF3C18BAEE859E 519680 ----a-w- C:\Windows\SysWOW64\qdvd.dll
2015-03-11 09:48:53 320A8699369C43CF53B2DB4538D17C52 504320 ----a-w- C:\Windows\SysWOW64\msscp.dll
2015-03-11 09:48:52 D5EC42139D6A6158CF188975C50B6A60 179200 ----a-w- C:\Windows\SysWOW64\wintrust.dll
2015-03-11 09:48:52 70E96EBE87A38857619671FCB9C8EC7B 265216 ----a-w- C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 09:48:52 49474B3E37969AF4B5C076F42B623AFF 143872 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 09:48:52 3BAA4BAE71460C5CEB40D5E9339A61BC 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 09:48:50 A56F4029FDCF4F817E78953CDA953E28 442880 ----a-w- C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 09:48:50 2D21189858856316D55EAD55DF4964C2 374784 ----a-w- C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 09:48:50 08FF727297A97907AADED4BA86CF44E9 50176 ----a-w- C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 09:48:49 E0AB9CA912398BE1AAD14FF7AD75C397 50688 ----a-w- C:\Windows\SysWOW64\appidapi.dll
2015-03-11 09:48:49 AF47EAA4ADDA9AA221FB7647EE22BF53 103424 ----a-w- C:\Windows\SysWOW64\mfps.dll
2015-03-11 09:48:49 A4A2EFB40015B76467F09E6DC388BC26 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll
2015-03-11 09:48:49 50B8937A81360D16A5C772302BD32CFE 195584 ----a-w- C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 09:48:49 49F4EE8DF752CFA159B99046CD1FDD2B 23040 ----a-w- C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 09:48:45 FCD5137A10C8943B34C9BE891C50159F 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 09:48:45 D3916F83AC8F2314262387A2E16C6578 4096 ----a-w- C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 09:48:45 D3916F83AC8F2314262387A2E16C6578 4096 ----a-w- C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 09:48:45 8B07DBA0D77346545C6359AC67DCB980 8192 ----a-w- C:\Windows\SysWOW64\spwmp.dll
2015-03-11 09:48:45 7C1CADCA0E674212412559B0EAD0919A 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 09:48:44 2F3CE58D8C276570EEB69C99CFBAFD58 2048 ----a-w- C:\Windows\SysWOW64\mferror.dll
2015-03-11 09:48:09 5F3628DCF926C4499BE1DC74431DFBC8 1230848 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 09:48:08 340EECB781E6C06A6171B3068DA208AD 12875264 ----a-w- C:\Windows\SysWOW64\shell32.dll
2015-03-11 09:48:06 B804EAA9E037580F96C22537C2ECB62A 171520 ----a-w- C:\Windows\SysWOW64\ubpm.dll
2015-03-11 09:48:06 84B460BB65567ED42DD605FA044DB370 828928 ----a-w- C:\Windows\SysWOW64\msctf.dll
2015-03-11 09:48:03 D5063B86DC3F85B93D02AF68099F4C9A 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll
2015-03-11 09:48:03 C7D334A01C66BF07B92D04CD7A981B7F 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 09:48:03 B06A4105DD22E91A1D922D7310803140 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 09:48:03 ACD0CA819E279E1C17BE5C8A077EF448 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll
2015-03-11 09:48:03 84974782ED5D108DA2EFAF3C6534A760 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll
2015-03-11 09:48:03 7A71DA6D6F75AB73475128F787DD8EAD 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 09:48:03 7407DDA27838C393DE67A0BDCDD044D0 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll
2015-03-11 09:48:03 69925A266D265DAD96C6FCBB861FA5CD 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll
2015-03-11 09:48:03 5E76C26CAE2810EA71C161ED9A2CF0D1 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe
2015-03-11 09:48:03 4E15E2D20AE755FDEACD96F359F732DB 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll
2015-03-11 09:48:03 30F5B3E28636009A0B194057AAE4392A 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll
2015-03-11 09:48:03 04934912B1317F2F8816208067A32B96 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll
2015-03-11 09:48:03 0485899A035E02C53014C0545D912405 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll
2015-03-11 09:47:55 FDF0B4DC83627A859D18EE439B8E5A26 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 09:47:55 B8445B89D0EA5C2575C98EA7BD180C5C 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2015-03-11 09:47:55 6108ED659B5962DE73DACB3B04D86ED3 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 09:47:55 00F39165D6D14302618C20CDD7BB213A 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 09:47:54 B35C35C55FED3DD7F995C77F63CBC29B 1311232 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2015-03-11 09:47:54 AD1BA932AC31D2BC8C9105DA59BEA6BE 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 09:47:54 AD13E719AE506AA0E0BB5D49E0D5B44A 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 09:47:54 95CB6079B3E62D4301958023C2070A48 19720192 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2015-03-11 09:47:54 8FDE1162C9DCF7B180AA702DD9EB6071 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 09:47:54 29EDBC5C381F1406A5262351E69BC87A 342696 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 09:47:53 BD838E2129623E8311720AA86C5DFBBF 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2015-03-11 09:47:53 A41C85FDB2275FA9AAA821A118807FDB 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 09:47:53 A34897A1A39316BDECCA3E61986F98F2 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 09:47:53 08B30EB9751858C1C369E8775492D732 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 09:47:52 F5F730ED126DCFBEBDB9BB629BD482C4 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 09:47:52 E868396BC5F8957A9E39BD9A28EA814D 12827648 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2015-03-11 09:47:52 BA10D970EB39913357B224F4473D535B 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 09:47:52 AC35DA94A14679E8E515A44A8CF90804 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll
2015-03-11 09:47:52 988AB676FBF4484508BA134CAAB711EB 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 09:47:52 756B4F77945C61ADBE68150D7D2EC7A6 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 09:47:52 52B4DECDC70B8758380D37EA2CDD4254 2278400 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2015-03-11 09:47:50 FC5FE9F2D140435FC95CB3EF6724EF0A 4300288 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2015-03-11 09:47:50 EA6EA6912F27F05C61D8D747517EB47E 1888256 ----a-w- C:\Windows\SysWOW64\wininet.dll
2015-03-11 09:47:50 BC9CE46C3F05CCC40F8F1EFC7E4B41C7 503296 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2015-03-11 09:47:50 B0B83B31853E15C619FDB91B64F8349A 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll
2015-03-11 09:47:50 02C0770DA3BE9231EFAF7185EE51020C 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 09:47:45 9566C8BBD2271A7962D4432A624762AD 417792 ----a-w- C:\Windows\SysWOW64\WMPhoto.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-03-16 18:07:11 8EC6A46B70EB4A1531FBB1C55B11BE6B 3072 ----a-w- C:\Windows\Sysnative\Cache.db
2015-03-11 09:49:25 F351B0E520502552734BE70AA5940784 41984 ----a-w- C:\Windows\Sysnative\lpk.dll
2015-03-11 09:49:25 1307814243F21EB129852D59B5AB37FB 372224 ----a-w- C:\Windows\Sysnative\atmfd.dll
2015-03-11 09:49:24 DB0BD8B8D68D8211CA23FBE52DACE549 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll
2015-03-11 09:49:24 85D3E918658C2766780F7DEE5F8FBE57 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll
2015-03-11 09:49:24 39A108604F51821F6F4E2001E9A1CB60 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll
2015-03-11 09:49:15 DF6104DCED89E13A78BA5539CEF5100A 1202176 ----a-w- C:\Windows\Sysnative\drmv2clt.dll
2015-03-11 09:49:15 A53A63831185FF5339E76221BE45E6B9 842240 ----a-w- C:\Windows\Sysnative\blackbox.dll
2015-03-11 09:49:13 BD311BB00DD0D656C091AC8888C2369D 14632960 ----a-w- C:\Windows\Sysnative\wmp.dll
2015-03-11 09:49:12 7F4D59E70DD6E757E96B40570B498D5C 782848 ----a-w- C:\Windows\Sysnative\wmdrmsdk.dll
2015-03-11 09:49:11 FDA5F186596288F0B9ECE9DC7A5AA868 5554104 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
2015-03-11 09:49:10 B2F02AB28864B6D5B5B9BEDA565D41BB 497664 ----a-w- C:\Windows\Sysnative\drmmgrtn.dll
2015-03-11 09:49:10 3FECBED0EACABD22E024EF4E50CF987B 1480192 ----a-w- C:\Windows\Sysnative\crypt32.dll
2015-03-11 09:49:08 8DFDB70E3E56C2F1AE09CB3C03E266E5 1574400 ----a-w- C:\Windows\Sysnative\quartz.dll
2015-03-11 09:49:07 5FFEE6CA63E27CBA1F32002743E58F3C 631808 ----a-w- C:\Windows\Sysnative\evr.dll
2015-03-11 09:49:05 6AEEC5677AD522786CED371A7BEE620C 616360 ----a-w- C:\Windows\Sysnative\winresume.efi
2015-03-11 09:49:05 410F6B1BE785F3630B4782F8E3D85A24 1069056 ----a-w- C:\Windows\Sysnative\cryptui.dll
2015-03-11 09:49:05 0BC72EA80234382701EAFC1BE0ECD7E4 432128 ----a-w- C:\Windows\Sysnative\mfplat.dll
2015-03-11 09:49:04 73D81B5B4B2655CB1B5662E770F755D5 532176 ----a-w- C:\Windows\Sysnative\winresume.exe
2015-03-11 09:49:03 DB2D62AA2DF6B1F3D690A9EC9701AA2C 188416 ----a-w- C:\Windows\Sysnative\pcasvc.dll
2015-03-11 09:49:03 94BC902494AFC9F5EBC5FBB61445D73F 82432 ----a-w- C:\Windows\Sysnative\cryptsp.dll
2015-03-11 09:49:02 F88B4A9EA1A956F09D5001D08B546228 641024 ----a-w- C:\Windows\Sysnative\msscp.dll
2015-03-11 09:49:02 29143C7827F9F2AC543E792A8C63FBB0 4121600 ----a-w- C:\Windows\Sysnative\mf.dll
2015-03-11 09:48:59 7A4064169FBA91F39DB1FDC094A18DA8 619056 ----a-w- C:\Windows\Sysnative\winload.exe
2015-03-11 09:48:56 B7E752FFD95DC61FCB7A6E70E37175E5 693176 ----a-w- C:\Windows\Sysnative\winload.efi
2015-03-11 09:48:55 AE66D26930CA536706078537CB5AC840 325632 ----a-w- C:\Windows\Sysnative\msnetobj.dll
2015-03-11 09:48:53 999A7FD4D9F8B1656F1167D94743E50A 457400 ----a-w- C:\Windows\Sysnative\ci.dll
2015-03-11 09:48:53 72D4757510FDA69D729169C00AFC211E 32256 ----a-w- C:\Windows\Sysnative\appidsvc.dll
2015-03-11 09:48:52 C0AE7ABD87254B2789C8CB34AF274A65 296448 ----a-w- C:\Windows\Sysnative\AudioSes.dll
2015-03-11 09:48:52 93C7D1C3941086162B433107D9E8BCE3 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe
2015-03-11 09:48:52 7BC64DEEFD0E6812E21DE89F0CF50A49 500224 ----a-w- C:\Windows\Sysnative\AUDIOKSE.dll
2015-03-11 09:48:52 6E974F1C384615DEB0710E44F4847351 126464 ----a-w- C:\Windows\Sysnative\audiodg.exe
2015-03-11 09:48:52 6968D02DC38757C3FBE7ED7C2F9670AA 680960 ----a-w- C:\Windows\Sysnative\audiosrv.dll
2015-03-11 09:48:52 577D0B947B49DB83E2054FA169B2ECBF 229376 ----a-w- C:\Windows\Sysnative\wintrust.dll
2015-03-11 09:48:52 483221CC1AAC288368292899E32B6B9B 503808 ----a-w- C:\Windows\Sysnative\srcore.dll
2015-03-11 09:48:52 1BE9877B199184D7657BC4CFCB7B4A99 140288 ----a-w- C:\Windows\Sysnative\cryptnet.dll
2015-03-11 09:48:51 3029D8E78E4BF18A0551E22CD4CB892C 371712 ----a-w- C:\Windows\Sysnative\qdvd.dll
2015-03-11 09:48:51 27793FE3FF2D0123896D1A01A2D222C7 37376 ----a-w- C:\Windows\Sysnative\pcadm.dll
2015-03-11 09:48:51 1CD76A83B9E8E9A5A3519B39E28354D9 187904 ----a-w- C:\Windows\Sysnative\cryptsvc.dll
2015-03-11 09:48:50 CBE684883A45E5B047DA6B4AC46C2112 55808 ----a-w- C:\Windows\Sysnative\rrinstaller.exe
2015-03-11 09:48:50 947938F265D7CB99653CDFF2B3C0468D 206848 ----a-w- C:\Windows\Sysnative\mfps.dll
2015-03-11 09:48:50 63D3C30B497347495B8EA78A38188969 112640 ----a-w- C:\Windows\Sysnative\smss.exe
2015-03-11 09:48:50 589852B65C91F574E980ABDB8205080A 146944 ----a-w- C:\Windows\Sysnative\appidpolicyconverter.exe
2015-03-11 09:48:50 3A7BC2DC99D3C5B172465E890B3C3B14 440832 ----a-w- C:\Windows\Sysnative\AudioEng.dll
2015-03-11 09:48:49 ED6BF1E1C4F40F600DFEC0CB101A1789 9728 ----a-w- C:\Windows\Sysnative\pcalua.exe
2015-03-11 09:48:49 EA285B947EE48103697CDA53D76C9EEC 17920 ----a-w- C:\Windows\Sysnative\appidcertstorecheck.exe
2015-03-11 09:48:49 C4937B9D6EF4D309A60054D4D00EE9DB 63488 ----a-w- C:\Windows\Sysnative\setbcdlocale.dll
2015-03-11 09:48:49 BE7DA70C9F4A97CCA9ED78B70BCFC9AC 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll
2015-03-11 09:48:49 A84C94CF795E08BBB99E4E145F9E81A3 11264 ----a-w- C:\Windows\Sysnative\pcawrk.exe
2015-03-11 09:48:49 84DB8EB3C184BB549ED90A842020F278 58880 ----a-w- C:\Windows\Sysnative\appidapi.dll
2015-03-11 09:48:49 56FD1BC602EE0E7949F92EE2EE327B72 284672 ----a-w- C:\Windows\Sysnative\EncDump.dll
2015-03-11 09:48:49 29088A5723C81BF75AD909AAB6A91610 50176 ----a-w- C:\Windows\Sysnative\srclient.dll
2015-03-11 09:48:49 0F79883E27BB1AFE2D9BB4656A1CEFCD 11264 ----a-w- C:\Windows\Sysnative\msmmsp.dll
2015-03-11 09:48:49 00EE5D3E16D42F25F7813ACFA10EC803 24576 ----a-w- C:\Windows\Sysnative\mfpmp.exe
2015-03-11 09:48:45 FE03B35A22C3D2714B494FC2AB32AC5B 8704 ----a-w- C:\Windows\Sysnative\pcaevts.dll
2015-03-11 09:48:45 F43B09E257121ADC501ABE9367FAA850 9728 ----a-w- C:\Windows\Sysnative\spwmp.dll
2015-03-11 09:48:45 DBCD54B841F2B216B2F0F86E18205C22 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll
2015-03-11 09:48:45 D3F1F9C784BCCDF2C880669D69FC1970 5120 ----a-w- C:\Windows\Sysnative\msdxm.ocx
2015-03-11 09:48:45 D3F1F9C784BCCDF2C880669D69FC1970 5120 ----a-w- C:\Windows\Sysnative\dxmasf.dll
2015-03-11 09:48:44 8364A0F7633414DC5C50A37295B1FAFF 2048 ----a-w- C:\Windows\Sysnative\mferror.dll
2015-03-11 09:48:44 77D49942BD5DC97723ABC8A6D2757B6E 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL
2015-03-11 09:48:27 B5CBA15C9DEDBE914D24AA1494A82DF5 3179520 ----a-w- C:\Windows\Sysnative\rdpcorets.dll
2015-03-11 09:48:27 35308B0F821CE1E8EDC2FAB96F3073F3 16384 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll
2015-03-11 09:48:27 15C3986C015EA186BCB4E6096528D656 243200 ----a-w- C:\Windows\Sysnative\rdpudd.dll
2015-03-11 09:48:10 0A4D03A4C0F908B15B8A4C48FB18F197 1424896 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll
2015-03-11 09:48:08 01F9FEB7F0C84EA1AC6A9B4D7C6B0435 14177280 ----a-w- C:\Windows\Sysnative\shell32.dll
2015-03-11 09:48:06 E88A78273D429554B6B2D2BDA945ED9B 1067520 ----a-w- C:\Windows\Sysnative\msctf.dll
2015-03-11 09:48:06 1FB81632476857E8451DDA8A456EF3CE 215552 ----a-w- C:\Windows\Sysnative\ubpm.dll
2015-03-11 09:48:04 3807605BDA83C0DA729A5219CEBB9041 341504 ----a-w- C:\Windows\Sysnative\schannel.dll
2015-03-11 09:48:03 FB95F6E11AAD62F24C2DB01E6E9D7BE7 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe
2015-03-11 09:48:03 E1404987DCD392AF9D67F6A26CE21175 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll
2015-03-11 09:48:03 DB2904A4CEBC39DF8892A613BEC71512 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll
2015-03-11 09:48:03 B6C7729936AAF8E0697F0A7DCA82CED8 31232 ----a-w- C:\Windows\Sysnative\lsass.exe
2015-03-11 09:48:03 9B644AC070576AAE701910874C241DBD 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll
2015-03-11 09:48:03 92F920EE9EAF7306B4AB8124D474AB52 22016 ----a-w- C:\Windows\Sysnative\credssp.dll
2015-03-11 09:48:03 7BC39275661EA7DEE54135AA26DF733E 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll
2015-03-11 09:48:03 65CF54B1D8CB1B085B6D8BC210E2C45F 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll
2015-03-11 09:48:03 6536829F6EA1149527728A210F493B79 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll
2015-03-11 09:48:03 54CD467B3A6DA02E9449DB7FB1830612 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll
2015-03-11 09:48:03 543553AD3E30CB261C8B436DF644F23E 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll
2015-03-11 09:48:03 473BCBFFC55C9FE33D502035322E759D 28160 ----a-w- C:\Windows\Sysnative\secur32.dll
2015-03-11 09:48:03 378B175D0F0A1C38026F280BF6C8D0C6 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll
2015-03-11 09:48:03 28CC69865D5DC458EDDCEA35F01D71DA 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll
2015-03-11 09:48:03 1DB278E5834B08F9A184F953F2D31FF7 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll
2015-03-11 09:47:56 A0DEE06D68F210CA090FD4D9A33CDC12 3204096 ----a-w- C:\Windows\Sysnative\win32k.sys
2015-03-11 09:47:55 2CA6A98547E799812489E5ADF2774D97 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2015-03-11 09:47:55 289581F0FDA6B93A0FAFE979486AD6FA 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2015-03-11 09:47:55 08892A4ED848386E6B901723C1EF611B 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2015-03-11 09:47:54 D3EA5B5E606EF17804B5BF565BEAD937 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-03-11 09:47:54 D2BF72C0A9E26BE91C1DEEACF7C430E0 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll
2015-03-11 09:47:54 7FA2B43D940DF41E46B8049B59AB6639 718848 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2015-03-11 09:47:53 585B29EFB4954902FD53C4F8F9A0D39F 389800 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2015-03-11 09:47:53 501A38B72FA264605123B4FACF53F057 1548288 ----a-w- C:\Windows\Sysnative\urlmon.dll
2015-03-11 09:47:52 F5E5E96E188934BAB22C0916C91F46B3 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2015-03-11 09:47:52 80B3AD73027A2CCD42C47EBF5C89124F 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2015-03-11 09:47:52 5443F21A33DB376734DBE47F7635542C 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2015-03-11 09:47:52 132862B0FC4A1B7CB45C274DE169DBB2 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-03-11 09:47:51 D0767EA3A59FA70C7ACF59EE0C8CD42A 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll
2015-03-11 09:47:51 9E9B757A677927110393A505822D9174 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2015-03-11 09:47:51 22C4867C690C38B18B2C1A0B072CD0C4 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2015-03-11 09:47:50 A1264D16AF506125C974775C833A063C 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2015-03-11 09:47:50 62269DEFF17AB006217330A24EA8577B 2886144 ----a-w- C:\Windows\Sysnative\iertutil.dll
2015-03-11 09:47:50 1EC0BF321D3B14D02B9A8BAC134570F4 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2015-03-11 09:47:49 FB8C4EE9889790466A0174923410649E 633856 ----a-w- C:\Windows\Sysnative\ieui.dll
2015-03-11 09:47:49 76B53D2150284E138B46410EA54967FA 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2015-03-11 09:47:49 2335F6BF8A127E31EB0E2D9A82F188A0 14398976 ----a-w- C:\Windows\Sysnative\ieframe.dll
2015-03-11 09:47:48 D373113A84C12BA7F07CE1E9CAF4747F 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2015-03-11 09:47:48 A9190899A35431CF8ABBEF5E1BB0C8F9 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2015-03-11 09:47:48 4870B24EA7D4EEF5E1C4675AC47796B8 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2015-03-11 09:47:48 40DF85D8B2B0171EF5F23AA1B5CD9A62 6035456 ----a-w- C:\Windows\Sysnative\jscript9.dll
2015-03-11 09:47:47 687E11F36832BFF65EF0CD2FA3DB1966 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll
2015-03-11 09:47:47 667229C8F194D619D12F05943D7F61F0 199680 ----a-w- C:\Windows\Sysnative\msrating.dll
2015-03-11 09:47:47 36F99BD8A0F09BDBB7850A138845A014 2358784 ----a-w- C:\Windows\Sysnative\wininet.dll
2015-03-11 09:47:47 1C393E42928BF55B3796E732B678CD5B 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2015-03-11 09:47:46 1193400D8E29A5A010135FB09A4EB1E8 25021440 ----a-w- C:\Windows\Sysnative\mshtml.dll
2015-03-11 09:47:45 CBA2694BFC61F371181F2BE2BCD66C40 465920 ----a-w- C:\Windows\Sysnative\WMPhoto.dll
====== C:\Windows\Sysnative\drivers =====
2015-03-18 11:43:37 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2015-03-18 11:42:39 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys
2015-03-18 11:42:39 A646C2DDB8C46E9B20A326FAF566646C 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys
2015-03-18 11:42:39 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys
2015-03-15 11:42:56 3B9549FEF98AB1768A1D6A919F355B70 261056 ----a-w- C:\Windows\Sysnative\drivers\avchv.sys
2015-03-11 09:49:09 ED6E75158D28D33A2E2A020AC5B2B59D 663552 ----a-w- C:\Windows\Sysnative\drivers\PEAuth.sys
2015-03-11 09:49:03 87BCD1034CBF33537D4D4C251D39BA26 94656 ----a-w- C:\Windows\Sysnative\drivers\mountmgr.sys
2015-03-11 09:48:52 90C53BD47979FB8814F465A08B885102 61440 ----a-w- C:\Windows\Sysnative\drivers\appid.sys
2015-03-11 09:48:04 27667A788130A7F7A5858DE27572E6D7 459336 ----a-w- C:\Windows\Sysnative\drivers\cng.sys
2015-03-11 09:48:03 8BA90F480705D7153AD0060CCA62222A 155576 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-03-11 09:48:03 56ED3EE5FED6BF2FC1305CF872042868 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
====== C:\Windows\Tasks ======
2015-03-14 10:47:31 AF48F7A5AF52A9AAC06FFD76723D58DD 4966 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft Office 15 Sync Maintenance for ADMIN-Ανδρέας admin
2015-03-12 19:38:00 -------- d-----w- C:\Windows\Sysnative\Tasks\Safer-Networking
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-03-07 20:03:40 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2015-02-27 17:19:11 -------- d-----w- C:\Program Files\iPod
2015-02-27 17:19:10 -------- d-----w- C:\Program Files\iTunes
2015-02-26 07:52:38 -------- d-----w- C:\Program Files\WinZip
======= C:\PROGRA~2 =====
2015-03-15 20:11:03 -------- d-----w- C:\PROGRA~2\AVG
2015-03-08 20:34:35 -------- d-----w- C:\PROGRA~2\ImageShack Uploader
2015-03-02 17:27:12 -------- d-----w- C:\PROGRA~2\COMMON~1\Macrovision Shared
======= C: =====
====== C:\Users\D5E7~1\AppData ======
2015-03-18 17:01:07 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2015-03-18 17:01:07 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2015-03-18 17:01:07 -------- d-----w- C:\Users\Default\AppData\Local\Temp
2015-03-18 17:01:07 -------- d-----w- C:\Users\Default User\AppData\Local\Temp
2015-03-16 05:22:18 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg
2015-03-16 05:20:25 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg
2015-03-15 11:48:15 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\QuickScan
2015-03-12 19:40:28 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Programs
====== C:\Users\D5E7~1 ======
2015-03-18 17:05:05 -------- d-----w- C:\ProgramData\IDM
2015-03-16 05:18:25 -------- d-----w- C:\ProgramData\AVG
2015-03-15 19:49:11 20C57528F871407BE32510A381F4D19B 110033 ----a-w- C:\ProgramData\1426448826.bdinstall.bin
2015-03-15 14:52:14 3F16D40238E522430252F0E5AC1F7FAA 97892 ----a-w- C:\ProgramData\1426430219.bdinstall.bin
2015-03-15 14:36:59 A412534258711ED62F2F228BCDCC7B2C 37823 ----a-w- C:\ProgramData\1426430215.bdinstall.bin
2015-03-15 14:34:14 BEB9E18A058027F6447511719C7E59E2 202594 ----a-w- C:\ProgramData\1426419554.bdinstall.bin
2015-03-10 17:01:28 -------- d-----w- C:\Users\Public\Documents\Templates
2015-03-10 17:01:28 -------- d-----w- C:\Users\Public\Documents\Songs
2015-03-08 20:34:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageShack Uploader
2015-02-27 17:20:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-27 17:19:10 -------- d-----w- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-26 07:52:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-02-16 17:48:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VOWSoft iPod Software

====== C: exe-files ==
2015-03-16 06:16:30 BAF9C9651135DE75D519FB902954A7B6 7616144 ----a-w- C:\Documents and Settings\Ανδρέας\AppData\Local\ChessBase\Updates\Reader12.exe
2015-03-13 00:30:28 7DF547F2E361A6ADC8DFAF9544C6A283 10033232 ----a-w- C:\Documents and Settings\Ανδρέας\AppData\Local\Google\Update\Install\{EB52F879-31D1-4E57-959A-0757880DBB2C}\41.0.2272.89_40.0.2214.115_chrome_updater.exe
2015-03-13 00:30:28 7DF547F2E361A6ADC8DFAF9544C6A283 10033232 ----a-w- C:\Documents and Settings\Ανδρέας\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\41.0.2272.89\41.0.2272.89_40.0.2214.115_chrome_updater.exe
=== C: other files ==

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{F04D2D30-776C-4d02-8627-8E4385ECA58D}"="C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn" [18/03/2015 19:18]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"mozilla_cc@internetdownloadmanager.com"="C:\Users\€¤›¨β\AppData\Roaming\IDM\idmmzcc5" [26/09/2014 18:30]

==== Firefox Extensions ======================

ProfilePath: C:\Users\D5E7~1\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default
- Undetermined - C:\Users\ΑνδΟΞ­Ξ±Ο‚\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
- Undetermined - C:\Users\ΑνδΟΞ­Ξ±Ο‚\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com
- Undetermined - C:\Users\ΑνδΟΞ­Ξ±Ο‚\AppData\Roaming\Mozilla\Firefox\Profiles\bou2ojr2.default\extensions\{35D85EC0-7688-5B01-DE09-5CC22DA897FF}
- Anaglyph Class - %ProfilePath%\extensions\{35D85EC0-7688-5B01-DE09-5CC22DA897FF}
- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
iikflkcanblccfahdhdonehdalibjnif - No path found[]
jeaohhlajejodfjadcponpnjgkiikocn - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx[04/06/2014 07:39]
jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[]
nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\Exts\Chrome.crx[31/07/2014 07:47]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_elGR628"
{DB6EB4DB-4BD7-41B2-91E8-665A5D8C6B47} Google  Url="https://www.google.com/search?q={searchTerms}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=502 folders=128 180663113 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================



#14 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:47 AM

Posted 18 March 2015 - 01:13 PM

I have uninstalled all antivirus prog.


Why? :)

Let's do a final check up:

Step 1


Don't remove on your own anything that Hitman Pro detects!
This scanner, as it is a really good for checking, has been known for deleting files instead of curing them, which in some cases may render the machine unbootable.
Any removals will be done manually after careful analysis of the scan results!


Please download hitmanpro_32.pngHitmanPro 32-bit / HitmanPro 64-bit by SurfRight and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
  • Right-click onhitmanpro.pngicon and select admin.PNGRun as Administrator to start the tool.
  • If the program won't run please run it while holding down the left CTRL key until it's loaded!
  • Click on the Next button (1). You must agree with the terms of EULA (2 - if asked).
  • Check the box beside "No, I only want to perform a one-time scan to check this computer" and click on the Next button. (3)
  • The program will start to scan the computer. It would only take several minutes.
  • When the scan is done click on Save Log (4) and close HitmanPro! (5)
  • Copy and paste the content of the log file in your next reply.
hitman.gif


Step 2

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:
settings.png
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.
esetlog.png
Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#15 ankarage

ankarage
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:47 AM

Posted 19 March 2015 - 01:16 AM

I send you HITMAN and ESET files.ESET scan results additionally.


HitmanPro

HitmanPro_20150318_2043

HitmanPro 3.7.9.238
www.hitmanpro.com

   Computer name . . . . : ADMIN
   Windows . . . . . . . : 6.1.1.7601.X64/2
   User name . . . . . . : ADMIN\Ανδρέας
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2015-03-18 20:34:34
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 8m 27s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 1
   Traces  . . . . . . . : 51

   Objects scanned . . . : 3.234.363
   Files scanned . . . . : 98.168
   Remnants scanned  . . : 1.270.478 files / 1.865.717 keys

Malware _____________________________________________________________________

   C:\FRST\Quarantine\C\ProgramData\Microsoft\Security\Client\temp\tmpB37.exe
      Size . . . . . . . : 208.896 bytes
      Age  . . . . . . . : 1.1 days (2015-03-17 19:10:32)
      Entropy  . . . . . : 5.5
      SHA-256  . . . . . : DE99D92A0B39493D8785C813C13AF3E3B36F2706E5B9C610B3343F7A1CBC7DA8
      Product  . . . . . : Blow Castle
      Publisher  . . . . : Blow Castle
      Description  . . . : Blow Castle
      Version  . . . . . : 6.01.0007
      LanguageID . . . . : 1046
    > Bitdefender  . . . : Gen:Variant.Kazy.577487
    > Kaspersky  . . . . : Trojan-Spy.Win32.Zbot.sboz
      Fuzzy  . . . . . . : 102.0
      Forensic Cluster
         -0.9s C:\FRST\Quarantine\C\ProgramData\Microsoft\Security\Client\temp\tmpB37.tmp
         -0.9s C:\FRST\Quarantine\C\ProgramData\Microsoft\Security\Client\temp\tmpB37.tmp
          0.0s C:\FRST\Quarantine\C\ProgramData\Microsoft\Security\Client\temp\tmpB37.exe


Suspicious files ____________________________________________________________

   C:\FRST\Logs\FRST64.exe
      Size . . . . . . . : 2.095.616 bytes
      Age  . . . . . . . : 0.3 days (2015-03-18 13:39:34)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 72AAB1C62CF0BC00F5B102954B603D1509B2AF5F0BD1911E9CAE98C4DDE2D152
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      References
         HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\FRST\Logs\FRST64.exe
      Forensic Cluster
          0.0s C:\FRST\Logs\FRST64.exe
          8.8s C:\FRST\Logs\ct
          8.8s C:\FRST\Logs\Fixlog.txt
          8.8s C:\FRST\Logs\Fixlog.txt
         27.8s C:\FRST\Logs\Fixlog_18-03-2015_13-40-02.txt
         31.3s C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Recent\Fixlog.txt.lnk

   C:\FRST\Logs\New folder\FRST64.exe
      Size . . . . . . . : 2.095.616 bytes
      Age  . . . . . . . : 0.2 days (2015-03-18 16:08:53)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 72AAB1C62CF0BC00F5B102954B603D1509B2AF5F0BD1911E9CAE98C4DDE2D152
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      References
         HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\FRST\Logs\New folder\FRST64.exe

   C:\Windows\system32\auto_reactivate.exe
      Size . . . . . . . : 3.600.856 bytes
      Age  . . . . . . . : 1097.1 days (2012-03-16 18:36:31)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : 5AA75C51145242095E240A844369DA24DBBC53D2650FCD518C61AAB96DA2ABAE
      Product  . . . . . : Acronis AutoReactivate
      Publisher  . . . . : Acronis
      Description  . . . : AutoReactivate
      Version  . . . . . : 17,0,0,6614
      Copyright  . . . . : Copyright (C) 2000-2013 Acronis
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Invalid
      Fuzzy  . . . . . . : 22.0
         Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
         The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.


Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Classes\AppID\secman.DLL\ (Babylon)
   HKLM\SOFTWARE\Classes\Interface\{34A117AD-7F43-4859-BF97-ADC46488953F}\ (TelevisionFanatic)
   HKLM\SOFTWARE\Classes\Interface\{AA8714C4-294D-47FB-BCE0-BC12445CFBD4}\ (TelevisionFanatic)
   HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager\ (Babylon)
   HKLM\SOFTWARE\Classes\Wow6432Node\AppID\secman.DLL\ (Babylon)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}\ (DomalQ)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}\ (DomalQ)
   HKU\S-1-5-21-3641372981-3819987845-3030416424-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0},\ (SearchQU)

Cookies _____________________________________________________________________

   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\1CC6BWZU.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\24ISYK90.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\3LW1T757.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\3YGWN1C8.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\50X244VO.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\5TSAYT2L.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\6EW6LHG9.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\6WR7B1MM.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\7AJKWIP4.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\83W7ZZLF.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\8FM3LTBC.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\8ZMY9H0V.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\DFECSX45.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\DMT3JD8C.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\ENJBBMPJ.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\G2L4KSAH.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\IAL2CGR3.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\JWRIQ2TM.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\K1FS4X6K.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\K6WQHNJ0.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\KSRD5BM8.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\MKLH46W4.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\MXR7R9N9.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\N5YXPNRA.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\NJMCN7TU.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\OAOLD6KP.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\P2NDE096.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\PBWLWAS2.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\REQGK641.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\SE8CG4V5.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\UNDC0H5V.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\VSX1N3C6.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\XT8XP3UD.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\Y83PCXO3.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\YD0EOT1H.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\ZECG1UUU.txt
   C:\Users\Ανδρέας\AppData\Roaming\Microsoft\Windows\Cookies\ZO41YUHS.txt


ESETSmartInstaller
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d5b0d1e63b750142ae3b9715b6910ca5
# engine=22968
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-03-19 05:01:59
# local_time=2015-03-19 07:01:59 (+0200, GTB Standard Time)
# country="Greece"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 41412 178371169 0 0
# scanned=992277
# found=16
# cleaned=0
# scan_time=36510
sh=D7F1943993E0BB3869B4147BC5CC411A42CDC65F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\Documents and Settings\Ανδρέας\AppData\Local\Mozilla\Firefox\Profiles\bou2ojr2.default\cache2\entries\5BA18CA6C8FAD31C89D2F693F4A5026C4E3799CA"
sh=6AFD25B3B3E176FEF8FD3EFB3E832D1A252C1A30 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Downloads\SopCast-3.2.9.zip"
sh=5A6F667A3E90449DC22D7B42931B3F056C1D9D30 ft=1 fh=c71c0011d7a72305 vn="a variant of Win64/Sathurbot.A trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Microsoft\Security\Client\SecurityHelper.d"
sh=0A0772004177AC2F1A5DFE8810E634C8EBF29DD1 ft=1 fh=505970c45b5f94e2 vn="Win32/Boaxxe.CV trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Microsoft\Security\Client\temp\tmpB37.exe"
sh=D7F1943993E0BB3869B4147BC5CC411A42CDC65F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\Users\Ανδρέας\AppData\Local\Mozilla\Firefox\Profiles\bou2ojr2.default\cache2\entries\5BA18CA6C8FAD31C89D2F693F4A5026C4E3799CA"
sh=B6C45530FB13D657CC052C4C6F27C12E9FBBC46B ft=0 fh=0000000000000000 vn="a variant of Win32/Systweak.L potentially unwanted application" ac=I fn="C:\Windows\Installer\eca59.msi"
sh=757BAB762C03CE09F527F6A15EC3E30B01CAEB4C ft=0 fh=0000000000000000 vn="a variant of Win32/Keygen.AC potentially unsafe application" ac=I fn="D:\downloads\Roxio Creator NXT Pro With Key {Ironhiderocklife}.iso"
sh=183AD1DFC9940ADCA2E578BD48BBE3B55604CDBA ft=1 fh=469841cdea349f81 vn="a variant of Win32/Adware.ErrorRepair application" ac=I fn="D:\downloads\setup.exe"
sh=E8BC7E20E0D8AFBEE2B696DBF6EC02F2ABD8AE5B ft=0 fh=0000000000000000 vn="a variant of Win32/Injector.Autoit.FP trojan" ac=I fn="D:\downloads\Microsoft Office 2013-2010 KMSnano v25 Activator by Toni\Microsoft Office 2013-2010 KMSnano v25 Activator by Toni.rar"
sh=ED0DCBC6BD51CE6DC334048DD8A1F3B7D1425886 ft=0 fh=0000000000000000 vn="a variant of Win32/Systweak.L potentially unwanted application" ac=I fn="D:\downloads\WinZip Pro 17.5 Build 10480 Final MultiLanguage (32 - 64 bit) Incl Keygen - SceneDL (PimpRG)\32 bit\winzip175-32.msi"
sh=1D3D7509250F52D6444548E6A121E008AFCCC08C ft=0 fh=0000000000000000 vn="a variant of Win32/Systweak.L potentially unwanted application" ac=I fn="D:\downloads\WinZip Pro 17.5 Build 10480 Final MultiLanguage (32 - 64 bit) Incl Keygen - SceneDL (PimpRG)\64 bit\winzip175-64.msi"
sh=61A8D9C62735A4FDECBE6F6959DCF8E7F7B3384E ft=0 fh=0000000000000000 vn="a variant of Win32/Systweak.L potentially unwanted application" ac=I fn="D:\downloads\WinZip Pro 18.0 Build 11023 Final [x86x64] - MG\winzip180-32.msi"
sh=AD3E1B178659BB626319667FEC5323FAFCC9C607 ft=0 fh=0000000000000000 vn="a variant of Win32/Systweak.L potentially unwanted application" ac=I fn="D:\downloads\WinZip Pro 18.0 Build 11023 Final [x86x64] - MG\winzip180-64.msi"
sh=02C5D342DC4015E88D571C67CAA3349FED154783 ft=0 fh=0000000000000000 vn="a variant of Win32/Systweak.L potentially unwanted application" ac=I fn="D:\downloads\WinZip Pro 19.0 Build 11293 (x86+x64) + Key\WinZip Pro 19.0 Build 11293 (x64) + Key.tgz"
sh=2431F53698FC94895C907EA4E1F6639D2B833999 ft=0 fh=0000000000000000 vn="a variant of Win32/Systweak.L potentially unwanted application" ac=I fn="D:\downloads\WinZip Pro 19.0 Build 11293 (x86+x64) + Key\WinZip Pro 19.0 Build 11293 (x86)+ Key.tgz"
sh=B6C45530FB13D657CC052C4C6F27C12E9FBBC46B ft=0 fh=0000000000000000 vn="a variant of Win32/Systweak.L potentially unwanted application" ac=I fn="D:\downloads\WinZip Pro 19.0 Build 11293 (x86+x64) + Key\WinZip Pro 19.0 Build 11293 (x64) + Key\winzip190-64.msi"


ESET SCAN RESULTS
C:\Documents and Settings\ÁíäñÝáò\AppData\Local\Mozilla\Firefox\Profiles\bou2ojr2.default\cache2\entries\5BA18CA6C8FAD31C89D2F693F4A5026C4E3799CA JS/Toolbar.Crossrider.B potentially unwanted application
C:\Downloads\SopCast-3.2.9.zip a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\FRST\Quarantine\C\ProgramData\Microsoft\Security\Client\SecurityHelper.d a variant of Win64/Sathurbot.A trojan
C:\FRST\Quarantine\C\ProgramData\Microsoft\Security\Client\temp\tmpB37.exe Win32/Boaxxe.CV trojan
C:\Users\ÁíäñÝáò\AppData\Local\Mozilla\Firefox\Profiles\bou2ojr2.default\cache2\entries\5BA18CA6C8FAD31C89D2F693F4A5026C4E3799CA JS/Toolbar.Crossrider.B potentially unwanted application
C:\Windows\Installer\eca59.msi a variant of Win32/Systweak.L potentially unwanted application
D:\downloads\Roxio Creator NXT Pro With Key {Ironhiderocklife}.iso a variant of Win32/Keygen.AC potentially unsafe application
D:\downloads\setup.exe a variant of Win32/Adware.ErrorRepair application
D:\downloads\Microsoft Office 2013-2010 KMSnano v25 Activator by Toni\Microsoft Office 2013-2010 KMSnano v25 Activator by Toni.rar a variant of Win32/Injector.Autoit.FP trojan
D:\downloads\WinZip Pro 17.5 Build 10480 Final MultiLanguage (32 - 64 bit) Incl Keygen - SceneDL (PimpRG)\32 bit\winzip175-32.msi a variant of Win32/Systweak.L potentially unwanted application
D:\downloads\WinZip Pro 17.5 Build 10480 Final MultiLanguage (32 - 64 bit) Incl Keygen - SceneDL (PimpRG)\64 bit\winzip175-64.msi a variant of Win32/Systweak.L potentially unwanted application
D:\downloads\WinZip Pro 18.0 Build 11023 Final [x86x64] - MG\winzip180-32.msi a variant of Win32/Systweak.L potentially unwanted application
D:\downloads\WinZip Pro 18.0 Build 11023 Final [x86x64] - MG\winzip180-64.msi a variant of Win32/Systweak.L potentially unwanted application
D:\downloads\WinZip Pro 19.0 Build 11293 (x86+x64) + Key\WinZip Pro 19.0 Build 11293 (x64) + Key.tgz a variant of Win32/Systweak.L potentially unwanted application
D:\downloads\WinZip Pro 19.0 Build 11293 (x86+x64) + Key\WinZip Pro 19.0 Build 11293 (x86)+ Key.tgz a variant of Win32/Systweak.L potentially unwanted application
D:\downloads\WinZip Pro 19.0 Build 11293 (x86+x64) + Key\WinZip Pro 19.0 Build 11293 (x64) + Key\winzip190-64.msi a variant of Win32/Systweak.L potentially unwanted application


Edited by ankarage, 19 March 2015 - 02:18 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users