Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

broswer redirects me to https://search.yahoo.com/?type=__default


  • This topic is locked This topic is locked
16 replies to this topic

#1 demy31

demy31

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:08 PM

Posted 22 September 2015 - 04:33 PM

hello,

for the past few days all my browsers( monzilla, chrome, explorer) keep directing me to a yahoo search page. what  caught my attention was that the "https" had a red X on it. I kept looking for solutions on google but unfortunately , none of them had any success.  i installed dozens of malware programms, which had no effect. 

thank you for your time.



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:08 PM

Posted 23 September 2015 - 04:01 AM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 demy31

demy31
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:08 PM

Posted 23 September 2015 - 02:37 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version:23-09-2015
Ran by MVergo (2015-09-23 22:35:09)
Running from C:\Users\MVergo\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-08-30 22:48:32)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3415790977-1989096255-3140653802-500 - Administrator - Disabled)
Guest (S-1-5-21-3415790977-1989096255-3140653802-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3415790977-1989096255-3140653802-1003 - Limited - Enabled)
MVergo (S-1-5-21-3415790977-1989096255-3140653802-1001 - Administrator - Enabled) => C:\Users\MVergo
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
«The Witcher 2»  3.4 (HKLM-x32\...\The Witcher 2 - Assassins of Kings - Enhanced Edition_is1) (Version: 3.4 - CD Project RED)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
AC2 server emulator 0.44 by Dormine (HKLM-x32\...\{675DD1E6-637A-4F0E-B6DE-26F45CC26092}_is1) (Version:  - bjamikel)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
AMD Catalyst Install Manager (HKLM\...\{8DF1EF50-AEB6-902C-F68C-4683C45784E6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft)
ATI AVIVO64 Codecs (Version: 11.6.0.10104 - ATI Technologies Inc.) Hidden
AVI ReComp 1.5.6 (HKLM-x32\...\AVI ReComp) (Version: 1.5.6 - Mateusz Gola (aka Prozac))
AviSynth 2.5 (HKLM-x32\...\Avisynth) (Version:  - )
AVS Screen Capture version 2.0.1 (HKLM-x32\...\AVS Screen Capture_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Editor 6 (HKLM-x32\...\AVS Video Editor_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Recorder 2.5 (HKLM-x32\...\AVS Video Recorder_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
BitZipper 2013 (HKLM-x32\...\BitZipper_is1) (Version: 2013.12.10.17 - Bitberry Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Child of Light, версия 1.0 (HKLM-x32\...\{8BB9584B-12AE-4555-9923-605E79A5500F}_is1) (Version: 1.0 - XLASER)
ConvertXtoDVD 4.1.19.365 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - THQ)
Dawn of War - Dark Crusade (HKLM-x32\...\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}) (Version: 1.00.0000 - THQ)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Stage (HKLM-x32\...\{E2EBA7C0-8072-447F-856D-FFEE8D15B23B}) (Version: 1.5.201.0 - Fingertapps)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Doxillion Document Converter (HKLM-x32\...\Doxillion) (Version:  - NCH Software)
Dragon Age II (HKLM-x32\...\{F2E23139-3404-4E3C-9855-7724415D62A5}) (Version: 1.02 - Electronic Arts, Inc.)
Driver Genius Professional Edition (HKLM-x32\...\Driver Genius Professional Edition_is1) (Version: 10.0 - Driver-Soft Inc.)
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version:  - NCH Software)
Fable III (HKLM-x32\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)
Fable III (x32 Version: 1.0.0000.131 - Microsoft Game Studios) Hidden
Fable III (x32 Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
File Type Assistant (HKLM-x32\...\Trusted Software Assistant_is1) (Version: 2014.5.6.0 - ) <==== ATTENTION
FinalTorrent 2011 (HKLM-x32\...\FinalTorrent_is1) (Version:  - Bitberry Software)
Free YouTube Downloader 3.3.120 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version:  - HOW Inc.)
GadgetBox (HKLM\...\{ACE9FB2A-31A5-4285-9510-43F1636EAB21}) (Version: 1.0 - GadgetBox) <==== ATTENTION
GameShadow (HKLM-x32\...\{F7C1C17E-70E3-475F-BD52-EA554391F15D}) (Version: 2.01.0000 - GameShadow Ltd)
GBox (HKLM\...\GBox) (Version: 1.0 - Premium)
Glary Utilities 5.32 (HKLM-x32\...\Glary Utilities 5) (Version: 5.32.0.52 - Glarysoft Ltd)
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Google Chrome (HKU\S-1-5-21-3415790977-1989096255-3140653802-1001\...\Google Chrome) (Version: 45.0.2454.99 - Google Inc.)
HandBrake 0.9.3 (HKLM-x32\...\HandBrake) (Version: 0.9.3 - HandBrake)
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.245 - SurfRight B.V.)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
Lame ACM MP3 Codec (HKLM-x32\...\LameACM) (Version:  - )
Malwarebytes Anti-Malware έκδοση 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MediaGet (HKU\S-1-5-21-3415790977-1989096255-3140653802-1001\...\MediaGet) (Version: 2.01.3271 - Banner LLC)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.3205.0) (Version: 4.0.3205.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{F9EC30D1-F688-4708-9850-CB5120074AAA}) (Version: 4.0.3205.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Middle Earth - Shadow of Mordor (HKLM-x32\...\Middle Earth - Shadow of Mordor_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Mozilla Firefox 17.0.1 (x86 el) (HKLM-x32\...\Mozilla Firefox 17.0.1 (x86 el)) (Version: 17.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 17.0.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{3e79d051-6515-45d0-a9eb-d0e64c88a9fa}) (Version:  - Nero AG)
Nero BackItUp & Burn Essentials (HKLM-x32\...\{d6f3ab04-e389-4c2c-9253-37bb1e15b9d3}) (Version:  - Nero AG)
Nero BackItUp (HKLM-x32\...\{0420F95C-11FF-4E02-B967-6CC22B188F9F}) (Version: 5.2.29000 - Nero AG)
Nero BackItUp and Burn (HKLM-x32\...\{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}) (Version: 1.2.0040 - Nero AG)
Nero Burning ROM 11 (HKLM-x32\...\{E656D89A-8CBB-497F-918F-8361A4071C26}) (Version: 11.0.10400 - Nero AG)
Nero BurnRights (HKLM-x32\...\{397516AE-7DFE-4F90-84E0-BD616D559434}) (Version: 3.6.26001 - Nero AG)
Nero Express (HKLM-x32\...\{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}) (Version: 9.6.17000 - Nero AG)
Nero OEM (HKLM-x32\...\Nero - Burning Rom!UninstallKey) (Version:  - )
NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
NETGEAR WNA1100 wireless USB 2.0 driver (HKLM-x32\...\{F1D34C1C-9C2A-4932-BE14-7B641A4D53E9}) (Version: 1.0.0.0 - NETGEAR)
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.1.1 - Nexon)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
Oblivion - Horse Armor Pack (HKLM-x32\...\{3ABEBD00-299D-4DCA-967F-B912163AB5EA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Knights of the Nine (HKLM-x32\...\{14C87AA7-08E6-419F-A165-998EBE5023D7}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Mehrunes Razor (HKLM-x32\...\{EF295F5C-7B57-47AA-8889-6B3E8E214E89}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Orrery (HKLM-x32\...\{EC425CFC-EE78-4A91-AA25-3BFA65B75364}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Spell Tomes (HKLM-x32\...\{16D919E6-F019-4E15-BFBE-4A85EF19DA57}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Thieves Den (HKLM-x32\...\{FFFFFD17-B460-41EB-93F1-C48ABAD63828}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Vile Lair (HKLM-x32\...\{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Wizard's Tower (HKLM-x32\...\{2F2E3D62-8B8C-448F-8900-451325E50948}) (Version: 1.00.0000 - Bethesda Softworks)
OneNote Word Count (HKLM-x32\...\{878960F6-4636-42EB-B755-6BCC24FD781B}) (Version: 1.0.0 - Microsoft)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenMG Limited Patch 4.7-07-14-05-01 (HKLM-x32\...\OpenMG HotFix4.7-07-13-22-01) (Version:  - )
OpenMG Secure Module 4.7.00 (HKLM-x32\...\InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation)
OpenMG Secure Module 4.7.00 (x32 Version: 4.7.00.12140 - Sony Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.8 - PowerISO Computing, Inc.)
Pro Evolution Soccer 2010 (HKLM-x32\...\{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}) (Version: 1.00.0000 - KONAMI)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5977 - Realtek Semiconductor Corp.)
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
SonicStage 4.3 (HKLM-x32\...\{A0EB195B-5876-48E6-879D-33D4B2102610}) (Version: 4.3 - Sony Corporation)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.11.201309191111 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.259 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.259 - Sony)
Star Wars Jedi Knight Jedi Academy (HKLM-x32\...\{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
The Battle for Middle-earth ™ (HKLM-x32\...\{962E05CF-3394-496D-0091-850CF1762F6B}) (Version:  - )
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.5.0.77 - KMP Media co., Ltd)
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The SIMS 4 version The SIMS 4 (HKLM-x32\...\The SIMS 4_is1) (Version: The SIMS 4 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3415790977-1989096255-3140653802-1001\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Viber (HKU\S-1-5-21-3415790977-1989096255-3140653802-1001\...\Viber) (Version: 5.2.0.2546 - Viber Media Inc)
Video Download Capture version 4.9.3 (HKLM-x32\...\{3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1) (Version: 4.9.3 - APOWERSOFT LIMITED)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
VobSub 2.23 (HKLM-x32\...\VobSub) (Version: 2.23 - Gabest)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.1.0.12 - VSO Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
WinZip (HKLM-x32\...\WinZip) (Version:  9.0  (6028) - WinZip Computing, Inc.)
WinZip 16.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}) (Version: 16.5.10095 - WinZip Computing, S.L. )
WxDFast (HKLM\...\WxDFast) (Version: 1.0 - Premium)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.17.116 - Zemana Ltd.)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Υποστήριξη εφαρμογών Apple (32 bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Υποστήριξη εφαρμογών Apple (64 bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3415790977-1989096255-3140653802-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\MVergo\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3415790977-1989096255-3140653802-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\MVergo\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3415790977-1989096255-3140653802-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\MVergo\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3415790977-1989096255-3140653802-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\MVergo\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
 
==================== Restore Points =========================
 
13-09-2015 19:00:14 Πρόγραμμα αντιγράφων ασφαλείας των Windows
15-09-2015 18:24:07 Windows Update
16-09-2015 14:59:14 Λειτουργία επαναφοράς
16-09-2015 15:18:41 Windows Update
20-09-2015 19:00:12 Πρόγραμμα αντιγράφων ασφαλείας των Windows
21-09-2015 13:36:33 Chrome Cleanup Tool
22-09-2015 21:41:27 Windows Update
22-09-2015 23:29:30 Checkpoint by HitmanPro
22-09-2015 23:30:06 Zemana AntiMalware 22/9/2015 11:30:06 μμ
22-09-2015 23:30:43 Checkpoint by HitmanPro
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-09-21 18:06 - 2015-09-21 18:06 - 00000000 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {00A12BDA-28D3-4512-BF48-8B94BE3549BF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {035D5A40-7325-453B-9295-7776C4FE5F18} - System32\Tasks\{ACAA3709-6727-4D7B-BC27-386E2E601CC8} => pcalua.exe -a "C:\Users\MVergo\Downloads\PC » SPLINTER CELL CONVICTION Full Game directplay by globe@\setup.exe" -d "C:\Users\MVergo\Downloads\PC » SPLINTER CELL CONVICTION Full Game directplay by globe@"
Task: {048340D1-AE99-474A-A67D-4C03D3C205B3} - System32\Tasks\Norton Security Scan for MVergo => C:\Program Files (x86)\Norton Security Scan\Engine\3.7.2.5\Nss.exe [2012-04-03] (Symantec Corporation)
Task: {09549A67-E8ED-4848-B2C6-465D240760F7} - System32\Tasks\{946F66DD-823B-4292-BCF3-4AA94C2A4FD3} => C:\Users\MVergo\Desktop\PS games\Need For Speed Underground\Need For Speed Underground.exe
Task: {09B5D238-DC23-497C-BB81-14D01A61428A} - System32\Tasks\{CF3DA158-1193-4112-8377-2ED418B5B5F8} => C:\Program Files (x86)\Monte Cristo\7 Sins\THE7SINS_RETAIL.EXE
Task: {0F5F0FFB-8981-46BD-9B7B-B9C4B5A1BB90} - System32\Tasks\{C5899A51-9FD4-4500-80F9-DE5363B43A01} => pcalua.exe -a "C:\Users\MVergo\Downloads\shatter_red_7_v2_theme_by_x_ile2010 (1)\Shatter-red 7 v2\extra\Windows_Themes_Installer_v1_1_by_Kishan_Bagaria\Windows Theme Installer v 1.1.exe" -d "C:\Users\MVergo\Downloads\shatter_red_7_v2_theme_by_x_ile2010 (1)\Shatter-red 7 v2\extra\Windows_Themes_Installer_v1_1_by_Kishan_Bagaria"
Task: {17F24C02-6A64-4E53-B22D-1B735F65E523} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3415790977-1989096255-3140653802-1001UA => C:\Users\MVergo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {1CEC80BD-1726-481F-A38F-BE420AB7F5EC} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-08-17] (Glarysoft Ltd)
Task: {1FB62F0C-5A90-4CDE-ACA0-AACB4C9A3F40} - System32\Tasks\{D1722C40-66C9-495E-986E-B59F789BFBCB} => C:\Program Files (x86)\THQ\Titan Quest Immortal Throne\Tqit.exe
Task: {213DE185-8CE3-45EE-A8EE-DEE49BCCB394} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3415790977-1989096255-3140653802-1001UA => C:\Users\MVergo\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {213F84C0-341B-4F2F-9830-8AF5947EF5CD} - \globalUpdateUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {283A6402-7E78-43A6-B5AE-D5B825701745} - System32\Tasks\{AD4BF9D8-093F-42DE-B525-0CEAF9BD673C} => pcalua.exe -a "C:\Users\MVergo\Desktop\PS games\Need For Speed Underground\makeDesktopIcon.exe" -d "C:\Users\MVergo\Desktop\PS games\Need For Speed Underground"
Task: {2FF1FF57-2697-4784-94B1-1208AC03ECD3} - System32\Tasks\{A099C612-FC04-4A5B-A131-39D58E5FEA3B} => C:\Users\MVergo\Desktop\PS games\Need For Speed Underground\Need For Speed Underground.exe
Task: {39D110C6-9EA4-4DE6-A8DA-DF80D14A8CA8} - System32\Tasks\{B594D0CF-77D1-4FE1-B1D9-F63B0BE976EE} => I:\My Games\Need for Speed Carbon\NFSC.exe
Task: {3B8E93C0-648B-412D-8624-D18752ED615D} - System32\Tasks\Your File Updater => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {43994013-66CE-4890-BCF0-E92679640F59} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3415790977-1989096255-3140653802-1001Core => C:\Users\MVergo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {46FC3CF8-2095-4F9A-9506-05676D8ECEE3} - System32\Tasks\{4DBDD44E-A882-411A-85A5-B7390A3EF05E} => C:\Users\MVergo\Desktop\PS games\Need For Speed Underground\Need For Speed Underground.exe
Task: {4E9748A4-AB95-4931-87F1-8823789EB256} - System32\Tasks\{A78774E7-95C1-468E-B854-8BFE1FE0FF2A} => C:\Program Files (x86)\THQ\Titan Quest Immortal Throne\Tqit.exe
Task: {550E1D51-B7E3-4C12-87E0-11F9E0B795DB} - System32\Tasks\ProgramRefresh-ATFST => C:\Program Files (x86)\File Type Assistant\tsasetup.exe <==== ATTENTION
Task: {599F5A4F-C60C-48EE-BADA-EA853BEA0B69} - System32\Tasks\{43E32941-2F91-4B10-B42D-A89D60A78694} => pcalua.exe -a C:\Users\MVergo\Documents\Assassins.Creed.Revelations.v1.02.Update-SKIDROW\ac_revelations_1.02_eu.exe -d C:\Users\MVergo\Documents\Assassins.Creed.Revelations.v1.02.Update-SKIDROW
Task: {5DB76697-4386-4160-84DD-2EBFFAE07A6D} - \LaunchSignup -> No File <==== ATTENTION
Task: {5E3414EE-E9BF-4039-B147-7348B9A88658} - System32\Tasks\{DD81D392-9AB4-4AF3-90B1-C2AE7B3CD2EE} => pcalua.exe -a I:\Autorun.exe -d I:\
Task: {5F7B54F2-2A8B-4D81-A616-3CBCBC1AFFEB} - System32\Tasks\{6D260DB4-3677-491D-A0F0-32FD5B1512F4} => pcalua.exe -a C:\Users\MVergo\Documents\Assassins.Creed.Revelations.v1.01.Update-SKIDROW\ac_revelations_1.01_eu.exe -d C:\Users\MVergo\Documents\Assassins.Creed.Revelations.v1.01.Update-SKIDROW
Task: {61F626F5-59CB-47C8-AC7E-D901B0D03CC2} - System32\Tasks\{C439F314-90D2-4770-9A07-37840360CB84} => pcalua.exe -a "C:\Users\MVergo\Downloads\Lara Croft Tomb Raider Anniversary\tombraider.part1.exe" -d "C:\Users\MVergo\Downloads\Lara Croft Tomb Raider Anniversary"
Task: {68061D52-45CB-4775-BBDF-B83745D73015} - System32\Tasks\{20495EA3-D686-4A53-8338-4B2207CCE3CE} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe
Task: {68FBFF84-7064-4FDF-BC10-DB2167481539} - System32\Tasks\{BB21C000-C744-427E-8DDF-A8C730059613} => pcalua.exe -a "C:\Users\MVergo\Documents\SONY VEGAS PRO 9 + PATCH &amp; CRACK\vegaspro90_32bit.exe" -d "C:\Users\MVergo\Documents\SONY VEGAS PRO 9 + PATCH &amp; CRACK"
Task: {6939C33F-8702-4BF6-A8D1-DB4BEC582FD3} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {6BED65F4-7374-4615-8217-C26B5E283FE6} - System32\Tasks\{18998842-AE6B-48CF-BF68-15DF53599C96} => pcalua.exe -a "C:\Users\MVergo\Documents\DA2 DLC Pack 1.02 Setup.exe" -d C:\Users\MVergo\Documents
Task: {6F2CA850-3B8C-4A33-A6E1-429F67EF8A1F} - System32\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-1-6 => C:\Program Files (x86)\SavePass 1.1\9960a1b8-6246-4ded-9db5-1907f0a406f4-1-6.exe <==== ATTENTION
Task: {71F1F325-BCEF-45CA-AFA0-AB69967F6B98} - System32\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-5_user => C:\Program Files (x86)\SavePass 1.1\9960a1b8-6246-4ded-9db5-1907f0a406f4-5.exe <==== ATTENTION
Task: {76004450-2D9B-48AD-83A9-50C321235A81} - System32\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-5 => C:\Program Files (x86)\SavePass 1.1\9960a1b8-6246-4ded-9db5-1907f0a406f4-5.exe <==== ATTENTION
Task: {774AC700-5B1D-4431-B637-643ED90F144D} - System32\Tasks\{ED5D0D67-B113-4FDB-8A2C-BDF636C77DF9} => C:\Games\God Of War II\pcsx2.exe
Task: {781ACEB5-8778-472B-8C5C-F7735F8BC2E7} - \45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-3 -> No File <==== ATTENTION
Task: {7E6434AE-8874-4479-BC50-474F0C6BC59D} - System32\Tasks\{BCD5E160-1458-421A-B7D5-52C366EB6928} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe
Task: {834D1D7A-5643-488B-AE6A-FE75E88D86D0} - System32\Tasks\{2BC455B1-5808-45BC-A941-A570A3D0C5C2} => pcalua.exe -a D:\setup.exe -d D:\
Task: {874025F7-A43C-4EEA-9709-99A83BCA721A} - System32\Tasks\{85A9E840-6023-438B-9E6E-CDA32567D51F} => C:\Users\MVergo\Desktop\PS games\Need For Speed Underground\Need For Speed Underground.exe
Task: {87A84F56-99A6-49B8-9CD2-7106123EB525} - System32\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-10_user => C:\Program Files (x86)\SavePass 1.1\9960a1b8-6246-4ded-9db5-1907f0a406f4-10.exe <==== ATTENTION
Task: {8B0BA47C-481B-4F39-BC66-848767489EEA} - System32\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-3 => C:\Program Files (x86)\SavePass 1.1\9960a1b8-6246-4ded-9db5-1907f0a406f4-3.exe <==== ATTENTION
Task: {8D46F050-14C2-49F0-B2E4-9F5F90C8CF5F} - System32\Tasks\{A9CEBDA7-53BA-442D-93AE-CE18BAD1BCD6} => pcalua.exe -a "C:\Users\MVergo\Downloads\shatter_red_7_v2_theme_by_x_ile2010 (1)\Shatter-red 7 v2\theme\Shatter-red 7 v2 visual style by X-ile.exe" -d "C:\Users\MVergo\Downloads\shatter_red_7_v2_theme_by_x_ile2010 (1)\Shatter-red 7 v2\theme"
Task: {8F38CD5F-831E-4498-A04B-185067206EAB} - System32\Tasks\{3F11B479-266B-4049-A73B-EE24596A622B} => C:\Facade\util\sources\facade\animEngineStarter.exe
Task: {8F81A515-962F-41D5-83A9-40793A8BC143} - System32\Tasks\ProgramUpdateCheck => C:\Program Files (x86)\File Type Assistant\TSAssist.exe <==== ATTENTION
Task: {8FF1F30C-DB03-4B3A-81E9-983F7FC95C23} - System32\Tasks\{5DEAA0DA-EB92-4069-A534-93224ABCCDBF} => C:\Users\MVergo\Desktop\PS games\Need For Speed Underground\Need For Speed Underground.exe
Task: {904E7F4B-1A8A-4C9D-8972-944BB8C58093} - \45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-10_user -> No File <==== ATTENTION
Task: {92BF6E08-281D-46F5-A259-43D021427161} - System32\Tasks\{D78380E9-3231-451C-B590-8E2075329525} => pcalua.exe -a "I:\My Games\Need for Speed Carbon\setup.exe" -d "I:\My Games\Need for Speed Carbon"
Task: {950313DA-E7CA-4197-81AE-F1DB85A27920} - \EPUpdater -> No File <==== ATTENTION
Task: {96511031-1865-4D09-9390-C44377FFD983} - System32\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-6 => C:\Program Files (x86)\SavePass 1.1\9960a1b8-6246-4ded-9db5-1907f0a406f4-6.exe <==== ATTENTION
Task: {98F2D52C-10B5-44EE-B10A-9A4BAD231E81} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-08-17] (Glarysoft Ltd)
Task: {9AE88CF8-BA06-4F02-BAD5-B16225678CF0} - System32\Tasks\{E66778E0-8900-4315-BF2A-CBDEEEE68B4D} => pcalua.exe -a D:\MenuChooser.exe -d D:\
Task: {A4F3CE05-64DB-4109-9485-0AB5863BF2D2} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3415790977-1989096255-3140653802-1001
Task: {A7D1A9AB-99C9-44D2-8FB5-FE06672B06B3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-15] (Adobe Systems Incorporated)
Task: {AE1FA230-D609-48C9-BBF6-BD955BCEFACE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {B8D2BC7A-F22A-439B-8E25-6F2329096E1C} - \globalUpdateUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {BE34A46D-7826-48A7-A75D-9A5E0241ADD6} - System32\Tasks\{50A51A15-7CF8-4EE9-A5FF-9B40E65016EA} => pcalua.exe -a "C:\Users\MVergo\Downloads\Vegas Pro 11.0.exe"
Task: {BE8DE57F-B0B3-4A1F-B994-FA058F5B0F3C} - System32\Tasks\{71AC0AAA-BBEB-4A08-BE7F-31F98AFB54D8} => pcalua.exe -a "C:\Program Files (x86)\Xfire\xfire.exe" -d "C:\Program Files (x86)\Xfire"
Task: {BED6C217-6872-4261-A4E3-8B6D8AA6981F} - System32\Tasks\{2B6E5835-4B84-423B-9D3D-78D2578A4016} => C:\Users\MVergo\Desktop\PS games\Need For Speed Underground\Need For Speed Underground.exe
Task: {C196AF69-30F8-4D99-BF34-DC829F39CD38} - System32\Tasks\{3901EF9C-DE6A-4FA7-A064-0E8228DFDD73} => C:\Facade\util\sources\facade\animEngineStarter.exe
Task: {C289A2EE-194A-4F86-B816-F2D2D0367865} - System32\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-4 => C:\Program Files (x86)\SavePass 1.1\9960a1b8-6246-4ded-9db5-1907f0a406f4-4.exe <==== ATTENTION
Task: {CB62556C-567C-49C1-AFDE-6E988B530DB4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {CFC43A55-A374-4036-AE22-176A0A02DF2F} - System32\Tasks\{6FB73683-BADB-432B-82F5-4CA0ADF19715} => pcalua.exe -a I:\Setup.exe -d I:\
Task: {D20498C5-DA38-4195-8C5F-62B344B7F271} - System32\Tasks\{C66CD188-4DFE-418E-91A7-471CE9854B80} => pcalua.exe -a "C:\Users\MVergo\Downloads\Need for Speed Most Wanted  V1.3 (Multi 9) ( DIRECT PLAY) [blaze69]\Need for Speed Most Wanted\Need for Speed Most Wanted\makeDesktopIcon.exe" -d "C:\Users\MVergo\Downloads\Need for Speed Most Wanted  V1.3 (Multi 9) ( DIRECT PLAY) [blaze69]\Need for Speed Most Wanted\Need for Speed Most Wanted"
Task: {D679E6A6-86F4-41CF-BFAC-66F3CB0B9DC5} - System32\Tasks\{8E54882B-AE86-4DB4-AFFC-2E616310EE34} => pcalua.exe -a "C:\Users\MVergo\Downloads\Dragon-Age-Inqusition-Game-Downloader-CRACK-v5.1\Dragon Age Inqusition Game Downloader + CRACK v5.1\Dragon Age Inquisition Game Downloader.exe" -d "C:\Users\MVergo\Downloads\Dragon-Age-Inqusition-Game-Downloader-CRACK-v5.1\Dragon Age Inqusition Game Downloader + CRACK v5.1"
Task: {D7E418D3-892F-4BFE-B7C4-983443E76B6C} - System32\Tasks\{4ABC3955-0528-4B34-9C44-1A537DEBBE3E} => C:\Users\MVergo\Desktop\PS games\Need For Speed Underground\Need For Speed Underground.exe
Task: {D978EBC6-7C18-4DAA-B076-F5CB25E2CC92} - System32\Tasks\{A1BD51F4-BC55-43F3-937C-0CA0503934E7} => pcalua.exe -a "C:\Program Files (x86)\ImTOO\Music CD Burner 6\Uninstall.exe"
Task: {D9C17302-E010-43DA-BD23-EB3CF5EFDD1A} - System32\Tasks\{B43E5716-6B28-4ED1-B982-106626E62A40} => C:\Games\God Of War II\pcsx2.exe
Task: {D9E00E4C-A2B0-4F37-9C5D-174FADA05581} - System32\Tasks\{CD9F087B-7AE7-4932-892C-A51556652DF9} => C:\Program Files (x86)\THQ\Titan Quest Immortal Throne\Tqit.exe
Task: {DAE35C21-535B-40BD-AAF8-1AFCDE82806E} - System32\Tasks\PC Optimizer Pro64 startups => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: {DE764886-3894-4C59-8A3E-4717A7DDF0D9} - System32\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-1-7 => C:\Program Files (x86)\SavePass 1.1\9960a1b8-6246-4ded-9db5-1907f0a406f4-1-7.exe <==== ATTENTION
Task: {E04E46EB-B80C-498D-8C94-A213C4C98986} - System32\Tasks\45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-6 => C:\Program Files (x86)\Cinem Plus 2.4cV29.05\45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-6.exe [2015-05-29] () <==== ATTENTION
Task: {E209748E-BD9E-4887-B455-6C1DB512AD34} - System32\Tasks\{0CE78529-8CA5-4854-A068-355CD00C2AEC} => C:\Facade\util\sources\facade\animEngineStarter.exe
Task: {E5B878CF-74DD-41B3-97A8-138F9A13C7B6} - System32\Tasks\GBoxUpdaterTask{A00D7BE0-AAAB-4B22-AA17-3D5AF40AD28E} => C:\ProgramData\Premium\GBox\GBox.exe <==== ATTENTION
Task: {E905BE2B-677E-4CB5-8269-3851998EB58C} - System32\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-7 => C:\Program Files (x86)\SavePass 1.1\9960a1b8-6246-4ded-9db5-1907f0a406f4-7.exe <==== ATTENTION
Task: {EDD1707D-1D37-4D25-AFF8-6C1F79EF9B30} - System32\Tasks\{53B1A919-C6B9-4011-91A7-EC229199DB8B} => pcalua.exe -a I:\rzrsetup.exe -d I:\
Task: {F2A46757-0ABC-4EBF-BC90-73F127CE9EEA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3415790977-1989096255-3140653802-1001Core => C:\Users\MVergo\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F4A49CAC-2053-4B05-91D4-0C9B7E15A697} - System32\Tasks\45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-7 => C:\Program Files (x86)\Cinem Plus 2.4cV29.05\45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-7.exe <==== ATTENTION
Task: {F4F0E55E-E53E-4070-8695-3EC69EFAB84A} - System32\Tasks\{2CE85AE2-F3F6-4232-9FBB-E99CE29A547F} => C:\Program Files (x86)\THQ\Titan Quest Immortal Throne\Tqit.exe
Task: {F77DFD94-89E9-43EF-B8F3-08189CEEF85C} - System32\Tasks\{A9AE6292-5398-4F24-AA43-8304B150A72D} => pcalua.exe -a C:\Users\MVergo\Documents\Dragon.Age.2-RELOADED\software\vcredist_x86.exe -d C:\Users\MVergo\Documents\Dragon.Age.2-RELOADED\software
Task: {F9A8A586-3881-4502-8750-9DCABAB3D28C} - System32\Tasks\{2BAF9C79-B840-4207-A300-985749136C9D} => pcalua.exe -a "C:\Users\MVergo\Documents\Mass Effect 2 DLC - Overlord Pack [15 June 2010]\ME2_Overlord.exe" -d "C:\Users\MVergo\Documents\Mass Effect 2 DLC - Overlord Pack [15 June 2010]"
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-10_user.job => C:\Program Files (x86)\Cinem Plus 2.4cV29.05\45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-3.job => C:\Program Files (x86)\Cinem Plus 2.4cV29.05\45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-6.job => C:\Program Files (x86)\Cinem Plus 2.4cV29.05\45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-7.job => C:\Program Files (x86)\Cinem Plus 2.4cV29.05\45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-1-6.job => C:\Program Files (x86)\SavePass 1.1\9960a1b8-6246-4ded-9db5-1907f0a406f4-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-1-7.job => C:\Program Files (x86)\SavePass 1.1\9960a1b8-6246-4ded-9db5-1907f0a406f4-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-10_user.job => C:\Program Files (x86)\SavePass 1.1\9960a1b8-6246-4ded-9db5-1907f0a406f4-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-3.job => C:\Program Files (x86)\SavePass 1.1\9960a1b8-6246-4ded-9db5-1907f0a406f4-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-4.job => C:\Program Files (x86)\SavePass 1.1\9960a1b8-6246-4ded-9db5-1907f0a406f4-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-5.job => C:\Program Files (x86)\SavePass 1.1\9960a1b8-6246-4ded-9db5-1907f0a406f4-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-5_user.job => C:\Program Files (x86)\SavePass 1.1\9960a1b8-6246-4ded-9db5-1907f0a406f4-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-6.job => C:\Program Files (x86)\SavePass 1.1\9960a1b8-6246-4ded-9db5-1907f0a406f4-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-7.job => C:\Program Files (x86)\SavePass 1.1\9960a1b8-6246-4ded-9db5-1907f0a406f4-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3415790977-1989096255-3140653802-1001Core.job => C:\Users\MVergo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3415790977-1989096255-3140653802-1001UA.job => C:\Users\MVergo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GBoxUpdaterTask{A00D7BE0-AAAB-4B22-AA17-3D5AF40AD28E}.job => C:\ProgramData\Premium\GBox\GBox.exeA/schedule /profilepath C:\ProgramData\Premium\GBox\profile.ini <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3415790977-1989096255-3140653802-1001Core.job => C:\Users\MVergo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3415790977-1989096255-3140653802-1001UA.job => C:\Users\MVergo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for MVergo.job => C:\PROGRA~2\NORTON~2\Engine\372~1.5\Nss.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Windows\system32\rundll32.exeGC:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-07-15 21:38 - 2015-07-15 21:38 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-10-15 20:32 - 2010-08-04 14:44 - 00266240 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-09-01 02:22 - 2010-02-10 18:10 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2013-04-21 21:42 - 2013-01-08 10:32 - 00721917 _____ () C:\Windows\SysWOW64\AiCM64.dll
2015-09-22 22:57 - 2015-09-22 22:57 - 00118640 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2015-07-15 21:38 - 2015-07-15 21:38 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 01272616 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\kpcengine.2.3.dll
2011-10-15 20:32 - 2010-03-10 14:50 - 00360448 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2015-08-17 09:34 - 2015-08-17 09:34 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-09-23 18:23 - 2015-09-19 01:13 - 01501512 _____ () C:\Users\MVergo\AppData\Local\Google\Chrome\Application\45.0.2454.99\libglesv2.dll
2015-09-23 18:23 - 2015-09-19 01:13 - 00081224 _____ () C:\Users\MVergo\AppData\Local\Google\Chrome\Application\45.0.2454.99\libegl.dll
2015-09-23 18:23 - 2015-09-19 01:13 - 16487752 _____ () C:\Users\MVergo\AppData\Local\Google\Chrome\Application\45.0.2454.99\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:07F6D9E4
AlternateDataStreams: C:\ProgramData\Temp:888AFB86
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3415790977-1989096255-3140653802-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\MVergo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: DAUpdaterSvc => 3
MSCONFIG\Services: RoxMediaDB12OEM => 3
MSCONFIG\Services: RoxWatch12 => 2
MSCONFIG\Services: SftService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^Users^MVergo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Απόσπασμα οθόνης και Launcher.lnk => C:\Windows\pss\OneNote 2010 Απόσπασμα οθόνης και Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Facebook Update => "C:\Users\MVergo\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\MVergo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: MediaGet2 => C:\Users\MVergo\AppData\Local\MediaGet2\mediaget.exe --minimized
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: PlusService => C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: RGSC => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: Starter => C:\Program Files (x86)\Driver-Soft\DriverGenius\StarterW3i.exe
MSCONFIG\startupreg: TaskTray => C:\Program Files (x86)\Driver-Soft\DriverGenius\TaskTray.exe
MSCONFIG\startupreg: VDownloader => C:\Program Files (x86)\VDownloader\VDownloader.exe /silent
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{EC50E3DA-F4AB-4A18-8427-3FD63C26B020}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7E335C1E-15A1-41E4-90F6-82667D6C99E8}] => (Allow) c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [TCP Query User{DBEE6E4B-7FC9-483C-A8B1-4520CDAD409A}I:\my games\need for speed carbon\nfsc.exe] => (Allow) I:\my games\need for speed carbon\nfsc.exe
FirewallRules: [UDP Query User{89781507-6DBD-44F5-8815-01B3E742C8CA}I:\my games\need for speed carbon\nfsc.exe] => (Allow) I:\my games\need for speed carbon\nfsc.exe
FirewallRules: [{900646D7-BEE4-4C0E-A7EF-B158661FB708}] => (Allow) C:\Program Files (x86)\FinalTorrent\FINALTORRENT.exe
FirewallRules: [{BA007043-67E9-4341-9C66-3A133255F89C}] => (Allow) C:\Program Files (x86)\FinalTorrent\FTCheckForUpdates.exe
FirewallRules: [{09FEA7D7-AFD0-43C3-BEF3-CEC987B9E525}] => (Allow) C:\Program Files (x86)\FinalTorrent\FINALTORRENT.exe
FirewallRules: [{A06F4233-4727-4CD4-B659-D5992F66A854}] => (Allow) C:\Program Files (x86)\FinalTorrent\FTCheckForUpdates.exe
FirewallRules: [{ACC30660-8823-49F8-BBAD-8FC6D993DB65}] => (Allow) C:\Program Files (x86)\FinalTorrent\FINALTORRENT.exe
FirewallRules: [{20BFB2D1-F7F1-44CC-B7B9-09DEE8498D98}] => (Allow) C:\Program Files (x86)\FinalTorrent\FTCheckForUpdates.exe
FirewallRules: [{B14310EC-3BEB-4D34-A909-ED10F3BEA596}] => (Allow) C:\Program Files (x86)\FinalTorrent\FINALTORRENT.exe
FirewallRules: [{61285A6B-BB78-4455-B6D9-E06F1BD37388}] => (Allow) C:\Program Files (x86)\FinalTorrent\FTCheckForUpdates.exe
FirewallRules: [TCP Query User{CA5B26D8-C2DA-4641-A981-CC6A834B30E7}C:\users\mvergo\saved games\need for speed underground 2\need for speed underground 2.exe] => (Allow) C:\users\mvergo\saved games\need for speed underground 2\need for speed underground 2.exe
FirewallRules: [UDP Query User{A98B00D2-E32B-4EEA-8506-52E2778D8C40}C:\users\mvergo\saved games\need for speed underground 2\need for speed underground 2.exe] => (Allow) C:\users\mvergo\saved games\need for speed underground 2\need for speed underground 2.exe
FirewallRules: [{6A8C9A32-1443-4D16-8D92-99746C7CD3F1}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A8AE597E-324A-40BD-A12D-13BD78FD9230}] => (Allow) svchost.exe
FirewallRules: [{BF637E25-AD5B-4CB9-8FAC-C980CA02C3F0}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [TCP Query User{0E9ABBD4-8249-4977-A1E2-E396D3DA30AB}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{1C95EE8D-F7FE-4187-90AF-31B130661DBA}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{87FD89B0-37FE-4194-83DD-ECAA5F09AE44}] => (Allow) C:\Program Files (x86)\Dragon Age 2\bin_ship\DragonAge2.exe
FirewallRules: [{B805C39E-05B9-4DF9-B6E8-0414667B8E46}] => (Allow) C:\Program Files (x86)\Dragon Age 2\bin_ship\DragonAge2.exe
FirewallRules: [{05CAEA42-5612-48CC-9916-2D7881558103}] => (Allow) C:\Program Files (x86)\Dragon Age 2\DragonAge2Launcher.exe
FirewallRules: [{7EBB640F-9D3E-4790-8D0E-BE5E9E20E865}] => (Allow) C:\Program Files (x86)\Dragon Age 2\DragonAge2Launcher.exe
FirewallRules: [{8F32ABED-FB55-41BF-8FF1-2F29EE36B9E4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2D399AD9-9C6C-40D5-A644-A26B3B4B639F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5FF288CD-860F-4C28-A41F-0BD867BCA391}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{96E745B9-05B5-4211-8DD1-C6F9E0AB62E1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A7D1EE6F-5D73-4B0A-95D4-A48F165A4E76}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{A0B501F4-F2AB-463F-8B7F-69E6F972DAA9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{D72B374D-8E27-4F77-A2A6-4DF3936CE39D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{75EDBCBA-5322-4989-AD9F-6F2914AA56D5}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{9A427EFE-13EB-4B25-9A80-43DE113B6709}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{0A5400A7-68B6-41C0-8B44-C24A27A358C1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B197B806-A9F9-4229-91F2-7561A95DB34D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{A1490805-762C-4F2E-8405-DB7AEC06542B}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{DEF15E14-BF1F-4C3E-8EA8-62B635B07306}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{4259CB98-491B-4604-923E-5279BDDB1A82}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{F4F2021F-E63D-43F7-900F-7498D03AC3BC}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{D816177E-1EA6-456B-9041-FBD6141C439E}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{87F82122-D02B-49ED-9D81-0AA890F818BC}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{6A26DDD7-7BD2-480B-ABFF-508A5E37B4C9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{665F88BF-D4CF-449C-8BFA-28F7AA7A2994}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{8477E833-57B5-430A-8D4D-9F4B9C384F48}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{F1DD00F1-9A2E-4924-947D-856E45EF21CA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.998\Agent.exe
FirewallRules: [{8F620CCA-273A-486F-8392-A76C02065615}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.998\Agent.exe
FirewallRules: [{CEA68742-4934-4444-A205-D6F8A9A2CEEE}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{D724AF7A-CE5E-4A50-9FFF-49482A2004F3}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [TCP Query User{CFDFF46C-D96E-4027-8108-A1ECC6DCEC39}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [UDP Query User{DC17210F-8A68-4550-981C-2701AFDCFC2A}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [{7240BF1C-26C7-4E06-A8C6-05D5C47DB6BC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{594F1C33-CDD3-4C96-9554-07545F3CE70A}] => (Allow) LPort=2869
FirewallRules: [{072D576E-6BEB-47AB-907A-E26D057B3C0D}] => (Allow) LPort=1900
FirewallRules: [{6A459130-5817-400B-A366-34B4003DBB90}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{1E2D1CA1-5D99-43B6-A123-C5414993DF22}C:\users\mvergo\desktop\ps games\overlord ii\overlord2.exe] => (Allow) C:\users\mvergo\desktop\ps games\overlord ii\overlord2.exe
FirewallRules: [UDP Query User{5EA2CC0F-5F1A-430E-8330-3DEDF07AA7A0}C:\users\mvergo\desktop\ps games\overlord ii\overlord2.exe] => (Allow) C:\users\mvergo\desktop\ps games\overlord ii\overlord2.exe
FirewallRules: [TCP Query User{726E193F-8882-439C-9BDC-01F11EC5D4A8}C:\program files (x86)\saints row 2\sr2_pc.exe] => (Block) C:\program files (x86)\saints row 2\sr2_pc.exe
FirewallRules: [UDP Query User{846E2A4B-828E-4C97-8523-4CD6840CD470}C:\program files (x86)\saints row 2\sr2_pc.exe] => (Block) C:\program files (x86)\saints row 2\sr2_pc.exe
FirewallRules: [TCP Query User{4C79B433-2EEF-42CD-BA50-6F5DC3B3EFA3}C:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe] => (Block) C:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe
FirewallRules: [UDP Query User{82FB7D1E-27C8-4BB8-B2CF-53689D0EB1BD}C:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe] => (Block) C:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe
FirewallRules: [TCP Query User{07E62EB1-A96E-47FF-966A-A34F547FD306}C:\program files (x86)\ea games\kingdoms of amalur reckoning\reckoning.exe] => (Allow) C:\program files (x86)\ea games\kingdoms of amalur reckoning\reckoning.exe
FirewallRules: [UDP Query User{8D3D3C70-A6EA-48F8-BBD7-70805A45F793}C:\program files (x86)\ea games\kingdoms of amalur reckoning\reckoning.exe] => (Allow) C:\program files (x86)\ea games\kingdoms of amalur reckoning\reckoning.exe
FirewallRules: [{E22B5B61-6EB9-45E8-9B25-1B0C7E09E924}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
FirewallRules: [{2C699E06-7CED-4271-AAD2-B8E7E5532FF7}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
FirewallRules: [TCP Query User{8A558790-3EC4-4A4B-B21E-021DAFA7450E}C:\program files (x86)\konami\pro evolution soccer 2010\pes2010.exe] => (Block) C:\program files (x86)\konami\pro evolution soccer 2010\pes2010.exe
FirewallRules: [UDP Query User{1769478A-C3CE-4B9E-92F6-14E119ABA85A}C:\program files (x86)\konami\pro evolution soccer 2010\pes2010.exe] => (Block) C:\program files (x86)\konami\pro evolution soccer 2010\pes2010.exe
FirewallRules: [{A02C5CDA-DAB1-4EA8-A8AB-C2E488B97E1C}] => (Allow) C:\Program Files (x86)\EA GAMES\The Battle for Middle-earth ™\game.dat
FirewallRules: [{F577C1A3-630D-4C24-B142-18B31C6EFC84}] => (Allow) C:\Program Files (x86)\EA GAMES\The Battle for Middle-earth ™\game.dat
FirewallRules: [TCP Query User{9C09FCBD-5ACD-4636-B31B-DFDF31A8C772}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [UDP Query User{0DD56EE6-C8F1-47DD-834B-71BBDC20DFF9}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [{3950D2A5-1B2F-4ED1-836E-5D20F8AD302F}] => (Allow) C:\Program Files (x86)\FinalTorrent\FINALTORRENT.exe
FirewallRules: [{62EED0AD-70AB-4DF1-8BD7-FB84870E84E7}] => (Allow) C:\Program Files (x86)\FinalTorrent\FTCheckForUpdates.exe
FirewallRules: [{C6782783-2BE9-480C-925F-F6C74A2EC7E7}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{3C21AAB8-844E-4F74-AEDA-3E5588BA7F78}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [TCP Query User{1F43C1A9-0421-4498-9083-9057D2AFB95E}C:\program files (x86)\smartcam\smartcam.exe] => (Allow) C:\program files (x86)\smartcam\smartcam.exe
FirewallRules: [UDP Query User{92ECA496-EBFF-438F-BEDC-1A71E36A4E28}C:\program files (x86)\smartcam\smartcam.exe] => (Allow) C:\program files (x86)\smartcam\smartcam.exe
FirewallRules: [{660A1BA0-78E0-42C5-B2FF-E918B159E458}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
FirewallRules: [{BCFC1293-8C03-4ABD-8863-F8E6AD35D449}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
FirewallRules: [{B1ACDC56-39FE-4A22-A16F-FC8B99B80515}] => (Allow) C:\Users\MVergo\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{910B053A-B79F-4428-8D0A-BF5BA1FB59DF}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
FirewallRules: [{548DF99D-AB15-4F21-B7D0-E87E148E7374}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
FirewallRules: [{2D843E95-9C2C-41A2-B2C4-300048849954}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{DBB5CFEF-7EAC-43A0-AE80-0A1E0DB5081F}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{30DDF3E8-D84F-4FAD-9C18-5A06DF54B325}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{519B61E8-80B0-4AF2-9365-1D099E8456BA}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{1B3F90D9-E142-46E0-B294-C43FD7857965}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{5C0F4AC5-508D-41E3-83FC-16904E2F7174}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{B1DB6A04-878B-46CF-84C7-E2CCBD8BEF6D}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{63E07EBD-22A2-4ADA-BF91-C7CC63CB4747}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{0F392E13-D4DD-4EEE-A217-795E7F3DAB12}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{36A93CDD-9A29-4E92-865A-E8BCEF782068}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{73C9649E-5FA0-44D4-807A-E423BBBAD312}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{79A298C4-C03C-4F0A-8BB8-E55FD057D172}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{5FD5A357-879F-4CD9-AC17-0340CEA9E661}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4AD13395-C12A-4191-ABB9-8BF4DB83743A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{32982F16-8536-4125-9725-85EA8F849C7D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{51D96D3F-CCF0-4F1D-9D34-8653B8F7D0B9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{05B66242-9EAE-45B3-8F64-C1F3697D3667}C:\r.g. catalyst\the witcher 2 - assassins of kings - enhanced edition\bin\witcher2.exe] => (Allow) C:\r.g. catalyst\the witcher 2 - assassins of kings - enhanced edition\bin\witcher2.exe
FirewallRules: [UDP Query User{30644739-F088-43B3-9555-2773F9CB81EB}C:\r.g. catalyst\the witcher 2 - assassins of kings - enhanced edition\bin\witcher2.exe] => (Allow) C:\r.g. catalyst\the witcher 2 - assassins of kings - enhanced edition\bin\witcher2.exe
FirewallRules: [{1953E0CA-AC1F-4363-A58C-53E96C588357}] => (Allow) C:\Users\MVergo\AppData\Local\MediaGet2\mediaget.exe
FirewallRules: [{9DF206E3-F809-4C8C-B580-14BCC520E266}] => (Allow) C:\Users\MVergo\AppData\Local\MediaGet2\mediaget.exe
FirewallRules: [{6ACB9712-B531-4D8D-8F5E-4EC73702DB97}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4D749129-E96B-4FDD-8F36-FDE4A18C015E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{91EAD603-9B3F-49B5-8C12-5A3A05F828CF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FCD24813-9B61-4486-84F3-04F932073C7F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{561B2438-1D53-4466-9F27-3DF85BF30E7D}] => (Allow) C:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe
FirewallRules: [{2F0A1282-DC5E-4B62-B042-C18F8D997114}] => (Allow) C:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe
FirewallRules: [TCP Query User{9523530B-60EE-40B0-A452-8EE0D764F28C}C:\program files (x86)\microsoft games\fable iii\fable3.exe] => (Block) C:\program files (x86)\microsoft games\fable iii\fable3.exe
FirewallRules: [UDP Query User{82E96CB2-6725-48F2-8F67-BE5694BCB1A6}C:\program files (x86)\microsoft games\fable iii\fable3.exe] => (Block) C:\program files (x86)\microsoft games\fable iii\fable3.exe
FirewallRules: [{0E8C9260-4C80-41CA-9E07-1D676E9E6273}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{F8E2F2C0-6CA5-40DB-9B3E-4C527C147F85}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{C13B83E1-4850-4854-9F7A-A9B0FDA4F95F}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{49C8DB3D-4B87-4B45-9C22-3FD7F71442FD}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{579C948B-60AF-4CA0-9C8A-45950262580B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{E685CC1C-B329-45B4-8C0F-64D8486CB092}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{947357DF-96FE-4EFA-AB09-D34FB227AC68}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{55F306A2-C358-4254-93FD-A4E3E88CC504}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/23/2015 10:33:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Το πρόγραμμα FRST64.exe έκδοση 23.9.2015.0 σταμάτησε να αλληλεπιδρά με τα Windows και έκλεισε. Για να δείτε αν υπάρχουν διαθέσιμες περισσότερες πληροφορίες για το πρόβλημα, ελέγξτε το ιστορικό του προβλήματος στον πίνακα ελέγχου του Κέντρου ενεργειών.
 
Αναγνωριστικό διεργασίας: 3310
 
Ώρα έναρξης: 01d0f636520f9bdd
 
Ώρα τερματισμού: 0
 
Διαδρομή εφαρμογής: C:\Users\MVergo\Downloads\FRST64.exe
 
Αναγνωριστικό αναφοράς: de179b4c-6229-11e5-9076-842b2b945b03
 
Error: (09/23/2015 09:30:10 PM) (Source: Google Update) (EventID: 20) (User: Vitto)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (09/23/2015 05:58:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/23/2015 10:35:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/23/2015 02:46:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 325106
 
Error: (09/23/2015 02:46:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 325106
 
Error: (09/23/2015 02:46:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/23/2015 02:41:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15507
 
Error: (09/23/2015 02:41:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15507
 
Error: (09/23/2015 02:41:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (09/23/2015 06:21:29 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16398) (User: NT AUTHORITY)
Description: Δεν είναι δυνατή η δημιουργία νέας εργασίας BITS. Το τρέχον πλήθος εργασιών για το χρήστη Vitto\MVergo (137) είναι ίσο με ή μεγαλύτερο από το όριο εργασιών (60) που καθορίζεται από την πολιτική ομάδας. Για την επίλυση του προβλήματος, ολοκληρώστε ή ακυρώστε τις εργασίες BITS που δεν έχουν σημειώσει πρόοδο, εξετάζοντας το σφάλμα και επανεκκινήστε την υπηρεσία BITS. Εάν το σφάλμα εξακολουθεί να παρουσιάζεται, ζητήστε από το διαχειριστή να αυξήσει τα όρια εργασιών της πολιτικής ομάδας ανά χρήστη και ανά υπολογιστή.
 
Error: (09/23/2015 06:19:32 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16398) (User: NT AUTHORITY)
Description: Δεν είναι δυνατή η δημιουργία νέας εργασίας BITS. Το τρέχον πλήθος εργασιών για το χρήστη Vitto\MVergo (137) είναι ίσο με ή μεγαλύτερο από το όριο εργασιών (60) που καθορίζεται από την πολιτική ομάδας. Για την επίλυση του προβλήματος, ολοκληρώστε ή ακυρώστε τις εργασίες BITS που δεν έχουν σημειώσει πρόοδο, εξετάζοντας το σφάλμα και επανεκκινήστε την υπηρεσία BITS. Εάν το σφάλμα εξακολουθεί να παρουσιάζεται, ζητήστε από το διαχειριστή να αυξήσει τα όρια εργασιών της πολιτικής ομάδας ανά χρήστη και ανά υπολογιστή.
 
Error: (09/23/2015 06:09:22 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16398) (User: NT AUTHORITY)
Description: Δεν είναι δυνατή η δημιουργία νέας εργασίας BITS. Το τρέχον πλήθος εργασιών για το χρήστη Vitto\MVergo (137) είναι ίσο με ή μεγαλύτερο από το όριο εργασιών (60) που καθορίζεται από την πολιτική ομάδας. Για την επίλυση του προβλήματος, ολοκληρώστε ή ακυρώστε τις εργασίες BITS που δεν έχουν σημειώσει πρόοδο, εξετάζοντας το σφάλμα και επανεκκινήστε την υπηρεσία BITS. Εάν το σφάλμα εξακολουθεί να παρουσιάζεται, ζητήστε από το διαχειριστή να αυξήσει τα όρια εργασιών της πολιτικής ομάδας ανά χρήστη και ανά υπολογιστή.
 
Error: (09/23/2015 06:03:55 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Η υπηρεσία Windows Update έκλεισε απροειδοποίητα κατά την εκκίνηση.
 
Error: (09/23/2015 05:56:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας atksgt εξαιτίας του ακόλουθου σφάλματος: 
%%1275
 
Error: (09/23/2015 05:56:53 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Αποκλείστηκε η φόρτωση του προγράμματος οδήγησης atksgt.sys.
 
Error: (09/23/2015 10:41:03 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Η υπηρεσία Windows Update έκλεισε απροειδοποίητα κατά την εκκίνηση.
 
Error: (09/23/2015 10:34:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας atksgt εξαιτίας του ακόλουθου σφάλματος: 
%%1275
 
Error: (09/23/2015 10:34:02 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: Αποκλείστηκε η φόρτωση του προγράμματος οδήγησης atksgt.sys.
 
Error: (09/23/2015 12:43:46 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Η υπηρεσία Windows Update έκλεισε απροειδοποίητα κατά την εκκίνηση.
 
 
CodeIntegrity:
===================================
  Date: 2015-09-22 22:21:33.859
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-09-22 22:21:33.844
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-09-22 22:21:33.844
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-09-22 22:21:33.391
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-09-22 22:21:33.391
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-09-22 22:21:33.376
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-09-22 22:21:32.939
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-09-22 22:21:32.830
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-09-22 22:21:32.814
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-09-22 22:21:32.689
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ II X4 645 Processor
Percentage of memory in use: 51%
Total physical RAM: 3326.98 MB
Available physical RAM: 1621.48 MB
Total Virtual: 8314.18 MB
Available Virtual: 5792.55 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:918.22 GB) (Free:326.9 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 0F9E862B)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=13.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=918.2 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:08 PM

Posted 23 September 2015 - 02:49 PM

Please post the FRST.txt as well.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 demy31

demy31
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:08 PM

Posted 23 September 2015 - 02:57 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
Ran by MVergo (administrator) on VITTO (23-09-2015 22:33:29)
Running from C:\Users\MVergo\Downloads
Loaded Profiles: MVergo (Available Profiles: MVergo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Ελληνικά (Ελλάδας)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Users\MVergo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MVergo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MVergo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MVergo\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Users\MVergo\AppData\Local\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\plugin-nm-server.exe
(Google Inc.) C:\Users\MVergo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MVergo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MVergo\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MVergo\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8321568 2009-11-10] (Realtek Semiconductor)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [12326768 2015-08-30] (Zemana Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax",DllRegisterServer
HKU\S-1-5-21-3415790977-1989096255-3140653802-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-3415790977-1989096255-3140653802-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-08-17] (Glarysoft Ltd)
HKU\S-1-5-21-3415790977-1989096255-3140653802-1001\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-3415790977-1989096255-3140653802-1001\...\MountPoints2: I - I:\Autorun.exe
HKU\S-1-5-21-3415790977-1989096255-3140653802-1001\...\MountPoints2: {29cccb94-732c-11e4-be1c-842b2b945b03} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3415790977-1989096255-3140653802-1001\...\MountPoints2: {7adeb3af-fb56-11e1-b27c-842b2b945b03} - I:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-3415790977-1989096255-3140653802-1001\...\MountPoints2: {fbbb4f47-33e9-11e3-b35b-842b2b945b03} - I:\Startme.exe
HKU\S-1-5-21-3415790977-1989096255-3140653802-1001\...\Winlogon: [Shell] C:\Windows\expstart.exe [925184 2015-08-13] () <==== ATTENTION
BootExecute: autocheck autochk *  bootdelete
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{CEE407EF-87D1-4259-A3D8-8AC106D6E5A3}: [DhcpNameServer] 192.168.2.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = 
SearchScopes: HKLM-x32 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3415790977-1989096255-3140653802-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3415790977-1989096255-3140653802-1001 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
BHO: unisalEES -> {3ce3173f-360e-4714-8af5-3247cce81596} ->  No File
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: youtubeadblocker -> {78a22955-85ca-46ab-98d0-d9b507478d6b} ->  No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: No Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} ->  No File
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Βοηθός εισόδου του Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-11] (Oracle Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF ProfilePath: C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ5eAgoTFFBGbQ8OVlhcFQBGeBQABA9IDAFCJQ8OUlgXR1ASIx9aFQQTR0cFME0FB18EURNNfX5KBFgFZ1xNJA==&q={searchTerms}
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-15] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_31\bin\new_plugin\npjp2.dll [No File]
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-11] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\new_plugin\npjp2.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-11] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com [2015-06-22] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-06-22] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3415790977-1989096255-3140653802-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\MVergo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3415790977-1989096255-3140653802-1001: @tools.google.com/Google Update;version=3 -> C:\Users\MVergo\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3415790977-1989096255-3140653802-1001: @tools.google.com/Google Update;version=9 -> C:\Users\MVergo\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3415790977-1989096255-3140653802-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MVergo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-27] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\user.js [2015-09-21]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Extension: SavePass 1.1 - C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com [2015-05-29]
FF Extension: wxDownload - C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\505d7a927a07c@505d7a927a0b5.com [2012-09-22]
FF Extension: Extension_Protected - C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack [2014-02-04]
FF Extension: youtubeadblocker - C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\km4EAT@n8T4.edu [2015-05-09]
FF Extension: uNeisaaleuS - C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\QjhpyC@82W.edu [2015-05-09]
FF Extension: WebSite Recommendation - C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\WebSiteRecommendation@weliketheweb.com [2015-05-29]
FF Extension: OneClickDownloader - C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\OneClickDownload@OneClickDownload.com.xpi [2013-03-01]
FF Extension: Easy YouTube Video Downloader - C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2012-10-26]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com [2015-06-22]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-06-22]
FF Extension: No Name - C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\extensions\bbrs_002@blabbers.com [not found]
StartMenuInternet: FIREFOX.EXE - firefox.exe
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-15]
CHR Extension: (Adblock Plus) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-09]
CHR Extension: (Adblock για το Youtube™) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-06-06]
CHR Extension: (Αναζήτηση Google) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-15]
CHR Extension: (Kaspersky Protection) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-06-22]
CHR Extension: (PanicButton) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2015-06-06]
CHR Extension: (Властелин колец) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbleojhbbbefmbgaejalpjogabmaghdg [2015-07-10]
CHR Extension: (AdBlock) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-06]
CHR Extension: (Adblock Super) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-06-06]
CHR Extension: (ÃŽàÃŽÿÃÂÃÂÃÂÃÂÃŽÿÃÂÃÂÃÂÃÂÃŽûÃŽù Google) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-15]
CHR Profile: C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Έγγραφα Google) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-21]
CHR Extension: (Google Drive ) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-21]
CHR Extension: (YouTube) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-21]
CHR Extension: (Αναζήτηση Google) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-21]
CHR Extension: (Kaspersky Protection) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-09-21]
CHR Extension: (Έγγραφα Google εκτός σύνδεσης) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-21]
CHR Extension: (Πληρωμές στο Chrome Web Store) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-21]
CHR Extension: (Gmail) - C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-21]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [demmlacpnijjgliknaehpamnnbncnodb] - C:\Program Files (x86)\Smart Suggestor\SmartSuggestor.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files (x86)\Perion\NewTab\newTab.crx <not found>
StartMenuInternet: Google Chrome - C:\Users\MVergo\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [194000 2015-06-23] (Kaspersky Lab ZAO)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-23] (Electronic Arts)
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 SonicStage Back-End Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (Sony Corporation)
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed]
S3 SSScsiSV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (Sony Corporation)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2015-08-13] (Microsoft Corporation) [File not signed]
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [266240 2010-08-04] () [File not signed]
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [12326768 2015-08-30] (Zemana Ltd.)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2013-07-20] ()
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-06-23] (Kaspersky Lab UK Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 epp64; C:\EEK\bin\epp64.sys [136456 2015-09-22] (Emsisoft GmbH)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-08-09] (Glarysoft Ltd)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-09-22] ()
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41704 2012-08-01] (AnchorFree Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-23] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [64368 2015-06-23] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [159960 2015-06-23] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [225976 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [850608 2015-06-23] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39280 2015-06-23] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [40304 2015-06-23] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [39280 2015-06-23] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [24944 2015-06-23] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-23] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [85360 2015-06-23] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [190648 2015-06-23] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2013-06-21] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-27] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [109432 2015-09-22] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [109432 2015-09-22] (Zemana Ltd.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-23 22:31 - 2015-09-23 22:33 - 00027554 _____ C:\Users\MVergo\Downloads\FRST.txt
2015-09-23 22:30 - 2015-09-23 22:33 - 00000000 ____D C:\FRST
2015-09-23 22:29 - 2015-09-23 22:30 - 02192384 _____ (Farbar) C:\Users\MVergo\Downloads\FRST64.exe
2015-09-23 21:01 - 2015-09-23 21:01 - 00001728 _____ C:\Users\MVergo\Desktop\Play Dragon Age Inquisition.lnk
2015-09-23 20:31 - 2015-09-23 20:31 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-09-23 20:25 - 2015-09-23 20:31 - 00000000 ____D C:\Users\MVergo\AppData\Local\Origin
2015-09-23 20:22 - 2015-09-23 20:25 - 00000000 ____D C:\Program Files (x86)\Origin
2015-09-23 20:20 - 2015-09-23 20:35 - 00000000 ____D C:\ProgramData\Origin
2015-09-23 20:20 - 2015-09-23 20:21 - 17113896 _____ (Electronic Arts, Inc.) C:\Users\MVergo\Downloads\OriginThinSetup.exe
2015-09-23 10:33 - 2015-09-23 17:56 - 00000112 _____ C:\Windows\setupact.log
2015-09-23 10:33 - 2015-09-23 10:33 - 00000000 _____ C:\Windows\setuperr.log
2015-09-23 00:36 - 2015-09-23 00:36 - 00000858 _____ C:\EamClean.log
2015-09-22 23:39 - 2015-09-22 23:46 - 00000000 ____D C:\EEK
2015-09-22 23:36 - 2015-09-22 23:38 - 166981296 _____ C:\Users\MVergo\Downloads\EmsisoftEmergencyKit.exe
2015-09-22 23:33 - 2015-09-22 23:33 - 00043664 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2015-09-22 23:31 - 2015-09-22 23:31 - 00117410 _____ C:\Windows\system32\.crusader
2015-09-22 23:01 - 2015-09-22 23:01 - 00000000 ____D C:\AdwCleaner
2015-09-22 22:59 - 2015-09-22 23:00 - 01662976 _____ C:\Users\MVergo\Downloads\adwcleaner_5.008.exe
2015-09-22 22:57 - 2015-09-22 22:57 - 00109432 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2015-09-22 22:57 - 2015-09-22 22:57 - 00109432 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2015-09-22 22:57 - 2015-09-22 22:57 - 00000000 ____D C:\Users\MVergo\AppData\Local\Zemana
2015-09-22 22:57 - 2015-09-22 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2015-09-22 22:57 - 2015-09-22 22:57 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2015-09-22 22:55 - 2015-09-22 22:56 - 05078968 _____ ( ) C:\Users\MVergo\Downloads\Zemana.AntiMalware.Setup (1).exe
2015-09-22 22:54 - 2015-09-22 22:55 - 05078968 _____ ( ) C:\Users\MVergo\Downloads\Zemana.AntiMalware.Setup.exe
2015-09-22 22:48 - 2015-09-22 22:48 - 00000000 ____D C:\Program Files\HitmanPro
2015-09-22 22:46 - 2015-09-22 22:47 - 11352032 _____ (SurfRight B.V.) C:\Users\MVergo\Downloads\HitmanPro_x64.exe
2015-09-22 22:45 - 2015-09-22 23:32 - 00000000 ____D C:\ProgramData\HitmanPro
2015-09-22 22:44 - 2015-09-22 22:45 - 10369928 _____ (SurfRight B.V.) C:\Users\MVergo\Downloads\HitmanPro.exe
2015-09-22 22:40 - 2015-09-22 22:47 - 00003652 _____ C:\Users\MVergo\Desktop\Rkill.txt
2015-09-22 22:40 - 2015-09-22 22:40 - 02019656 _____ (Bleeping Computer, LLC) C:\Users\MVergo\Downloads\rkill.exe
2015-09-22 22:34 - 2015-09-22 22:34 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\MVergo\Downloads\tdsskiller.exe
2015-09-22 22:08 - 2015-09-22 22:08 - 00000000 ____D C:\Users\MVergo\.ViberPC
2015-09-22 22:08 - 2015-09-22 22:08 - 00000000 ____D C:\Users\MVergo\.QtWebEngineProcess
2015-09-22 22:06 - 2015-09-22 22:08 - 00000000 ____D C:\Users\MVergo\AppData\Local\Viber
2015-09-21 19:20 - 2015-09-21 19:20 - 00022768 _____ C:\Users\MVergo\Downloads\_The-Crimson-Rivers-2-2004-DVDRip-XviD-AC3-NGuy---.zip
2015-09-21 19:05 - 2015-09-21 19:05 - 00030622 _____ C:\Users\MVergo\Downloads\276_the-crimson-rivers_51391.zip
2015-09-21 18:55 - 2015-09-21 19:29 - 00000000 ____D C:\Users\MVergo\Documents\Gone Baby Gone (2007)
2015-09-21 18:53 - 2015-09-21 18:54 - 00028518 _____ C:\Users\MVergo\Downloads\3316725_the-crimson-rivers-2000-720p-bluray-dts-es-x264-don_13824.rar
2015-09-21 18:39 - 2015-09-21 18:39 - 00058013 _____ C:\Users\MVergo\Downloads\bittorrentz.info The Gift (2015) .720p.BRRip.x264.AC3-JYK.torrent
2015-09-21 18:37 - 2015-09-21 18:37 - 00034480 _____ C:\Users\MVergo\Downloads\A Walk In The Woods 2015 (1).torrent
2015-09-21 18:36 - 2015-09-21 18:36 - 00034480 _____ C:\Users\MVergo\Downloads\A Walk In The Woods 2015.torrent
2015-09-21 18:06 - 2015-09-21 18:06 - 00000000 _____ C:\autoexec.bat
2015-09-21 18:00 - 2015-09-21 18:01 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\MVergo\Downloads\SpyHunter-Installer.exe
2015-09-21 17:50 - 2015-09-21 17:51 - 00000000 ____D C:\Users\MVergo\Documents\The.Gift.2015.720p.BRRip.XviD.AC3.SANTi
2015-09-21 16:53 - 2015-09-21 16:53 - 00000000 ____D C:\Users\MVergo\AppData\Local\Macromedia
2015-09-21 16:35 - 2015-09-21 16:35 - 00000000 ____D C:\Users\MVergo\Documents\The Gift 2015
2015-09-21 13:32 - 2015-09-21 13:32 - 00000264 _____ C:\Users\MVergo\Downloads\debug.log
2015-09-21 13:31 - 2015-09-21 13:32 - 04236616 _____ (Google) C:\Users\MVergo\Downloads\software_removal_tool.exe
2015-09-18 17:10 - 2015-09-18 17:48 - 00000000 ____D C:\Users\MVergo\Documents\Διπλωμα!
2015-09-17 14:31 - 2015-09-17 14:31 - 00157184 _____ C:\Users\MVergo\Downloads\Copy_of_1_VASEIS_EPILOGI_90__GEL_EPAL_HMERISIA_PANEL2015.xls
2015-09-16 20:08 - 2015-09-16 20:08 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2015-09-16 17:46 - 2015-09-16 17:46 - 01353728 _____ C:\Users\MVergo\Downloads\Faculty-presentation_GR (1).ppt
2015-09-16 17:24 - 2015-09-16 17:24 - 00000000 ____D C:\Users\MVergo\Νέος φάκελος
2015-09-16 15:52 - 2015-09-16 15:52 - 00196096 _____ C:\Users\MVergo\Downloads\enoikiazomena_2015.xls
2015-09-16 09:57 - 2015-09-16 09:58 - 22132194 _____ C:\Users\MVergo\Downloads\Six Pack Ab Workout.mp4
2015-09-15 19:06 - 2015-09-15 19:10 - 44524402 _____ C:\Users\MVergo\Downloads\namvi.net--cambridge+ielts10 (2).rar
2015-09-15 19:05 - 2015-09-15 19:10 - 44524402 _____ C:\Users\MVergo\Downloads\namvi.net--cambridge+ielts10 (1).rar
2015-09-15 19:05 - 2015-09-15 19:09 - 44524402 _____ C:\Users\MVergo\Downloads\namvi.net--cambridge+ielts10.rar
2015-09-11 13:43 - 2015-09-11 14:13 - 00000000 ____D C:\Users\MVergo\Desktop\μνημη SD
2015-09-10 22:24 - 2015-09-10 22:27 - 29293532 _____ C:\Users\MVergo\Downloads\Full Legs And Abs Workout.mp4
2015-09-10 21:49 - 2015-09-10 21:49 - 00002008 _____ C:\Users\MVergo\Desktop\Subtitle Workshop.lnk
2015-09-10 21:49 - 2015-09-10 21:49 - 00000000 ____D C:\Users\MVergo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Subtitle Workshop
2015-09-10 21:46 - 2015-09-10 21:46 - 02059818 _____ C:\Users\MVergo\Downloads\SubtitleWorkshop_6.0b_131121_installer.exe
2015-09-10 21:42 - 2015-09-10 21:42 - 00048668 _____ C:\Users\MVergo\Downloads\73245_milk-gr-720p-bluray-x264-infamous_78949.rar
2015-09-10 20:02 - 2015-09-11 12:33 - 00000000 ____D C:\Users\MVergo\Documents\Milk (2008)
2015-09-10 20:02 - 2015-09-10 20:02 - 00009911 _____ C:\Users\MVergo\Downloads\18045d47e9efb8605ab5200adff8d9b72f6dfee3.torrent
2015-09-09 18:34 - 2015-07-15 06:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-09 18:34 - 2015-07-15 05:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-09 18:33 - 2015-08-27 21:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 18:33 - 2015-08-27 21:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 18:33 - 2015-08-27 21:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-09 18:33 - 2015-08-27 21:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-09 18:33 - 2015-08-27 20:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-09 18:33 - 2015-08-27 20:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-09 18:33 - 2015-08-27 20:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-09 18:33 - 2015-08-27 20:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-09 18:33 - 2015-08-18 04:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 18:33 - 2015-08-18 04:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 18:33 - 2015-08-15 09:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 18:33 - 2015-08-15 09:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-09 18:33 - 2015-08-15 09:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 18:33 - 2015-08-15 09:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-09 18:33 - 2015-08-15 09:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-09 18:33 - 2015-08-15 09:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 18:33 - 2015-08-15 09:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 18:33 - 2015-08-15 09:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 18:33 - 2015-08-15 09:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-09 18:33 - 2015-08-15 09:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 18:33 - 2015-08-15 09:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-09 18:33 - 2015-08-15 09:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 18:33 - 2015-08-15 09:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 18:33 - 2015-08-15 09:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 18:33 - 2015-08-15 09:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-09 18:33 - 2015-08-15 09:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-09 18:33 - 2015-08-15 09:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-09 18:33 - 2015-08-15 09:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 18:33 - 2015-08-15 08:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 18:33 - 2015-08-15 08:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-09 18:33 - 2015-08-15 08:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 18:33 - 2015-08-15 08:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 18:33 - 2015-08-15 08:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-09 18:33 - 2015-08-15 08:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 18:33 - 2015-08-15 08:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 18:33 - 2015-08-15 08:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-09 18:33 - 2015-08-15 08:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-09 18:33 - 2015-08-15 08:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 18:33 - 2015-08-15 08:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-09 18:33 - 2015-08-15 08:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-09 18:33 - 2015-08-15 08:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 18:33 - 2015-08-15 08:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-09 18:33 - 2015-08-15 08:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-09 18:33 - 2015-08-15 08:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-09 18:33 - 2015-08-15 08:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 18:33 - 2015-08-15 08:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-09 18:33 - 2015-08-15 08:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-09 18:33 - 2015-08-15 08:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 18:33 - 2015-08-15 08:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 18:33 - 2015-08-15 08:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 18:33 - 2015-08-15 08:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-09 18:33 - 2015-08-15 08:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-09 18:33 - 2015-08-15 08:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 18:33 - 2015-08-15 08:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-09 18:33 - 2015-08-15 08:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-09 18:33 - 2015-08-15 08:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-09 18:33 - 2015-08-15 08:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-09 18:33 - 2015-08-15 08:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 18:33 - 2015-08-15 08:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 18:33 - 2015-08-15 08:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 18:33 - 2015-08-15 08:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 18:33 - 2015-08-15 08:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 18:33 - 2015-08-15 08:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-09 18:33 - 2015-08-15 07:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 18:33 - 2015-08-15 07:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 18:33 - 2015-08-15 07:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 18:33 - 2015-08-15 07:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 18:33 - 2015-08-15 07:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 18:33 - 2015-08-05 20:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 18:33 - 2015-08-05 20:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-09 18:33 - 2015-08-05 20:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 18:32 - 2015-08-05 20:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 18:30 - 2015-07-23 03:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-09 18:30 - 2015-07-23 03:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-09 18:30 - 2015-07-23 03:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-09 18:30 - 2015-07-23 03:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-09 18:30 - 2015-07-23 03:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-09 18:30 - 2015-07-23 03:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-09 18:30 - 2015-07-23 03:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-09 18:30 - 2015-07-23 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-09 18:30 - 2015-07-23 03:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-09 18:30 - 2015-07-23 03:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-09 18:30 - 2015-07-23 03:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-09 18:30 - 2015-07-23 03:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-09 18:30 - 2015-07-23 03:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-09 18:30 - 2015-07-23 03:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-09 18:30 - 2015-07-23 02:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 18:30 - 2015-07-23 02:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 18:30 - 2015-07-23 02:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 18:30 - 2015-07-23 02:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 18:30 - 2015-07-23 02:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 18:30 - 2015-07-23 02:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 18:30 - 2015-07-23 02:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 18:30 - 2015-07-23 02:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 18:30 - 2015-07-23 02:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 18:30 - 2015-07-23 02:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 18:30 - 2015-07-23 02:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 18:30 - 2015-07-23 02:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 18:30 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 18:30 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 18:30 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 18:30 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 18:30 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 18:30 - 2015-07-22 20:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-09 18:30 - 2015-07-22 20:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-09 18:30 - 2015-07-22 20:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-09 18:30 - 2015-07-22 20:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-09 18:30 - 2015-07-22 20:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-09 18:30 - 2015-07-22 20:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-09 18:30 - 2015-07-22 20:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-09 18:30 - 2015-07-22 20:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-09 18:30 - 2015-07-22 20:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-09 18:30 - 2015-07-22 20:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-09 18:30 - 2015-07-22 20:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-09 18:30 - 2015-07-22 20:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-09 18:30 - 2015-07-22 20:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-09 18:30 - 2015-07-22 20:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-09 18:30 - 2015-07-22 20:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-09 18:30 - 2015-07-22 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-09 18:30 - 2015-07-22 20:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-09 18:30 - 2015-07-22 20:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-09 18:30 - 2015-07-22 20:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-09 18:30 - 2015-07-22 20:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-09 18:30 - 2015-07-22 20:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-09 18:30 - 2015-07-22 20:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-09 18:30 - 2015-07-22 20:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-09 18:30 - 2015-07-22 20:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 18:30 - 2015-07-22 20:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 18:30 - 2015-07-22 20:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 18:30 - 2015-07-22 20:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 18:30 - 2015-07-22 20:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 18:30 - 2015-07-22 20:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 18:30 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 18:30 - 2015-07-22 19:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 18:30 - 2015-07-22 19:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-09 18:30 - 2015-07-22 19:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-09 18:30 - 2015-07-22 19:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-09 18:30 - 2015-07-22 19:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 18:30 - 2015-07-22 19:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 18:30 - 2015-07-22 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 18:30 - 2015-07-09 20:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-09 18:30 - 2015-07-09 20:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-09 18:30 - 2015-07-09 20:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-09 18:30 - 2015-07-09 20:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-09 18:29 - 2015-07-23 02:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-09 18:29 - 2015-07-23 02:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-09 18:29 - 2015-07-23 02:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-09 18:29 - 2015-07-23 02:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 18:29 - 2015-07-23 02:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 18:29 - 2015-07-23 02:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 18:29 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 18:29 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 18:29 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 18:29 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 18:29 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 18:29 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 18:29 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 18:29 - 2015-07-23 02:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 18:29 - 2015-07-23 02:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-09 18:29 - 2015-07-22 20:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-09 18:29 - 2015-07-22 20:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 18:29 - 2015-07-22 20:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 18:29 - 2015-07-22 19:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-09 18:29 - 2015-07-22 19:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-09 18:29 - 2015-07-22 19:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 18:29 - 2015-06-25 13:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 18:29 - 2015-06-25 13:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 18:29 - 2015-06-25 13:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-09 18:29 - 2015-06-25 12:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 18:28 - 2015-09-02 06:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-09 18:28 - 2015-09-02 06:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 18:28 - 2015-09-02 06:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-09 18:28 - 2015-09-02 06:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-09 18:28 - 2015-09-02 05:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-09 18:28 - 2015-09-02 05:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 18:28 - 2015-09-02 05:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-09 18:28 - 2015-09-02 05:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-09 18:28 - 2015-09-02 04:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 18:28 - 2015-09-02 04:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 18:28 - 2015-09-02 04:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 18:28 - 2015-08-04 21:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-09 18:28 - 2015-08-04 21:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-09 18:28 - 2015-08-04 20:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-09 18:28 - 2015-08-04 20:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 18:28 - 2015-08-04 20:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 18:28 - 2015-08-04 20:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 18:28 - 2015-08-04 20:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 18:28 - 2015-08-04 20:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 18:28 - 2015-08-04 19:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-09 18:27 - 2015-08-26 21:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 18:27 - 2015-08-26 21:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 18:27 - 2015-08-26 21:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 18:27 - 2015-08-26 21:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 18:27 - 2015-08-26 21:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 18:27 - 2015-08-26 21:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-09 18:27 - 2015-08-26 21:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-09 18:27 - 2015-08-26 21:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 18:27 - 2015-08-26 21:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-09 18:27 - 2015-08-26 21:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 18:27 - 2015-08-26 21:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 18:27 - 2015-08-26 20:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 18:27 - 2015-08-26 20:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 18:27 - 2015-08-26 20:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 18:27 - 2015-08-26 20:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-09 18:27 - 2015-08-26 20:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-06 13:56 - 2015-09-06 13:56 - 00000000 ____D C:\Users\MVergo\AppData\Roaming\AMD
2015-09-06 13:54 - 2015-09-23 10:38 - 00000000 ____D C:\Users\MVergo\AppData\Roaming\ViberPC
2015-09-06 13:54 - 2015-09-07 12:20 - 00001002 _____ C:\Users\MVergo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk
2015-09-06 13:52 - 2015-09-06 13:53 - 67701008 _____ (Viber Media Inc) C:\Users\MVergo\Downloads\ViberSetup.exe
2015-09-03 09:45 - 2015-09-03 09:46 - 15239080 _____ C:\Users\MVergo\Downloads\Glary_Utilities_v5.32.0.52.exe
2015-08-26 23:17 - 2015-08-26 23:17 - 00000000 ____D C:\Users\MVergo\AppData\Local\{15D6807C-97C7-4D6D-AA86-0B31A80D360C}
2015-08-26 18:46 - 2015-08-26 18:46 - 01353728 _____ C:\Users\MVergo\Downloads\Faculty-presentation_GR.ppt
2015-08-26 18:00 - 2015-08-27 17:35 - 00000000 ____D C:\Users\MVergo\Downloads\BASEIS2015
2015-08-26 18:00 - 2015-08-26 18:00 - 00444208 _____ C:\Users\MVergo\Downloads\BASEIS2015.zip
2015-08-26 17:55 - 2015-08-26 17:55 - 00157184 _____ C:\Users\MVergo\Downloads\3VASEIS_EPILOGI_10_GEL_EPALB_2014_PANEL2015.xls
2015-08-25 22:40 - 2015-08-25 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-08-25 22:40 - 2015-08-25 22:40 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.4
2015-08-25 22:32 - 2015-08-25 22:32 - 00000000 ____D C:\Users\MVergo\Documents\My Cheat Tables
2015-08-24 18:30 - 2015-08-24 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-08-24 18:30 - 2015-08-24 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-08-24 18:29 - 2015-08-24 18:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2015-08-24 18:28 - 2015-08-24 18:28 - 00000000 ____D C:\Windows\PCHEALTH
2015-08-24 18:28 - 2015-08-24 18:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2015-08-24 18:25 - 2015-08-24 18:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2015-08-24 18:24 - 2015-08-24 18:24 - 00000000 ____D C:\Program Files\Microsoft Office
2015-08-24 18:24 - 2015-08-24 18:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-08-24 18:23 - 2015-08-24 18:23 - 00000000 ____D C:\Users\MVergo\AppData\Local\Microsoft Help
2015-08-24 18:22 - 2015-08-24 18:22 - 00000000 __RHD C:\MSOCache
2015-08-24 18:12 - 2015-08-24 18:12 - 00000000 ____D C:\Users\MVergo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoodGameEmpire
2015-08-24 18:12 - 2015-08-24 18:12 - 00000000 ____D C:\Users\MVergo\AppData\Roaming\GoodGameEmpire
2015-08-24 18:12 - 2015-08-24 18:12 - 00000000 ____D C:\Users\MVergo\AppData\Local\GGEmpire
2015-08-24 14:12 - 2015-08-24 14:12 - 00000000 ____D C:\Users\MVergo\Documents\Witcher 2_RU.EN.PL_[R.G. Catalyst]
2015-08-24 14:12 - 2015-08-24 14:12 - 00000000 ____D C:\Users\MVergo\Documents\Dragon Age Inquisition PC full game + DLC ^^nosTEAM^^
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-23 22:25 - 2011-09-09 20:23 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-09-23 22:19 - 2012-04-14 00:03 - 00001198 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3415790977-1989096255-3140653802-1001UA.job
2015-09-23 22:05 - 2012-03-31 17:10 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-23 21:36 - 2011-07-09 01:24 - 01051907 _____ C:\Windows\WindowsUpdate.log
2015-09-23 21:30 - 2011-11-08 22:20 - 00001232 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3415790977-1989096255-3140653802-1001UA.job
2015-09-23 21:01 - 2011-11-04 21:54 - 00000000 ____D C:\Games
2015-09-23 20:35 - 2011-09-01 04:22 - 00000000 ___RD C:\Users\MVergo\Desktop\PC games
2015-09-23 20:34 - 2015-08-18 14:39 - 00000000 ____D C:\Program Files (x86)\Dragon Age Inquisition
2015-09-23 20:31 - 2012-12-02 20:06 - 00000000 ____D C:\Users\MVergo\AppData\Roaming\Origin
2015-09-23 20:20 - 2009-07-14 07:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-23 20:20 - 2009-07-14 07:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-23 18:09 - 2015-08-09 12:20 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2015-09-23 17:57 - 2012-09-22 11:42 - 00000360 ____H C:\Windows\Tasks\GBoxUpdaterTask{A00D7BE0-AAAB-4B22-AA17-3D5AF40AD28E}.job
2015-09-23 17:57 - 2011-09-30 21:12 - 00000412 _____ C:\Windows\Tasks\PC Optimizer Pro64 startups.job
2015-09-23 17:56 - 2015-03-10 13:28 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2015-09-23 17:56 - 2012-01-21 00:07 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job
2015-09-23 17:56 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-23 10:47 - 2015-08-13 13:19 - 00002788 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-09-23 00:53 - 2011-10-19 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free YouTube Downloader
2015-09-23 00:53 - 2011-10-17 14:37 - 00000000 ____D C:\Users\MVergo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet2
2015-09-23 00:30 - 2011-11-08 22:20 - 00001210 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3415790977-1989096255-3140653802-1001Core.job
2015-09-23 00:24 - 2011-10-15 16:33 - 00000000 ____D C:\Users\MVergo\AppData\Local\MediaGet2
2015-09-22 22:59 - 2015-07-14 17:47 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-22 22:59 - 2015-07-14 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-22 22:59 - 2015-07-14 17:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-22 22:53 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\NDF
2015-09-22 22:08 - 2011-08-31 01:48 - 00000000 ____D C:\Users\MVergo
2015-09-22 21:32 - 2015-05-29 16:41 - 00004496 _____ C:\Windows\Tasks\45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-3.job
2015-09-22 21:32 - 2015-05-29 16:41 - 00002114 _____ C:\Windows\Tasks\45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-10_user.job
2015-09-21 19:54 - 2012-04-10 21:16 - 00000000 ____D C:\Users\MVergo\AppData\Roaming\vlc
2015-09-21 19:49 - 2015-05-29 16:42 - 00002096 _____ C:\Windows\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-10_user.job
2015-09-21 19:44 - 2015-05-29 16:44 - 00003122 _____ C:\Windows\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-1-6.job
2015-09-21 19:43 - 2015-05-29 16:43 - 00005846 _____ C:\Windows\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-6.job
2015-09-21 19:43 - 2015-05-29 16:43 - 00005520 _____ C:\Windows\Tasks\45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-6.job
2015-09-21 16:44 - 2015-05-29 16:44 - 00003458 _____ C:\Windows\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-1-7.job
2015-09-21 16:44 - 2015-05-29 16:44 - 00002430 _____ C:\Windows\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-5_user.job
2015-09-21 16:44 - 2015-05-29 16:44 - 00002430 _____ C:\Windows\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-5.job
2015-09-21 16:43 - 2015-05-29 16:43 - 00005502 _____ C:\Windows\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-7.job
2015-09-21 16:43 - 2015-05-29 16:43 - 00004478 _____ C:\Windows\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-3.job
2015-09-21 16:43 - 2015-05-29 16:43 - 00004142 _____ C:\Windows\Tasks\9960a1b8-6246-4ded-9db5-1907f0a406f4-4.job
2015-09-21 16:43 - 2015-05-29 16:42 - 00005184 _____ C:\Windows\Tasks\45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-7.job
2015-09-21 15:21 - 2012-04-14 00:03 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3415790977-1989096255-3140653802-1001Core.job
2015-09-21 13:32 - 2012-01-30 20:34 - 00000000 ____D C:\Users\MVergo\AppData\Local\Google
2015-09-16 22:31 - 2009-07-14 07:45 - 00030720 _____ C:\Windows\system32\umstartup.etl
2015-09-16 15:14 - 2012-04-14 00:03 - 00004170 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3415790977-1989096255-3140653802-1001UA
2015-09-16 15:14 - 2012-04-14 00:03 - 00003774 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3415790977-1989096255-3140653802-1001Core
2015-09-16 15:02 - 2015-04-06 12:46 - 00000000 ___SD C:\Windows\system32\GWX
2015-09-16 15:02 - 2012-04-14 00:04 - 00000000 ____D C:\Users\MVergo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-16 15:02 - 2011-09-30 21:09 - 00000000 ____D C:\Users\MVergo\AppData\Roaming\FinalTorrent
2015-09-16 15:02 - 2011-09-15 18:03 - 00000000 ____D C:\Users\MVergo\AppData\Roaming\Skype
2015-09-16 15:02 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\registration
2015-09-13 19:53 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\rescache
2015-09-11 00:47 - 2010-11-21 13:05 - 00607056 _____ C:\Windows\system32\perfh008.dat
2015-09-11 00:47 - 2010-11-21 13:05 - 00111252 _____ C:\Windows\system32\perfc008.dat
2015-09-11 00:47 - 2009-07-14 08:13 - 01490208 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-10 15:13 - 2009-07-14 07:45 - 00490152 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-10 15:11 - 2011-07-09 08:51 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 15:11 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-09 22:38 - 2013-08-14 23:49 - 00000000 ____D C:\Windows\system32\MRT
2015-09-09 22:20 - 2011-08-31 12:35 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-07 18:19 - 2015-08-16 12:33 - 00000000 ____D C:\Users\MVergo\Documents\The L Word Complete (Season 1 to 6)
2015-09-03 09:49 - 2015-08-09 12:20 - 00003304 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2015-09-03 09:49 - 2015-08-09 12:20 - 00002968 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2015-09-03 09:49 - 2015-08-09 12:20 - 00001098 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-08-30 23:05 - 2011-12-11 17:48 - 00000000 ____D C:\Users\MVergo\AppData\Local\NFS Underground 2
2015-08-30 18:43 - 2015-07-14 22:10 - 00000000 ____D C:\Program Files\AMD
2015-08-27 12:36 - 2015-07-10 19:53 - 00000000 ___HD C:\$Windows.~BT
2015-08-27 12:19 - 2011-02-15 23:13 - 00000000 ____D C:\Windows\panther
2015-08-26 23:17 - 2011-09-12 18:07 - 00000000 ____D C:\Users\MVergo\Tracing
2015-08-26 18:37 - 2011-09-09 19:19 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-25 18:27 - 2012-12-23 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2015-08-25 18:27 - 2009-07-14 08:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-25 18:23 - 2011-09-01 02:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2015-08-25 18:23 - 2011-09-01 02:20 - 00000000 ____D C:\Program Files (x86)\THQ
2015-08-25 18:23 - 2011-07-09 01:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-25 18:21 - 2012-02-29 23:16 - 00000000 ____D C:\Program Files (x86)\EA GAMES
2015-08-25 18:20 - 2012-01-27 15:25 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2015-08-25 18:12 - 2013-04-21 21:41 - 00000000 ____D C:\Program Files (x86)\Aimersoft
2015-08-24 18:53 - 2011-08-31 01:48 - 00148952 _____ C:\Users\MVergo\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-24 18:29 - 2011-07-09 08:51 - 00000000 ____D C:\Windows\ShellNew
2015-08-24 18:29 - 2009-07-14 08:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-24 18:28 - 2012-01-02 21:12 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-08-24 18:28 - 2011-07-09 01:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-08-24 18:26 - 2009-07-14 06:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-08-24 18:24 - 2009-07-14 05:34 - 00000545 _____ C:\Windows\win.ini
2015-08-24 18:07 - 2011-08-31 12:34 - 00000000 ____D C:\Users\MVergo\AppData\Roaming\SoftGrid Client
 
==================== Files in the root of some directories =======
 
2015-08-18 15:06 - 2014-12-13 18:49 - 0000226 _____ () C:\Program Files (x86)\update-DragonAgeInc.bat
2015-08-18 15:06 - 2013-11-06 13:28 - 0000732 _____ () C:\Program Files (x86)\visit-www.nosteam.ro.html
2012-04-24 21:42 - 2011-09-16 15:12 - 0143240 _____ (Ask.com) C:\Program Files (x86)\Common Files\ApnStub.exe
2012-04-24 21:42 - 2011-09-16 15:12 - 3623592 _____ (Ask) C:\Program Files (x86)\Common Files\ApnToolbarInstaller.exe
2012-08-29 20:22 - 2012-09-01 09:58 - 0000374 _____ () C:\Users\MVergo\AppData\Roaming\burnaware.ini
2014-04-06 21:37 - 2014-04-06 22:03 - 0138684 _____ () C:\Users\MVergo\AppData\Roaming\ICARE.LOG
2013-12-01 16:31 - 2014-02-14 17:12 - 0099384 _____ () C:\Users\MVergo\AppData\Roaming\inst.exe
2013-03-08 23:39 - 2013-06-16 20:02 - 0000053 _____ () C:\Users\MVergo\AppData\Roaming\mbam.context.scan
2013-12-01 16:31 - 2014-02-14 17:12 - 0007859 _____ () C:\Users\MVergo\AppData\Roaming\pcouffin.cat
2013-12-01 16:31 - 2014-02-14 17:12 - 0001167 _____ () C:\Users\MVergo\AppData\Roaming\pcouffin.inf
2013-12-01 16:31 - 2014-02-14 17:12 - 0000055 _____ () C:\Users\MVergo\AppData\Roaming\pcouffin.log
2013-12-01 16:31 - 2014-02-14 17:12 - 0082816 _____ (VSO Software) C:\Users\MVergo\AppData\Roaming\pcouffin.sys
2015-08-27 17:33 - 2015-08-27 17:33 - 0017465 _____ () C:\Users\MVergo\AppData\Roaming\UserTile.png
2012-11-04 21:45 - 2012-11-04 21:46 - 0001189 _____ () C:\Users\MVergo\AppData\Roaming\vso_ts_preview.xml
2012-02-04 14:33 - 2012-02-04 14:33 - 0004096 ____H () C:\Users\MVergo\AppData\Local\keyfile3.drm
2013-01-08 18:26 - 2015-06-17 17:37 - 0007598 _____ () C:\Users\MVergo\AppData\Local\Resmon.ResmonCfg
2012-12-29 17:11 - 2012-12-30 23:07 - 0828671 ____N () C:\Users\MVergo\AppData\Local\Tempmusic.ogg
2011-11-08 23:11 - 2011-11-08 23:11 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-09-16 21:36 - 2015-07-07 12:16 - 0007168 _____ () C:\ProgramData\hpzinstall.log
2011-10-19 18:07 - 2010-05-20 12:05 - 0025214 _____ () C:\ProgramData\QuickStores.ico
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-09-21 17:32
 
==================== End of FRST.txt ============================


#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:08 PM

Posted 23 September 2015 - 03:16 PM

 

keep directing me to a yahoo search page. what  caught my attention was that the "https" had a red X on it.

 

Please post a screenshot of it.

 

 

If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#7 demy31

demy31
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:08 PM

Posted 23 September 2015 - 03:43 PM

strangely, the issue that i have somehow is solved by itself. should i be worried? from what i remember the "http" had a red line over it.  if this helps, before the broswer issue , whenever i entered  random sites ,thousands of ads were popping into my screen. i have anti virus and adblock installed on chrome.    



#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:08 PM

Posted 23 September 2015 - 03:54 PM


Step 1

Scan with adwcleaner.png AdwCleaner (by Xplode).

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.

Step 2

v21logo.PNG

Scan with Malwarebytes Anti-Malware.

  • Please open Malwarebytes Anti-Malware and update the database.
  • Click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt:
    m21p.png
  • Click on "Remove Selected" [5].
  • Then click "Save Results" [6] and select
    m21p4.png
  • Return to our forum. Paste your log into your next reply and then click Finish [7].

mbamv21.gif

Step 3

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:

settings.png

  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed, click on Finish.
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.

esetlog.png

Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif

 


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 demy31

demy31
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:08 PM

Posted 23 September 2015 - 05:13 PM

# AdwCleaner v5.008 - Logfile created 24/09/2015 at 00:01:12
# Updated 18/09/2015 by Xplode
# Database : 2015-09-23.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : MVergo - VITTO
# Running from : C:\Users\MVergo\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Program Files (x86)\FinalTorrent
[-] Folder Deleted : C:\Program Files (x86)\GreenTree Applications
[-] Folder Deleted : C:\Program Files (x86)\uNeisaaleuS
[-] Folder Deleted : C:\Program Files (x86)\unisalEES
[-] Folder Deleted : C:\Program Files (x86)\Cinem Plus 2.4cV29.05
[-] Folder Deleted : C:\Program Files (x86)\Common Files\ParetoLogic
[-] Folder Deleted : C:\ProgramData\ParetoLogic
[-] Folder Deleted : C:\ProgramData\{3bef50a5-6020-f3cd-3bef-f50a56024295}
[-] Folder Deleted : C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalTorrent
[-] Folder Deleted : C:\Users\MVergo\AppData\Local\Media Get LLC
[-] Folder Deleted : C:\Users\MVergo\AppData\Local\MediaGet2
[-] Folder Deleted : C:\Users\MVergo\AppData\Roaming\FinalTorrent
[-] Folder Deleted : C:\Users\MVergo\AppData\Roaming\Media Get LLC
[-] Folder Deleted : C:\Users\MVergo\AppData\Roaming\ParetoLogic
[-] Folder Deleted : C:\Users\MVergo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet2
[#] Folder Deleted : C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[#] Folder Deleted : C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\OneClickDownload@OneClickDownload.com.xpi
[-] Folder Deleted : C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\WebSiteRecommendation@weliketheweb.com
[-] Folder Deleted : C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com
[!] Folder Not Deleted : C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com
[-] Folder Deleted : C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\505d7a927a07c@505d7a927a0b5.com
[-] Folder Deleted : C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\km4EAT@n8T4.edu
[-] Folder Deleted : C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\QjhpyC@82W.edu
[!] Folder Not Deleted : C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\FileTypeAssistant
 
***** [ Files ] *****
 
[-] File Deleted : C:\END
[-] File Deleted : C:\user.js
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo.xml
[-] File Deleted : C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\akaelkiagnbfcccfnmbimdbplecgbikh
[-] File Deleted : C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gegdfeiahlfolhcfioipjlkombmgbakh
[-] File Deleted : C:\Users\MVergo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet.lnk
[-] File Deleted : C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\OneClickDownload@OneClickDownload.com.xpi
[-] File Deleted : C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\invalidprefs.js
[-] File Deleted : C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\user.js
 
***** [ Shortcuts ] *****
 
[-] Shortcut Disinfected : C:\Users\MVergo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoodGameEmpire\GoodGameEmpire.lnk
[-] Shortcut Disinfected : C:\Users\MVergo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GoodGameEmpire.lnk
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : GoodGameEmpire W1
[-] Task Deleted : GoodGameEmpire W2
[-] Task Deleted : paretologic registration3
[-] Task Deleted : Your File Updater
[-] Task Deleted : Your File Updater
[-] Task Deleted : 45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-10_user
[-] Task Deleted : 45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-3
[-] Task Deleted : 45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-6
[-] Task Deleted : 45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-7
[-] Task Deleted : 9960a1b8-6246-4ded-9db5-1907f0a406f4-1-6
[-] Task Deleted : 9960a1b8-6246-4ded-9db5-1907f0a406f4-1-7
[-] Task Deleted : 9960a1b8-6246-4ded-9db5-1907f0a406f4-10_user
[-] Task Deleted : 9960a1b8-6246-4ded-9db5-1907f0a406f4-3
[-] Task Deleted : 9960a1b8-6246-4ded-9db5-1907f0a406f4-4
[-] Task Deleted : 9960a1b8-6246-4ded-9db5-1907f0a406f4-5
[-] Task Deleted : 9960a1b8-6246-4ded-9db5-1907f0a406f4-5_user
[-] Task Deleted : 9960a1b8-6246-4ded-9db5-1907f0a406f4-6
[-] Task Deleted : 9960a1b8-6246-4ded-9db5-1907f0a406f4-7
[-] Task Deleted : 45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-6
[-] Task Deleted : 45a8e2dd-9738-4546-8b5b-6b109b3dd6c5-7
[-] Task Deleted : 9960a1b8-6246-4ded-9db5-1907f0a406f4-1-6
[-] Task Deleted : 9960a1b8-6246-4ded-9db5-1907f0a406f4-1-7
[-] Task Deleted : 9960a1b8-6246-4ded-9db5-1907f0a406f4-10_user
[-] Task Deleted : 9960a1b8-6246-4ded-9db5-1907f0a406f4-3
[-] Task Deleted : 9960a1b8-6246-4ded-9db5-1907f0a406f4-4
[-] Task Deleted : 9960a1b8-6246-4ded-9db5-1907f0a406f4-5
[-] Task Deleted : 9960a1b8-6246-4ded-9db5-1907f0a406f4-5_user
[-] Task Deleted : 9960a1b8-6246-4ded-9db5-1907f0a406f4-6
[-] Task Deleted : 9960a1b8-6246-4ded-9db5-1907f0a406f4-7
 
***** [ Registry ] *****
 
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
[-] Key Deleted : HKCU\Software\5c4d9d1b238e814
[-] Key Deleted : HKLM\SOFTWARE\2e24abcf-f414-4523-94f0-3dcd9152fbf8
[-] Key Deleted : HKLM\SOFTWARE\a9f72941-ce70-449b-bfc5-0fdd7d2a585f
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\demmlacpnijjgliknaehpamnnbncnodb
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011431152}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{00CBB66B-1D3B-46D3-9577-323A336ACB50}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{963B125B-8B21-49A2-A3A8-E37092276531}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011431152}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}
[-] Key Deleted : HKU\.DEFAULT\Software\BrowserMngr
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\Bitberry
[-] Key Deleted : HKCU\Software\BrowserMngr
[-] Key Deleted : HKCU\Software\Media Get LLC
[-] Key Deleted : HKCU\Software\MediaGet
[-] Key Deleted : HKCU\Software\SavePass 1.1
[-] Key Deleted : HKCU\Software\yuna software
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Mp3Tube
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Smart Suggestor
[-] Key Deleted : HKLM\SOFTWARE\BrowserMngr
[-] Key Deleted : HKLM\SOFTWARE\Driver-Soft
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKLM\SOFTWARE\Uniblue
[-] Key Deleted : HKLM\SOFTWARE\Webexp Enhanced
[-] Key Deleted : HKLM\SOFTWARE\Better-Surf
[-] Key Deleted : HKLM\SOFTWARE\Avg Secure Update
[-] Key Deleted : HKLM\SOFTWARE\Cinem Plus 2.4cV29.05
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MediaGet
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Trusted Software Assistant_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius Professional Edition_is1
[!] Key Not Deleted : [x64] HKCU\Software\Bitberry
[!] Key Not Deleted : [x64] HKCU\Software\BrowserMngr
[!] Key Not Deleted : [x64] HKCU\Software\Media Get LLC
[!] Key Not Deleted : [x64] HKCU\Software\MediaGet
[!] Key Not Deleted : [x64] HKCU\Software\SavePass 1.1
[!] Key Not Deleted : [x64] HKCU\Software\yuna software
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
[-] Key Deleted : [x64] HKLM\SOFTWARE\Web Assistant
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}
[!] Key Not Deleted : HKU\S-1-5-21-3415790977-1989096255-3140653802-1001\Software\AppDataLow\Software\Mp3Tube
[!] Key Not Deleted : HKU\S-1-5-21-3415790977-1989096255-3140653802-1001\Software\AppDataLow\Software\Smart Suggestor
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\4340C4778499EED41AE496DC3D613EC6
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\4340C4778499EED41AE496DC3D613EC6
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4340C4778499EED41AE496DC3D613EC6
[-] Data Restored : HKU\S-1-5-21-3415790977-1989096255-3140653802-1001_Classes\Software\Microsoft\Internet Explorer\Main [Start Page]
 
***** [ Web browsers ] *****
 
[-] [C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\prefs.js] [Preference] Deleted : user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22deal[...]
[-] [C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\prefs.js] [Preference] Deleted : user_pref("extensions.crossrider.bic", "14ff02d6df4af435a344c026d06ccf22");
[-] [C:\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\prefs.js] [Preference] Deleted : user_pref("keyword.URL", "hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ5eAgoTFFBGbQ8OVlhcFQBGeBQABA9IDAFCJQ8OUlgXR1ASIx9aFQQTR0cFME0FB18EURNNfX5KBFgFZ1xNJA==&q={searchTerms}");
[-] [C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : websearch
[-] [C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://www.oursurfing.com/webfavicon.ico
[-] [C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : akaelkiagnbfcccfnmbimdbplecgbikh
[-] [C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : cekcjpgehmohobmdiikfnopibipmgnml
[-] [C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dhjbpmkagjlnhcmdpmbagjldaknbgnff
[-] [C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dhkplhfnhceodhffomolpfigojocbpcb
[-] [C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : eooncjejnppfjjklapaamhcdmjbilmde
[-] [C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : gegdfeiahlfolhcfioipjlkombmgbakh
[-] [C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ifohbjbgfchkkfhphahclmkpgejiplfo
[-] [C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jcdgjdiieiljkfkdcloehkohchhpekkn
[-] [C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jifflliplgeajjdhmkcfnngfpgbjonjg
[-] [C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : olakgnkoldmagdblaalodobkmeokmgjj
[-] [C:\Users\MVergo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : pmlghpafmmnmmkjdhacccolfgnkiboco
 
*************************
 
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [14029 bytes] ##########
 
 
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 09/24/2015
Scan Time: 12:31 AM
Log: l.txt
Manager: Yes
 
Version: 2.1.8.1057
Malicious Software Data Base: v2015.09.23.06
Database Rootkit: v2015.09.22.01
License: Free
Protection from Malicious Software: Off
Protection from Malicious Website: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
Processor: x64
Filesystem: NTFS
User: MVergo
 
Scan Type: Scan Threats
Result: Completed
Objects scanned: 401 169
Elapsed time: 38 min, 13 sec
 
Memory: Enabled
Start: Enabled
File system: Activated
Compressed files: Enabled
Rootkits: Enabled
Heuristic: Enabled
PII: Warning
BRF: Enabled
 
Processes: 0
(No malicious items detected)
 
Credits: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Natural Areas: 0
(No malicious items detected)
 
 
(end)


#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:08 PM

Posted 25 September 2015 - 02:57 AM

And ESET please.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 demy31

demy31
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:08 PM

Posted 25 September 2015 - 08:03 AM

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Cinem Plus 2.4cV29.05\35687988-aa62-417b-bfcf-660fc3309e65.crx.vir JS/Toolbar.Crossrider.E potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Local\MediaGet2\mediaget-admin-proxy.exe.vir Win32/MediaGet.AE potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Local\MediaGet2\mediaget.exe.vir a variant of Win32/MediaGet.AK potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\aec0dc453f44fa4b22ba99e067bbef32.js.vir JS/Toolbar.Crossrider.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\102.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\14.js.vir JS/Toolbar.Crossrider.O potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\180.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\192.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\195.js.vir JS/Toolbar.Crossrider.K potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\200.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\220.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\223.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\242.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\253.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\281.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\288.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\300.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\339.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\376.js.vir JS/Toolbar.Crossrider.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\379.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\390.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\391.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\399.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\414.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\415.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\47.js.vir JS/Toolbar.Crossrider.M potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\64.js.vir JS/Toolbar.Crossrider.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\91.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Games\Dragon Age Inquisition\3dmgame.dll a variant of Win32/Packed.VMProtect.AAA trojan
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSS.exe a variant of Win32/Systweak.L potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSHelper.dll a variant of Win32/Systweak.N potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe a variant of Win32/Systweak.L potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe a variant of Win32/Systweak potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegistryOptimizer.exe a variant of Win32/Systweak.L potentially unwanted application
C:\Program Files (x86)\Common Files\ApnStub.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Program Files (x86)\Common Files\ApnToolbarInstaller.exe Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application
C:\Program Files (x86)\NCH Software\Doxillion\doxillion.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Program Files (x86)\NCH Software\Doxillion\doxillionsetup_v1.11.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Program Files (x86)\NCH Software\Doxillion\uninst.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Program Files (x86)\NCH Software\ExpressBurn\burnsetup_v4.42.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Program Files (x86)\NCH Software\ExpressBurn\uninst.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Program Files (x86)\R.G. Mechanics\Middle Earth - Shadow of Mordor\x64\steam_api64.dll a variant of Win32/Packed.VMProtect.ABD trojan
C:\ProgramData\InstallMate\GBox\_Setupx.dll a variant of Win32/InstalleRex.U potentially unwanted application
C:\ProgramData\InstallMate\WxDFast\_Setupx.dll a variant of Win32/InstalleRex.U potentially unwanted application
C:\ProgramData\InstallMate\{297D4F64-5E05-AF98-9961-5A382D51BE19}\_Setupx.dll a variant of Win32/InstalleRex.U potentially unwanted application
C:\ProgramData\InstallMate\{ACE9FB2A-31A5-4285-9510-43F1636EAB21}\_Setupx.dll a variant of Win32/InstalleRex.U potentially unwanted application
C:\Users\All Users\InstallMate\GBox\_Setupx.dll a variant of Win32/InstalleRex.U potentially unwanted application
C:\Users\All Users\InstallMate\WxDFast\_Setupx.dll a variant of Win32/InstalleRex.U potentially unwanted application
C:\Users\All Users\InstallMate\{297D4F64-5E05-AF98-9961-5A382D51BE19}\_Setupx.dll a variant of Win32/InstalleRex.U potentially unwanted application
C:\Users\All Users\InstallMate\{ACE9FB2A-31A5-4285-9510-43F1636EAB21}\_Setupx.dll a variant of Win32/InstalleRex.U potentially unwanted application
C:\Users\MVergo\AppData\Local\GGEmpire\6B1D4331_stp\CreateShortCut.dll a variant of Win32/InstallCore.ACL potentially unwanted application
C:\Users\MVergo\AppData\Local\GGEmpire\6B1D4331_stp\TaskScheduler.dll a variant of Win32/InstallCore.ACL potentially unwanted application
C:\Users\MVergo\Videos\DivX Movies\movie_edit_pro_mx_plus_324mb_us.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Windows\Installer\b436a3.msi a variant of Win32/Systweak.L potentially unwanted application
C:\Windows\SysWOW64\Adobe\Shockwave 11\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\update[1] a variant of Win32/Toolbar.Perion.A potentially unwanted application


#12 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:08 PM

Posted 25 September 2015 - 10:11 AM

Please post the log as instructed.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#13 demy31

demy31
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:08 PM

Posted 25 September 2015 - 11:56 AM

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Cinem Plus 2.4cV29.05\35687988-aa62-417b-bfcf-660fc3309e65.crx.vir JS/Toolbar.Crossrider.E potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Local\MediaGet2\mediaget-admin-proxy.exe.vir Win32/MediaGet.AE potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Local\MediaGet2\mediaget.exe.vir a variant of Win32/MediaGet.AK potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\aec0dc453f44fa4b22ba99e067bbef32.js.vir JS/Toolbar.Crossrider.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\102.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\14.js.vir JS/Toolbar.Crossrider.O potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\180.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\192.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\195.js.vir JS/Toolbar.Crossrider.K potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\200.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\220.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\223.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\242.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\253.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\281.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\288.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\300.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\339.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\376.js.vir JS/Toolbar.Crossrider.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\379.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\390.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\391.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\399.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\414.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\415.js.vir JS/Toolbar.Crossrider.J potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\47.js.vir JS/Toolbar.Crossrider.M potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\64.js.vir JS/Toolbar.Crossrider.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\91.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\Games\Dragon Age Inquisition\3dmgame.dll a variant of Win32/Packed.VMProtect.AAA trojan
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSS.exe a variant of Win32/Systweak.L potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSHelper.dll a variant of Win32/Systweak.N potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe a variant of Win32/Systweak.L potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe a variant of Win32/Systweak potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegistryOptimizer.exe a variant of Win32/Systweak.L potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSSystemCleaner.exe a variant of Win32/Systweak.L potentially unwanted application
C:\Program Files (x86)\Cheat Engine 6.2\cheatengine-i386.exe a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application
C:\Program Files (x86)\Cheat Engine 6.2\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application
C:\Program Files (x86)\Cheat Engine 6.4\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application
C:\Program Files (x86)\Child of Light\uplay_r1.dll a variant of Win32/HackTool.Crack.DG potentially unsafe application
C:\Program Files (x86)\Common Files\ApnStub.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Program Files (x86)\Common Files\ApnToolbarInstaller.exe Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application
C:\Program Files (x86)\Microsoft Games\Fable III\paul.dll a variant of Win32/Packed.VMProtect.AAA trojan
C:\Program Files (x86)\NCH Software\Doxillion\doxillion.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Program Files (x86)\NCH Software\Doxillion\doxillionsetup_v1.11.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Program Files (x86)\NCH Software\Doxillion\uninst.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Program Files (x86)\NCH Software\ExpressBurn\burnsetup_v4.42.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Program Files (x86)\NCH Software\ExpressBurn\uninst.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Program Files (x86)\R.G. Mechanics\Middle Earth - Shadow of Mordor\x64\steam_api64.dll a variant of Win32/Packed.VMProtect.ABD trojan
C:\Program Files (x86)\The Sims 4\Game\Bin\rld.dll Win32/HackTool.Crack.CY potentially unsafe application
C:\Program Files (x86)\The Sims 4\Game\Bin\RldOrigin.dll a variant of Win32/HackTool.Crack.DK potentially unsafe application
C:\ProgramData\InstallMate\GBox\_Setupx.dll a variant of Win32/InstalleRex.U potentially unwanted application
C:\ProgramData\InstallMate\WxDFast\_Setupx.dll a variant of Win32/InstalleRex.U potentially unwanted application
C:\ProgramData\InstallMate\{297D4F64-5E05-AF98-9961-5A382D51BE19}\_Setupx.dll a variant of Win32/InstalleRex.U potentially unwanted application
C:\ProgramData\InstallMate\{ACE9FB2A-31A5-4285-9510-43F1636EAB21}\_Setupx.dll a variant of Win32/InstalleRex.U potentially unwanted application
C:\Users\All Users\InstallMate\GBox\_Setupx.dll a variant of Win32/InstalleRex.U potentially unwanted application
C:\Users\All Users\InstallMate\WxDFast\_Setupx.dll a variant of Win32/InstalleRex.U potentially unwanted application
C:\Users\All Users\InstallMate\{297D4F64-5E05-AF98-9961-5A382D51BE19}\_Setupx.dll a variant of Win32/InstalleRex.U potentially unwanted application
C:\Users\All Users\InstallMate\{ACE9FB2A-31A5-4285-9510-43F1636EAB21}\_Setupx.dll a variant of Win32/InstalleRex.U potentially unwanted application
C:\Users\MVergo\AppData\Local\GGEmpire\6B1D4331_stp\CreateShortCut.dll a variant of Win32/InstallCore.ACL potentially unwanted application
C:\Users\MVergo\AppData\Local\GGEmpire\6B1D4331_stp\TaskScheduler.dll a variant of Win32/InstallCore.ACL potentially unwanted application
C:\Users\MVergo\Desktop\PC games\games CD's\The_Sims_4_fix.rar Win32/HackTool.Crack.CY potentially unsafe application
C:\Users\MVergo\Desktop\PC games\games CD's\Dragon Age Inquisition PC full game + DLC ^^nosTEAM^^\Dragon-Age-Inquisition_nosTEAM.part1.exe a variant of Win32/Packed.VMProtect.AAA trojan
C:\Users\MVergo\Desktop\PC games\games CD's\Fable.III-SKIDROW\sr-fable3.iso a variant of Win32/Packed.VMProtect.AAA trojan
C:\Users\MVergo\Saved Games\The.Sims.4-RELOADED[rarbg]\rld-thesims4.iso Win32/HackTool.Crack.CY potentially unsafe application
C:\Users\MVergo\Saved Games\The.Sims.4-RELOADED[rarbg]\rld-thesims4\Crack\Game\Bin\RldOrigin.dll a variant of Win32/HackTool.Crack.DK potentially unsafe application
C:\Users\MVergo\Videos\DivX Movies\movie_edit_pro_mx_plus_324mb_us.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Windows\Installer\b436a3.msi a variant of Win32/Systweak.L potentially unwanted application
C:\Windows\SysWOW64\Adobe\Shockwave 11\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\update[1] a variant of Win32/Toolbar.Perion.A potentially unwanted application


#14 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:08 PM

Posted 25 September 2015 - 12:12 PM

Please read the instructions carefully.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#15 demy31

demy31
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:08 PM

Posted 26 September 2015 - 01:25 PM

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3973223aa1714c4bb2f43ec8ade85818
# end=init
# utc_time=2015-09-26 01:20:24
# local_time=2015-09-26 04:20:24 )
# country="Greece"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25955
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3973223aa1714c4bb2f43ec8ade85818
# end=updated
# utc_time=2015-09-26 01:23:25
# local_time=2015-09-26 04:23:25 )
# country="Greece"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=3973223aa1714c4bb2f43ec8ade85818
# engine=25955
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-09-26 05:50:22
# local_time=2015-09-26 08:50:22 )
# country="Greece"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Anti-Virus'
# compatibility_mode=1303 16777213 100 100 16928 70872252 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 103461 194919672 0 0
# scanned=264208
# found=72
# cleaned=0
# scan_time=16016
sh=BB90EA13CACE4669E92C63D5DCB90E64D3DC2C6E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.E potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Cinem Plus 2.4cV29.05\35687988-aa62-417b-bfcf-660fc3309e65.crx.vir"
sh=500A13FC5CBC0124B9659506F972995876A06E78 ft=1 fh=accb94a2f46f3f74 vn="Win32/MediaGet.AE potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Local\MediaGet2\mediaget-admin-proxy.exe.vir"
sh=773A72C2F1AA89CDE4E1A4566F6CE4E89473A21E ft=1 fh=06cf56926208a981 vn="a variant of Win32/MediaGet.AK potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Local\MediaGet2\mediaget.exe.vir"
sh=F45FC8DAB840A5C84AD39BAAA9A57E3456B081A2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\aec0dc453f44fa4b22ba99e067bbef32.js.vir"
sh=FA14CDEDC3BCBCB1C8B8487D47BE1E628A930503 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\102.js.vir"
sh=F4868E75E21D37FCBC9A5871B6B120EB3E4600DF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.O potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\14.js.vir"
sh=B2B184FAFB787E6C6E77543620A4E519DF7F939A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\180.js.vir"
sh=43A259C9BEE601932BE2EACEECE1149B7903F32E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\192.js.vir"
sh=73BB348077DE54C373977A1CCE42FD9735E85D29 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.K potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\195.js.vir"
sh=50D884658AF2864698AEF1BDA110A8FA04991F9E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\200.js.vir"
sh=7F504FA390554CC7079F4FC6AC8FD05412689D48 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\220.js.vir"
sh=4A456E8397DFF5CBB4FF25D8B9710C41A42AFCC3 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\223.js.vir"
sh=69F3441DAAA26144ABB42DB33386C549E9F2231D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\242.js.vir"
sh=3CA5653E6B858F15992AC689F06C8456A94B0CC7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\253.js.vir"
sh=01E3316A590F1B2D39F201C13AF06E4A915030EA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\281.js.vir"
sh=397EC598B400D3A2111C9C0EEA7D85464774BBD7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\288.js.vir"
sh=7A0B43CC3BD069AE9B149EB8F4BEEB6F097837DB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\300.js.vir"
sh=DAFE26CC2D17C59CC7CA0B0563A50C6215781167 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\339.js.vir"
sh=925709EFA09AAE6D8BEF6FBD86811F3C3993F40C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.L potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\376.js.vir"
sh=34751D4C809AC8A11AB4A1BA5ABA9814B91EAA61 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\379.js.vir"
sh=BB489C53FF0C0452B49E78ACB465EB190A856FFA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\390.js.vir"
sh=B11A64AE212C15C25C435BCE4C67235DDECCE883 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\391.js.vir"
sh=815BD5D7AA854B67472A15E7316A943FC8F1AFC8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\399.js.vir"
sh=FB9D201ADDFEDBDDE2BA21007D68C368936B2526 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\414.js.vir"
sh=576C7AC5175E2EC2FEEB89B21CCA914A4276B605 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\415.js.vir"
sh=E09BDEE66594192511CE81A0841BB11D294BFCBD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.M potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\47.js.vir"
sh=BDCFA8379825B1BC17A13BDF73B7384DE46E7C3B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.P potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\64.js.vir"
sh=025BAA951BD4042D2260D6AE0C3AFF20FC84D3AA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MVergo\AppData\Roaming\Mozilla\Firefox\Profiles\dwi5q23p.default\Extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\91.js.vir"
sh=F4F5C2F066ACD3EED11D0FBC94368E6374E11663 ft=1 fh=295a201d0f90e9d8 vn="a variant of Win32/Packed.VMProtect.AAA trojan" ac=I fn="C:\Games\Dragon Age Inquisition\3dmgame.dll"
sh=EE2D8A0C16CB4F60E07AD30BC8F4AF2D25E4FF62 ft=1 fh=c2a60ef126908cf5 vn="a variant of Win32/Systweak.L potentially unwanted application" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSS.exe"
sh=24A108C48173FDD9962F7CC3D4DB4B852D864838 ft=1 fh=0501d0dc4c9a869f vn="a variant of Win32/Systweak.N potentially unwanted application" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSHelper.dll"
sh=915239C2678EFCE5C2E45012595BEA0C050864B4 ft=1 fh=9ca6c4d86ffea4d8 vn="a variant of Win32/Systweak.L potentially unwanted application" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe"
sh=67A75BAA7A5BBB2EEEBB99D490F00F82D0BB1E09 ft=1 fh=5d5a0ac2ab2c0a85 vn="a variant of Win32/Systweak potentially unwanted application" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe"
sh=2C09414F7BCF16F3C9A358B5CCD4492EF7EEF08E ft=1 fh=5545a1a02bc092d6 vn="a variant of Win32/Systweak.L potentially unwanted application" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegistryOptimizer.exe"
sh=322DCE4CCA5EB266FFEDD900C6D628769AD18300 ft=1 fh=b3d66e50f9e4f6b1 vn="a variant of Win32/Systweak.L potentially unwanted application" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSSystemCleaner.exe"
sh=88F07DB216F388A603179649D83BF1FC9AC8CB06 ft=1 fh=b538b1f51b2210a0 vn="a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application" ac=I fn="C:\Program Files (x86)\Cheat Engine 6.2\cheatengine-i386.exe"
sh=CA3F51EC1897756636232998193325B830F22F26 ft=1 fh=3702c3e3af3ccb17 vn="a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application" ac=I fn="C:\Program Files (x86)\Cheat Engine 6.2\standalonephase1.dat"
sh=860EFD5893E4DD4E820227B7DEAD144F974456AC ft=1 fh=c0b9ed8dfe12ffb8 vn="a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application" ac=I fn="C:\Program Files (x86)\Cheat Engine 6.4\standalonephase1.dat"
sh=EFFDEBC509FC1AB459ED9FBD838250F737B5C830 ft=1 fh=1dea2d3715c941de vn="a variant of Win32/HackTool.Crack.DG potentially unsafe application" ac=I fn="C:\Program Files (x86)\Child of Light\uplay_r1.dll"
sh=FDC2005CED8ACF86C68FE1B86B0698D0539E8CE0 ft=1 fh=1aa6a68885750335 vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application" ac=I fn="C:\Program Files (x86)\Common Files\ApnStub.exe"
sh=613BDCDC4B16EB466124A549D021646EAFB70B7C ft=1 fh=9de8d346ff807dc8 vn="Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Program Files (x86)\Common Files\ApnToolbarInstaller.exe"
sh=BD3C685B5F9C5FDDBCF46DAF1C89E094C69F87B0 ft=1 fh=62591177f2e83ca9 vn="a variant of Win32/HiddenStart.A potentially unsafe application" ac=I fn="C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe"
sh=3963D8A5B82F5DD540BB1DDEE8BA5B8D9098C549 ft=1 fh=d69ca3895677d6e5 vn="a variant of Win32/HiddenStart.A potentially unsafe application" ac=I fn="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe"
sh=A898CB307186EC3EB926F562915825345681444A ft=1 fh=04d51d62ea8fa3d2 vn="a variant of Win32/Packed.VMProtect.AAA trojan" ac=I fn="C:\Program Files (x86)\Microsoft Games\Fable III\paul.dll"
sh=3A6190C86BF9A47C6423B6D3AF09D2AD930D5134 ft=1 fh=088481ccb40315b0 vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application" ac=I fn="C:\Program Files (x86)\NCH Software\Doxillion\doxillion.exe"
sh=C9309EC5F31E4F5E154EE8BC84DF3D0DCE05E06B ft=1 fh=13e9106b14807b64 vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application" ac=I fn="C:\Program Files (x86)\NCH Software\Doxillion\doxillionsetup_v1.11.exe"
sh=68D96B4F054492F75D59FE9B72A8DE51CE3B250B ft=1 fh=f2bac506b40315b0 vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application" ac=I fn="C:\Program Files (x86)\NCH Software\Doxillion\uninst.exe"
sh=1F7F59E84C3535D35FEE802A597FAD9B2EAE1BE8 ft=1 fh=0168fe9508d44e42 vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application" ac=I fn="C:\Program Files (x86)\NCH Software\ExpressBurn\burnsetup_v4.42.exe"
sh=1DFDF824BAB7A6012DD73AC8C1C330328DCF2771 ft=1 fh=195113ac20bbbd0e vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application" ac=I fn="C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe"
sh=186A61C181381DE2193B268FC47CD4532DAE7C53 ft=1 fh=e36f576620bbbd0e vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application" ac=I fn="C:\Program Files (x86)\NCH Software\ExpressBurn\uninst.exe"
sh=1060479A8BBCBAB7AEA8728B218AB333936A8013 ft=1 fh=1e00461ebe9c4dd0 vn="a variant of Win32/Packed.VMProtect.ABD trojan" ac=I fn="C:\Program Files (x86)\R.G. Mechanics\Middle Earth - Shadow of Mordor\x64\steam_api64.dll"
sh=7466A34CED7AFB538CD9C6E308B91CB2E47DB1F2 ft=1 fh=afa60ce9c35679ff vn="Win32/HackTool.Crack.CY potentially unsafe application" ac=I fn="C:\Program Files (x86)\The Sims 4\Game\Bin\rld.dll"
sh=B6DE7340890E9FE7BE83F969EFD7503CC7C2F884 ft=1 fh=6682dc372671f4dc vn="a variant of Win32/HackTool.Crack.DK potentially unsafe application" ac=I fn="C:\Program Files (x86)\The Sims 4\Game\Bin\RldOrigin.dll"
sh=16F008AD643EC9EBA6F12143AC18DA1B2B3D167F ft=1 fh=3c94803ad3c58958 vn="a variant of Win32/InstalleRex.U potentially unwanted application" ac=I fn="C:\ProgramData\InstallMate\GBox\_Setupx.dll"
sh=16F008AD643EC9EBA6F12143AC18DA1B2B3D167F ft=1 fh=3c94803ad3c58958 vn="a variant of Win32/InstalleRex.U potentially unwanted application" ac=I fn="C:\ProgramData\InstallMate\WxDFast\_Setupx.dll"
sh=AE0F68C625FE9BCCE865E5C82C660EE70AAD2DF0 ft=1 fh=c638769bf7f14310 vn="a variant of Win32/InstalleRex.U potentially unwanted application" ac=I fn="C:\ProgramData\InstallMate\{297D4F64-5E05-AF98-9961-5A382D51BE19}\_Setupx.dll"
sh=16F008AD643EC9EBA6F12143AC18DA1B2B3D167F ft=1 fh=3c94803ad3c58958 vn="a variant of Win32/InstalleRex.U potentially unwanted application" ac=I fn="C:\ProgramData\InstallMate\{ACE9FB2A-31A5-4285-9510-43F1636EAB21}\_Setupx.dll"
sh=16F008AD643EC9EBA6F12143AC18DA1B2B3D167F ft=1 fh=3c94803ad3c58958 vn="a variant of Win32/InstalleRex.U potentially unwanted application" ac=I fn="C:\Users\All Users\InstallMate\GBox\_Setupx.dll"
sh=16F008AD643EC9EBA6F12143AC18DA1B2B3D167F ft=1 fh=3c94803ad3c58958 vn="a variant of Win32/InstalleRex.U potentially unwanted application" ac=I fn="C:\Users\All Users\InstallMate\WxDFast\_Setupx.dll"
sh=AE0F68C625FE9BCCE865E5C82C660EE70AAD2DF0 ft=1 fh=c638769bf7f14310 vn="a variant of Win32/InstalleRex.U potentially unwanted application" ac=I fn="C:\Users\All Users\InstallMate\{297D4F64-5E05-AF98-9961-5A382D51BE19}\_Setupx.dll"
sh=16F008AD643EC9EBA6F12143AC18DA1B2B3D167F ft=1 fh=3c94803ad3c58958 vn="a variant of Win32/InstalleRex.U potentially unwanted application" ac=I fn="C:\Users\All Users\InstallMate\{ACE9FB2A-31A5-4285-9510-43F1636EAB21}\_Setupx.dll"
sh=AEC3934D53A51AA388A4CBDAF2FD337211F8892B ft=1 fh=4d6154421951c19a vn="a variant of Win32/InstallCore.ACL potentially unwanted application" ac=I fn="C:\Users\MVergo\AppData\Local\GGEmpire\6B1D4331_stp\CreateShortCut.dll"
sh=A5BE0C1A6877CFECACE44C10F7A77AE1925F9292 ft=1 fh=5b8d6bde69b054c1 vn="a variant of Win32/InstallCore.ACL potentially unwanted application" ac=I fn="C:\Users\MVergo\AppData\Local\GGEmpire\6B1D4331_stp\TaskScheduler.dll"
sh=445D84384912515917FF893797050C6F1914B5E8 ft=0 fh=0000000000000000 vn="Win32/HackTool.Crack.CY potentially unsafe application" ac=I fn="C:\Users\MVergo\Desktop\PC games\games CD's\The_Sims_4_fix.rar"
sh=553D11674AF84905046FF04FD47602291F6C404A ft=1 fh=b79aebe7534ee1e1 vn="a variant of Win32/Packed.VMProtect.AAA trojan" ac=I fn="C:\Users\MVergo\Desktop\PC games\games CD's\Dragon Age Inquisition PC full game + DLC ^^nosTEAM^^\Dragon-Age-Inquisition_nosTEAM.part1.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAA trojan" ac=I fn="C:\Users\MVergo\Desktop\PC games\games CD's\Fable.III-SKIDROW\sr-fable3.iso"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/HackTool.Crack.CY potentially unsafe application" ac=I fn="C:\Users\MVergo\Saved Games\The.Sims.4-RELOADED[rarbg]\rld-thesims4.iso"
sh=B6DE7340890E9FE7BE83F969EFD7503CC7C2F884 ft=1 fh=6682dc372671f4dc vn="a variant of Win32/HackTool.Crack.DK potentially unsafe application" ac=I fn="C:\Users\MVergo\Saved Games\The.Sims.4-RELOADED[rarbg]\rld-thesims4\Crack\Game\Bin\RldOrigin.dll"
sh=A198AF7611B30868049F2A6B894FCF59FD9D4981 ft=1 fh=75b9930184f923f7 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Users\MVergo\Videos\DivX Movies\movie_edit_pro_mx_plus_324mb_us.exe"
sh=79AF70E8B8608F047A59E8B73BE83B20942385CD ft=0 fh=0000000000000000 vn="a variant of Win32/Systweak.L potentially unwanted application" ac=I fn="C:\Windows\Installer\b436a3.msi"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Windows\SysWOW64\Adobe\Shockwave 11\gt.exe"
sh=BAC58CE1412A5558A9F56C42BA840E75B8AA8473 ft=1 fh=19a9219f78a1d7cf vn="a variant of Win32/Toolbar.Perion.A potentially unwanted application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\update[1]"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users