Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malware Removal [Closed]

Started by Georgekopa , Sep 20 2013 09:32 AM

  • This topic is locked This topic is locked

#16
Nutloaf
Posted 04 October 2013 - 06:16 PM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Still with me? :)
  • 0

Advertisements

#17
Georgekopa
Posted 07 October 2013 - 08:21 AM

Georgekopa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Hello.I apologize for my delay! These are the results of OTL.fix:

All processes killed
========== OTL ==========
Error: No service named PuranDefrag was found to stop!
Service\Driver key PuranDefrag not found.
File C:\Windows\SysNative\PuranDefragS.exe not found.
C:\Users\Kopas\AppData\Roaming\BSplayer\skins folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\skins folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\RealMedia splitter folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\MPEG2 decoder folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\Haali media splitter folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\Flash Video (FLV) folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\FFDShow\languages folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\FFDShow\custom matrices folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\FFDShow folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\cache folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\bslib folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\zh@Traditional\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\zh@Traditional folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\zh@Simplified\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\zh@Simplified folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\swe\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\swe folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\spa\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\spa folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\slv\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\slv folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\slo\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\slo folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\rus\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\rus folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\pt_BR\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\pt_BR folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\pol\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\pol folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\kor\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\kor folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\jpn\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\jpn folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\ita\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\ita folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\ind\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\ind folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\hun\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\hun folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\heb\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\heb folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\gre\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\gre folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\ger\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\ger folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\fre\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\fre folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\fin\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\fin folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\dut\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\dut folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\cze\LC_MESSAGES folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang\cze folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\lang folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter\doc folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO\AC3 Filter folder moved successfully.
C:\Users\Kopas\AppData\Roaming\BSplayer PRO folder moved successfully.
C:\Users\Kopas\AppData\Roaming\uTorrent folder moved successfully.
========== FILES ==========
C:\MSI\TrustedInstaller.exe moved successfully.
C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013 folder moved successfully.
C:\Users\Kopas\Downloads\Games\Pro.Evolution.Soccer.2013.Proper-RELOADED folder moved successfully.
C:\Program Files (x86)\Pando Networks\Media Booster folder moved successfully.
C:\Program Files (x86)\Pando Networks folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Kopas
->Temp folder emptied: 20529893 bytes
->Temporary Internet Files folder emptied: 1290573 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 11976443 bytes
->Google Chrome cache emptied: 364617893 bytes
->Flash cache emptied: 615 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 151200190 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 1481130 bytes

Total Files Cleaned = 526.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10032013_022808

Files\Folders moved on Reboot...
File\Folder C:\Users\Kopas\AppData\Local\Temp\etilqs_G4Na4gIvVoboyi7 not found!
File\Folder C:\Users\Kopas\AppData\Local\Temp\etilqs_tEqQWzdu5X9FgMk not found!
C:\Users\Kopas\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Kopas\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Users\Kopas\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\Kopas\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\Kopas\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\Kopas\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\Kopas\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


I downloaded avast. This found a injected file "Pro Evolution 2012" so I cleaned it too!
  • 0

#18
Nutloaf
Posted 07 October 2013 - 11:35 AM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hello to you :)

Let's see what is left to kill.


UPDATE AND RUN MALWAREBYTES

You have this installed but it needs updating

  • Open Malwarebytes select the Updates Tab - Select Check for Updates and click O.K
  • Once complete click the Scanner Tab and select Perform quick scan
  • The scan will take a few minutes. Once complete click O.K and Show Results
  • Make sure anything found is checked and click Remove Selected
  • A reboot may be needed please proceed if asked.
  • If a reboot was needed the log is automatically saved by MBAM and can be viewed by clicking the Logs Tab then Open Log I need to see this.


ESET SCAN ONLY

You will need to disable your currently installed Anti-Virus, how to do so can be read here.


IMPORTANT - Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu, Quick Launch Bar or the Taskbar and select Run as Administrator. For Taskbar right click IE then right click the IE icon that appears.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

Now use this link to run an online scan with the ESET Online Scanner

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
    then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Uncheck the Remove Found Threats box. I want to check the results first as ESET may remove a false positive :)
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you copy the logfile
  • Then click on: Finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste the log in your next reply.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


Things I want to see in your next post.

  • Malwarebytes results
  • ESET results

  • 0

#19
Georgekopa
Posted 08 October 2013 - 04:08 PM

Georgekopa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Hello!

Malwarebytes results:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Έκδοση βάσης δεδομένων: v2013.10.08.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Kopas :: KOPAS93 [διαχειριστής]

8/10/2013 6:33:00 μμ
mbam-log-2013-10-08 (18-33-00).txt

Τύπος σάρωσης: Γρήγορη σάρωση
Ενεργοποιημένες επιλογές σάρωσης: Μνήμη | Εκκίνηση | Μητρώο | Σύστημα αρχείων | Ευρετική μέθοδος/Extra | Ευρετική μέθοδος/Shuriken | PUP | PUM
Απενεργοποιημένες επιλογές σάρωσης: P2P
Αντικείμενα που σαρώθηκαν: 206453
Χρόνος που έχει διανυθεί: 8 λεπτό(ά), 17 δευτερόλεπτο(α)

Εντοπίστηκαν διεργασίες στη μνήμη: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)

Εντοπίστηκαν στοιχεία στη μνήμη: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)

Εντοπίστηκαν κλειδιά στο μητρώο: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)

Εντοπίστηκαν τιμές στο μητρώο: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)

Εντοπίστηκαν αντικείμενα δεδομένων στο μητρώο: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)

Εντοπίστηκαν φάκελοι: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)

Εντοπίστηκαν αρχεία: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)

(τέλος)

ESET results:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=dd67c022ef5e4f42aaac2577bb89512c
# engine=15302
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-09-30 03:40:30
# local_time=2013-09-30 06:40:30 )
# country="Greece"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 0 132142280 0 0
# scanned=100620
# found=2
# cleaned=0
# scan_time=22722
sh=E364ECE6E6ECB3090CB55C72CA3B17889BECA341 ft=1 fh=9f2083bc9af4e747 vn="a variant of Win32/Injector.AIHW trojan" ac=I fn="C:\MSI\TrustedInstaller.exe"
sh=DFA2D94780339523D9B6A9745DDFA9F9BEC2137F ft=1 fh=933b1092124112c9 vn="Win32/HackTool.Crack.BB application" ac=I fn="C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\rld.dll"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=dd67c022ef5e4f42aaac2577bb89512c
# engine=15320
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-10-01 05:55:32
# local_time=2013-10-01 08:55:32 )
# country="Greece"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 0 132279982 0 0
# scanned=1123656
# found=6
# cleaned=0
# scan_time=23253
sh=E364ECE6E6ECB3090CB55C72CA3B17889BECA341 ft=1 fh=9f2083bc9af4e747 vn="a variant of Win32/Injector.AIHW trojan" ac=I fn="C:\MSI\TrustedInstaller.exe"
sh=DFA2D94780339523D9B6A9745DDFA9F9BEC2137F ft=1 fh=933b1092124112c9 vn="Win32/HackTool.Crack.BB application" ac=I fn="C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\rld.dll"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/HackTool.Crack.BB application" ac=I fn="C:\Users\Kopas\Downloads\Games\Pro.Evolution.Soccer.2013.Proper-RELOADED\rld-pes2013.iso"
sh=AB01DF83F3E294AB679038FF086A302F540FF755 ft=1 fh=310156a22f800899 vn="a variant of Win32/Toolbar.Babylon.C application" ac=I fn="C:\_OTL\MovedFiles\09252013_184706\C_Users\Kopas\downloads\Efarmoges\Geekstogo\PuranDefragFreeSetup.exe"
sh=56E4531E58A508B45C43A813DC4DA578DB231886 ft=1 fh=fe40d461b3d99c4c vn="a variant of MSIL/HackKMS.A application" ac=I fn="C:\_OTL\MovedFiles\09252013_184706\C_Users\Kopas\downloads\Efarmoges\Microsoft® Office Pro 2010 With Toolkit and EZ-Activator 2.01 [h33t.com] Full\Office 2010 Toolkit.exe"
sh=19796AC04A61707B547E9436682CF0B2D6DF082B ft=0 fh=0000000000000000 vn="a variant of MSIL/HackKMS.A application" ac=I fn="C:\_OTL\MovedFiles\09252013_184706\C_Users\Kopas\downloads\Efarmoges\Microsoft® Office Pro 2010 With Toolkit and EZ-Activator 2.01 [h33t.com] Full\Office 2010 Toolkit and EZ-Activator 2.01\OTK2010V201.zip"
  • 0

#20
Nutloaf
Posted 08 October 2013 - 04:26 PM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013 - Have you installed this program again?
  • 0

#21
Georgekopa
Posted 09 October 2013 - 03:06 AM

Georgekopa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
konami.png
This is a print screen of the file "Konami"
There is not file Pro Evolution Soccer 2013.
I have also Pes 2012 and 2014 but I think that you did not tell me to unistall them too!
  • 0

#22
Nutloaf
Posted 09 October 2013 - 12:03 PM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
They are probably both cracked games. Illegal. I can't be 100% about these files. You started this topic with an illegal license for ESET. I informed you about crack files.

It is then discovered that Pro Soccer 2013 is also illegal. This has returned along with the infections.

1. This service is provided to you, without charge, by people who volunteer their own time to help.

2. There is an implied trust that you will respect that donated time, and provide all the information possible to bring the dialog to a successful conclusion.

3. If false information is provided, that trust is violated, and no further help will be given.

I suggest you remove all the illegal software from this machine and start over. I am asking for this topic to be closed.

Regards Nutloaf.
  • 0

#23
Georgekopa
Posted 09 October 2013 - 04:14 PM

Georgekopa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
I want to inform you that I am not the only user in this pc.Of course I respect the time that you offer for my topic and I thank you very much.As you see I want to unistall everything might infect my pc and is illegal but I am not in position to know all the programms that are illegal installed in this pc. You also saw that I follow your instructions and unistall everything you told me. This is the reason that I told you that you did not tell me to unistall the other files. If the are infected I will unistall them without second thought.

Regards Georgekopa
  • 0

#24
Nutloaf
Posted 09 October 2013 - 04:48 PM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Fair Play :)

I can only go by the person who presents themselves to me. I see a user and illegal files, you didn't state that you were not responsible for these programs, but they are on your account

\Users\Kopas\Downloads\Games\Pro.Evolution.Soccer.2013.Proper-RELOADED

I will of course clean this machine if the illegal software is uninstalled. This software is the reason for your infections, there is a direct link to it in the scans.

Another good reason for your problems, is the way in which this type of software is obtained - uTorrent

I will go over the whole topic again and list all the software I suspect as being cracked and get back to you. Ask whoever else uses this machine to come clean as well. It will be worth it as your PC will function as it should.
  • 0

#25
Nutloaf
Posted 10 October 2013 - 01:39 PM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Awaiting Clearance for next post :thumbsup:
  • 0

Advertisements

#26
Nutloaf
Posted 10 October 2013 - 04:29 PM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hi there let's start over :)

1. Uninstall

  • Click Start then select Control Panel
  • In control panel click Uninstall a Program or Programs and Features and uninstall the following:
  • Pro Evolution Soccer 2012
  • Pro Evolution Soccer 2013
  • Pro Evolution Soccer 2014
  • Microsoft Office Professional Plus 2010 - This program has 2 entries in uninstalls.
  • Microsoft Office Professional Plus 2010
  • Virtual DJ Pro Full - Atomix Productions - Is this legit? If not also remove.

OTL Scan

  • Right click the OTL icon and select Run as Administrator.
  • Select the following boxes:
  • Scan All Users
  • Use Company-Name WhiteList
  • Skip Microsoft Files
  • Use No-Company-Name WhiteList
  • LOP Check
  • Purity Check
  • In the Extra Registry box select Use Safe List
  • Now Click Run Scan
  • OTL will now scan your computer and produce 2 log files. OTL.txt and Extras.txt.
  • Post both in your next reply

CKScanner

I have provided a link in case you removed this program.

  • Using this link Download CKScanner and Save it to your desktop.
  • Please run the program once only.
  • Right click the CKScanner icon and "Run as administrator" (XP users - Doubleclick the icon)
  • Click Search For Files.
  • When the circle cursor (hourglass) disappears, click Save List To File.
  • The file will be saved to your Desktop.
  • Copy and paste CKFiles.txt in your next reply.


Things I want to see in your next post.

  • OTL.txt
  • Extras.txt
  • CKFiles.txt

  • 0

#27
Georgekopa
Posted 13 October 2013 - 07:42 AM

Georgekopa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Hello :thumbsup:

So let's start. I unistalled Pro 2012,2013,2014, Microsoft Office Professional Plus 2010(but only one entry that i found) and Virtual DJ Pro Full(here i would like to say that i unistalled this but there is again in Control Panel. When I try to unistall it again a message saing "Could not open INSTALL.LOG.file" appear)!
These are the results of OTL.txt

OTL logfile created on: 10/13/2013 4:25:15 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kopas\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: Ελλάδα | Language: ELL | Date Format: d/M/yyyy

5.94 Gb Total Physical Memory | 3.30 Gb Available Physical Memory | 55.53% Memory free
11.87 Gb Paging File | 8.76 Gb Available in Paging File | 73.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 580.57 Gb Total Space | 331.95 Gb Free Space | 57.18% Space Free | Partition Type: NTFS
Drive D: | 5.79 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 3.73 Gb Total Space | 0.52 Gb Free Space | 13.83% Space Free | Partition Type: NTFS

Computer Name: KOPAS93 | User Name: Kopas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/25 18:52:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kopas\Desktop\OTL.exe
PRC - [2013/08/30 10:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/08/30 10:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/05/28 18:20:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/25 03:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\Kopas\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/08/02 10:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2011/03/25 08:55:00 | 000,020,549 | ---- | M] (Apache Software Foundation) -- C:\OrangeHRM\2.6.12.1\apache\bin\httpd.exe
PRC - [2011/03/25 08:54:42 | 008,133,120 | ---- | M] () -- C:\OrangeHRM\2.6.12.1\mysql\bin\mysqld.exe
PRC - [2009/10/29 14:47:34 | 000,419,112 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2009/10/23 06:34:56 | 000,200,488 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2009/10/22 05:53:42 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2009/10/07 10:49:50 | 001,157,640 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009/09/30 15:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 15:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/09/24 05:37:56 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009/09/24 05:37:44 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009/09/23 17:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
PRC - [2009/09/10 16:42:46 | 000,305,448 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
PRC - [2009/09/10 16:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009/09/05 11:17:56 | 003,450,368 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
PRC - [2009/09/05 11:17:52 | 003,567,616 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
PRC - [2009/09/05 11:17:50 | 004,191,232 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe
PRC - [2009/09/05 11:17:40 | 003,358,720 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
PRC - [2009/08/28 12:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009/08/07 16:29:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/08/07 16:29:36 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009/08/04 08:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009/07/11 02:18:18 | 000,708,608 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
PRC - [2009/07/10 13:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2009/07/04 05:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2008/07/30 06:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
PRC - [2007/04/20 16:55:58 | 000,258,048 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\TotalMedia 3\TMMonitor.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/13 03:19:33 | 013,584,776 | ---- | M] () -- C:\Users\Kopas\AppData\Local\Google\Chrome\User Data\PepperFlash\11.9.900.117\pepflashplayer.dll
MOD - [2013/10/03 09:03:05 | 000,415,184 | ---- | M] () -- C:\Users\Kopas\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
MOD - [2013/10/03 09:03:03 | 004,055,504 | ---- | M] () -- C:\Users\Kopas\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll
MOD - [2013/10/03 09:02:12 | 000,698,832 | ---- | M] () -- C:\Users\Kopas\AppData\Local\Google\Chrome\Application\30.0.1599.69\libglesv2.dll
MOD - [2013/10/03 09:02:11 | 000,099,792 | ---- | M] () -- C:\Users\Kopas\AppData\Local\Google\Chrome\Application\30.0.1599.69\libegl.dll
MOD - [2013/10/03 09:02:09 | 001,604,560 | ---- | M] () -- C:\Users\Kopas\AppData\Local\Google\Chrome\Application\30.0.1599.69\ffmpegsumo.dll
MOD - [2013/03/13 23:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Kopas\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012/11/14 02:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Kopas\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2009/07/14 04:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2009/02/03 04:33:56 | 000,460,199 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2008/07/30 06:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007/09/02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll
MOD - [2006/01/06 15:51:00 | 000,266,303 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\TotalMedia 3\magengin.dll
MOD - [2005/08/05 17:24:00 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\TotalMedia 3\uPiApi.dll
MOD - [2004/12/14 13:00:00 | 000,430,080 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\TotalMedia 3\fpxlib.dll
MOD - [2004/12/01 18:21:22 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\TotalMedia 3\kgl.dll


========== Services (SafeList) ==========

SRV - [2013/09/24 17:22:25 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/28 18:20:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/02/04 18:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012/09/12 14:21:54 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/03/25 08:55:00 | 000,020,549 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\OrangeHRM\2.6.12.1\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2011/03/25 08:54:42 | 008,133,120 | ---- | M] () [Auto | Running] -- C:\OrangeHRM\2.6.12.1\mysql\bin\mysqld.exe -- (mysql)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/30 15:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 15:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/09/24 05:37:56 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/09/10 16:42:46 | 000,305,448 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/09/05 11:17:56 | 003,450,368 | ---- | M] (Egis Technology Inc.) [Auto | Running] -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2009/08/28 12:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/08/07 16:29:36 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)
SRV - [2009/07/10 13:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009/06/11 00:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV - [2009/10/22 05:54:22 | 000,146,928 | ---- | M] (CyberLink Corp.) [2009/12/31 04:38:25] [Kernel | Auto | Running] -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2009/07/14 04:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/03/26 06:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\DKbFltr.sys -- (DKbFltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1720886877-3019773777-2494609800-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...14z195t4992d35n
IE - HKU\S-1-5-21-1720886877-3019773777-2494609800-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-1720886877-3019773777-2494609800-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1720886877-3019773777-2494609800-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...1I7ACAW_elGR447
IE - HKU\S-1-5-21-1720886877-3019773777-2494609800-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..extensions.enabledAddons: [email protected]:2.3
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:4.2.1.9
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Kopas\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kopas\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kopas\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\sony.com/MediaGoDetector: C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/10/03 03:05:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/12 14:22:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/10/03 02:35:10 | 000,000,000 | ---D | M]

[2011/09/04 16:07:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kopas\AppData\Roaming\mozilla\Extensions
[2013/09/25 18:47:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kopas\AppData\Roaming\mozilla\Firefox\Profiles\ecdm1b3x.default\extensions
[2012/09/05 13:30:13 | 000,040,827 | ---- | M] () (No name found) -- C:\Users\Kopas\AppData\Roaming\mozilla\firefox\profiles\ecdm1b3x.default\extensions\[email protected]
[2012/09/03 05:27:34 | 000,246,802 | ---- | M] () (No name found) -- C:\Users\Kopas\AppData\Roaming\mozilla\firefox\profiles\ecdm1b3x.default\extensions\[email protected]
[2012/12/13 18:43:21 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Kopas\AppData\Roaming\mozilla\firefox\profiles\ecdm1b3x.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2012/09/12 14:21:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/09/12 14:22:02 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/08/25 06:02:51 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/08/25 06:02:51 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/08/25 06:02:51 | 000,000,760 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/08/25 06:02:51 | 000,001,219 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-el.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kopas\AppData\Local\Google\Chrome\Application\30.0.1599.69\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java™ Platform SE 6 U17 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Kopas\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kopas\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Kopas\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Awesome Screenshot: Capture & Annotate = C:\Users\Kopas\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.4.5_0\
CHR - Extension: Google Drive = C:\Users\Kopas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Kopas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: \u0391\u03BD\u03B1\u03B6\u03AE\u03C4\u03B7\u03C3\u03B7 Google = C:\Users\Kopas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Tasks (by Google) = C:\Users\Kopas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmglolhoplikcoamfgjgammjbgchgjdd\1.0_0\
CHR - Extension: AdBlock = C:\Users\Kopas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0\
CHR - Extension: Google Calendar (by Google) = C:\Users\Kopas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich\1.4.0.2_0\
CHR - Extension: avast! Online Security = C:\Users\Kopas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\
CHR - Extension: Google Bookmarks Browser = C:\Users\Kopas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkffhdnihongjlhmapddfemaklefeila\0.8_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Kopas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Users\Kopas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: RSS Feed Reader = C:\Users\Kopas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp\5.2.0_0\

O1 HOSTS File: ([2009/06/11 00:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1720886877-3019773777-2494609800-1000\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O3 - HKU\S-1-5-21-1720886877-3019773777-2494609800-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe (Hercules®)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1720886877-3019773777-2494609800-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1720886877-3019773777-2494609800-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Users\Kopas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Kopas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Kopas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Kopas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Αποστολή εικόνας στη συσκευή &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Αποστολή σελίδας στη συσκευή &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.40.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{31F62657-EF00-48AD-A936-418738277246}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/08/22 06:20:01 | 000,356,208 | R--- | M] (Konami Digital Entertainment Co., Ltd.) - D:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2013/08/22 06:20:01 | 000,000,047 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{1d5f2252-ec85-11e1-a33c-00235a765294}\Shell - "" = AutoRun
O33 - MountPoints2\{1d5f2252-ec85-11e1-a33c-00235a765294}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{2891363f-d871-11e0-8d8b-00235a765294}\Shell - "" = AutoRun
O33 - MountPoints2\{2891363f-d871-11e0-8d8b-00235a765294}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2013/08/22 06:20:01 | 000,356,208 | R--- | M] (Konami Digital Entertainment Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/09 01:38:49 | 000,000,000 | ---D | C] -- C:\Users\Kopas\.swt
[2013/10/09 01:38:27 | 000,000,000 | ---D | C] -- C:\Users\Kopas\AppData\Roaming\Azureus
[2013/10/09 01:38:23 | 000,000,000 | ---D | C] -- C:\Users\Kopas\Documents\Vuze Downloads
[2013/10/08 18:56:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
[2013/10/03 03:05:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013/10/03 03:05:17 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/10/03 03:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/10/03 02:42:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/10/03 02:42:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/10/03 02:42:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/09/29 19:46:43 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/09/29 19:45:24 | 001,030,305 | ---- | C] (Thisisu) -- C:\Users\Kopas\Desktop\JRT.exe
[2013/09/27 19:08:09 | 000,000,000 | ---D | C] -- C:\Users\Kopas\Sony Arxeia
[2013/09/27 03:33:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1033
[2013/09/26 05:03:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2013/09/25 19:18:57 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/09/25 18:52:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kopas\Desktop\OTL.exe
[2013/09/25 18:47:06 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/09/25 05:25:59 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2013/09/25 05:25:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2013/09/24 17:24:37 | 000,000,000 | ---D | C] -- C:\Users\Kopas\Podcasts
[2013/09/24 17:24:37 | 000,000,000 | ---D | C] -- C:\Users\Kopas\Documents\Media Go
[2013/09/24 17:23:50 | 000,000,000 | ---D | C] -- C:\Users\Kopas\AppData\Local\Sony
[2013/09/24 17:23:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sony Shared
[2013/09/24 17:23:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2013/09/24 17:22:57 | 000,000,000 | ---D | C] -- C:\Users\Kopas\AppData\Local\Downloaded Installations
[2013/09/24 17:20:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Media Go Install
[2013/09/24 17:20:18 | 000,000,000 | ---D | C] -- C:\Users\Kopas\AppData\Roaming\Sony
[2013/09/21 13:58:10 | 000,000,000 | ---D | C] -- C:\Windows\temp

========== Files - Modified Within 30 Days ==========

[2013/10/13 16:18:00 | 000,001,184 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/13 16:10:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/10/13 15:39:00 | 000,001,194 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1720886877-3019773777-2494609800-1000UA.job
[2013/10/13 15:25:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1720886877-3019773777-2494609800-1000UA.job
[2013/10/13 01:18:00 | 000,001,180 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/12 18:25:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1720886877-3019773777-2494609800-1000Core.job
[2013/10/12 16:39:00 | 000,001,142 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1720886877-3019773777-2494609800-1000Core.job
[2013/10/11 17:31:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/11 17:30:48 | 485,572,607 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/10 11:49:37 | 001,616,730 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/10/09 01:38:12 | 000,000,000 | ---- | M] () -- C:\END
[2013/10/03 03:05:44 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/10/03 02:35:12 | 000,002,023 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013/09/29 19:45:55 | 001,030,305 | ---- | M] (Thisisu) -- C:\Users\Kopas\Desktop\JRT.exe
[2013/09/26 05:15:22 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/09/25 19:18:39 | 001,042,066 | ---- | M] () -- C:\Users\Kopas\Desktop\AdwCleaner.exe
[2013/09/25 18:52:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kopas\Desktop\OTL.exe
[2013/09/24 17:17:51 | 000,002,106 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk

========== Files Created - No Company Name ==========

[2013/10/09 01:38:12 | 000,000,000 | ---- | C] () -- C:\END
[2013/10/03 03:05:42 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013/10/03 02:35:12 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013/10/03 02:35:12 | 000,002,023 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013/09/26 05:15:22 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/09/25 19:18:41 | 001,042,066 | ---- | C] () -- C:\Users\Kopas\Desktop\AdwCleaner.exe
[2013/09/24 17:22:25 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/31 18:11:51 | 000,000,654 | ---- | C] () -- C:\Windows\wininit.ini
[2013/02/28 22:55:12 | 000,000,172 | ---- | C] () -- C:\Windows\ODBC.INI
[2013/02/09 14:54:30 | 000,000,004 | ---- | C] () -- C:\Users\Kopas\crt101
[2012/10/06 16:32:43 | 001,616,730 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/07 06:08:10 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2012/01/07 06:08:10 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini

========== ZeroAccess Check ==========

[2009/07/14 07:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 05:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 04:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 04:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 15:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 04:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/10/20 22:43:23 | 000,000,000 | ---D | M] -- C:\Users\Kopas\AppData\Roaming\AnvSoft
[2013/10/10 20:21:35 | 000,000,000 | ---D | M] -- C:\Users\Kopas\AppData\Roaming\Azureus
[2012/03/10 17:24:38 | 000,000,000 | ---D | M] -- C:\Users\Kopas\AppData\Roaming\BSW
[2012/09/25 01:14:03 | 000,000,000 | ---D | M] -- C:\Users\Kopas\AppData\Roaming\DAEMON Tools Lite
[2013/10/11 17:34:16 | 000,000,000 | ---D | M] -- C:\Users\Kopas\AppData\Roaming\Dropbox
[2013/06/26 21:02:00 | 000,000,000 | ---D | M] -- C:\Users\Kopas\AppData\Roaming\DVDVideoSoft
[2011/09/01 11:07:31 | 000,000,000 | ---D | M] -- C:\Users\Kopas\AppData\Roaming\EgisTec
[2011/09/20 17:48:47 | 000,000,000 | ---D | M] -- C:\Users\Kopas\AppData\Roaming\GameConsole
[2012/10/06 16:44:37 | 000,000,000 | ---D | M] -- C:\Users\Kopas\AppData\Roaming\IDoser
[2012/01/07 06:48:20 | 000,000,000 | ---D | M] -- C:\Users\Kopas\AppData\Roaming\LG Electronics
[2011/09/04 20:21:13 | 000,000,000 | ---D | M] -- C:\Users\Kopas\AppData\Roaming\LolClient
[2012/01/07 06:49:08 | 000,000,000 | ---D | M] -- C:\Users\Kopas\AppData\Roaming\ooVoo Details
[2011/09/04 16:16:48 | 000,000,000 | ---D | M] -- C:\Users\Kopas\AppData\Roaming\PowerCinema
[2011/09/04 16:16:56 | 000,000,000 | ---D | M] -- C:\Users\Kopas\AppData\Roaming\SoftDMA
[2013/09/24 17:25:55 | 000,000,000 | ---D | M] -- C:\Users\Kopas\AppData\Roaming\Sony
[2012/12/11 08:29:58 | 000,000,000 | ---D | M] -- C:\Users\Kopas\AppData\Roaming\SPSSInc
[2011/09/01 10:37:47 | 000,000,000 | ---D | M] -- C:\Users\Kopas\AppData\Roaming\ViquaSoft
[2011/09/20 17:17:32 | 000,000,000 | ---D | M] -- C:\Users\Kopas\AppData\Roaming\xm1

========== Purity Check ==========



< End of report >

These are the results of Extras.txt:

OTL Extras logfile created on: 10/13/2013 4:25:15 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kopas\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: Ελλάδα | Language: ELL | Date Format: d/M/yyyy

5.94 Gb Total Physical Memory | 3.30 Gb Available Physical Memory | 55.53% Memory free
11.87 Gb Paging File | 8.76 Gb Available in Paging File | 73.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 580.57 Gb Total Space | 331.95 Gb Free Space | 57.18% Space Free | Partition Type: NTFS
Drive D: | 5.79 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 3.73 Gb Total Space | 0.52 Gb Free Space | 13.83% Space Free | Partition Type: NTFS

Computer Name: KOPAS93 | User Name: Kopas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6A8F5F00-DB62-4F36-9B59-93BAFA333A2D}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{B881F446-43C0-46A1-96E8-43AB1683B86E}" = protocol=6 | dir=in | app=c:\users\kopas\appdata\roaming\utorrent\utorrent.exe |
"{EBF406CB-176E-41BC-A6A7-4DC2EB37D9F5}" = protocol=17 | dir=in | app=c:\users\kopas\appdata\roaming\utorrent\utorrent.exe |
"{F2ED7E74-98E1-4BC8-A4EC-FA494903C000}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{C9EAB88C-E539-4D1E-BB37-54854C77FA1D}C:\program files (x86)\acer\acer vcm\vc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe |
"TCP Query User{CDA62DC0-764B-4414-AF18-0C3CE7B20EFA}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{EC7E09AA-E881-4B78-99EA-B3F60E2F0A40}C:\users\kopas\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\kopas\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"UDP Query User{60E550A8-77D4-41E2-9D52-225DF9F79D95}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{67515042-E933-4142-822A-B75BDA5709AB}C:\program files (x86)\acer\acer vcm\vc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe |
"UDP Query User{9F371228-93A6-41B2-9156-042D4DFE2A8F}C:\users\kopas\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\kopas\appdata\local\facebook\video\skype\facebookvideocalling.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
""Οι Παράδες μου"_is1" = Οι Παράδες μου
"{002BE8E6-E6D0-6132-D5A7-64B658F1A71A}" = CCC Help Italian
"{006A0A2F-B99E-424E-85B1-165FFE70D183}" = Windows Live Writer
"{00BE2030-4991-43DF-80ED-358431E39B7C}" = Windows Live Essentials
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{1389C6A4-4965-4AEC-9175-08B54A10FA48}" = Microsoft SQL Server 2005 Mobile [ENU] Developer Tools
"{13C96625-28E4-4c58-ADE0-CDAFC64752EB}" = JMicron 1394 Filter Driver
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{17C28D62-7955-4D8D-922B-7EA16FA9B7C5}" = Fingerprint Solution
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A08F24B-CA66-4BA9-9933-A9D20A66E8D8}" = Βοηθός εισόδου του Windows Live
"{1BE0813F-4110-4B1C-B96D-EB7278199DDC}" = DJUCED
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Εργαλείο αποστολής του Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{24C4BB38-F45D-4247-90B9-7E6CAA877FF3}" = TotalMedia Setup
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{268CF0B8-CA38-4E20-9E99-514A07F7C1F1}" = ArcSoft TotalMedia 3
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java™ 6 Update 32
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{27996809-446F-7261-6C69-6B654C656F6E}" =
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A3429CF-6DD6-586E-0D0B-9ED221EB5E17}" = CCC Help English
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance
"{33999F1F-EA46-4E55-A239-1BA803235396}" = Hercules DJ Products Series drivers
"{34A0D249-747E-4D6C-803D-329C120C6B79}" = Catalyst Control Center - Branding
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{437AB8E0-FB69-4222-B280-A64F3DE22591}" = Microsoft Visual Studio 2005 Professional Edition - ENU
"{44D4AF75-6870-41F5-9181-662EA05507E1}" = Microsoft Document Explorer 2005
"{452181AA-2603-8DD4-8D9D-A72FDAB36F57}" = CCC Help Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B53E9EE-83BA-8140-A557-A4237F393437}" = CCC Help Danish
"{4C89179D-2777-5988-E302-49118D39DE88}" = CCC Help Polish
"{4D9C300B-F96A-4618-4392-33161F46A1CF}" = CCC Help Thai
"{503A899B-81B6-82E1-924A-C6FE58FDE83A}" = CCC Help Finnish
"{51962132-EF73-4015-A69E-1538CDDFB835}" = Windows Live Mail
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1" = Panda USB Vaccine 1.0.1.4
"{55B0389E-75F5-4494-874B-5F733C93E865}" = Windows Live Movie Maker
"{57ED6B51-443C-C6B5-CE1B-0412C4C7113D}" = Catalyst Control Center Localization All
"{5DE6F8A4-953C-30C7-2F5E-F486CE51DD1B}" = CCC Help Portuguese
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{625386A4-B6B6-4911-A6E8-23189C3F2D15}" = Microsoft .NET Compact Framework 2.0
"{625DACC6-B0FA-5BD7-1233-722F25FA4C9F}" = CCC Help Czech
"{62848FBF-E78D-59E1-C073-D508788102C8}" = CCC Help Chinese Standard
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{664D7CF2-36A0-3FAA-6C5C-EF22BE573AFD}" = CCC Help Hungarian
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C531060-84FB-4F96-8F33-29DF020632EB}" = Microsoft .NET Compact Framework 1.0 SP3 Developer
"{70578F65-5F92-DEED-DAC8-87632A1F455C}" = Catalyst Control Center Core Implementation
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{730F81C7-F639-885E-E5DE-CD2603A2F30B}" = CCC Help Dutch
"{7355CD58-2668-FD9C-677D-AC1F504D4C6E}" = CCC Help Turkish
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{78B75C6D-E53C-424C-BF83-4B63BD4A6682}" = Microsoft Device Emulator version 1.0 - ENU
"{79E699D5-AEC9-FD43-5473-1C4A5FA1EDE3}" = ccc-core-static
"{7E1357FE-43E9-4904-1225-27F97CB8AD18}" = CCC Help Korean
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{8227BCD8-AA43-B935-7134-2732A298364A}" = Media Go Video Playback Engine 1.120.110.05010
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}" = First Class Flurry
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
"{90140000-00BD-0408-0000-0000000FF1CE}" = Γλώσσα συμβουλών οθόνης του Microsoft Office 2010 - Ελληνικά
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{94F70511-C8A8-413C-AC8D-65313D8D3082}" = Windows Live Messenger
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FEECBDA-8378-4874-AD65-D9E232BE2D11}" = Windows Live Sync
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A33395A7-51B0-9943-F6B7-760CA5E91D93}" = CCC Help French
"{A511F4E3-F03C-42FC-9F78-392E21FCBE0B}" = Acer Arcade Instant On
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABD06DD3-6E99-FC67-8ABE-CD209C390712}" = CCC Help German
"{AC76BA86-7AD7-1032-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Greek
"{ADB51AB1-8838-1A26-3950-8F054143FBBE}" = Catalyst Control Center InstallProxy
"{B55B7EAE-C58C-496E-A383-3A6ABDD83A62}" = Media Go
"{B8BA5929-B0C9-BFA9-35F5-69B19A9F447B}" = Catalyst Control Center Graphics Light
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BB49EE1D-49D9-4195-8761-0195012AF68D}" = Catalyst Control Center Graphics Previews Vista
"{C270BC04-1540-4673-960F-A546B2C860CD}" = Commandos 3 - Destination Berlin
"{C305418B-308D-7E56-2034-F05725257D6A}" = CCC Help Spanish
"{C5219CF1-0B5F-9BA5-0685-286B91207700}" = CCC Help Russian
"{C5848384-07A0-2707-E3FC-CF32F3EE3226}" = CCC Help Swedish
"{C5D1A05C-92EA-8987-88EC-9EFB4A04D166}" = CCC Help Japanese
"{CF59E394-B243-8A9C-0687-E7B711D3BAE7}" = Catalyst Control Center Graphics Full New
"{D87B8C91-4659-4C3B-A894-A4D670AE95E2}" = Συλλογή φωτογραφιών του Windows Live
"{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Fingerprint Solution
"{E2962129-715A-4EA7-4AF1-60BAD25EFA22}" = CCC Help Greek
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{EA480C11-DB60-4BCE-BDC8-055CC0812787}_is1" = Guitar Tuner u1v2
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.174
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1CECE09-7CBE-4E98-B435-DA87CDA86167}" = Skype™ 5.5
"{F656F23B-0293-5ABB-D5B9-54344C72EA92}" = Catalyst Control Center Graphics Full Existing
"{F68D0307-2573-4BE7-9EFD-CB28D7E656E3}" = Adobe Flash Player 11 ActiveX
"{F7F85A7C-CD0D-B40F-FCB6-821D4101C45E}" = CCC Help Norwegian
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"avast" = avast! Free Antivirus
"BSW" = BrettspielWelt
"DAEMON Tools Lite" = DAEMON Tools Lite
"ESET Online Scanner" = ESET Online Scanner v3
"Free Studio_is1" = Free Studio version 5.2.1
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.4.622
"Freemake Video Converter_is1" = Freemake Video Converter έκδοση 3.2.1
"GridVista" = Acer GridVista
"Guitarpad_is1" = Guitarpad 2.0
"Identity Card" = Identity Card
"I-Doser" = I-Doser Free
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{17C28D62-7955-4D8D-922B-7EA16FA9B7C5}" = Fingerprint Solution
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager
"InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Acer Bio Protection
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware έκδοση 1.75.0.1300
"Microsoft Document Explorer 2005" = Microsoft Document Explorer 2005
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Microsoft Visual Studio 2005 Professional Edition - ENU" = Microsoft Visual Studio 2005 Professional Edition - ENU
"Mozilla Firefox 15.0.1 (x86 el)" = Mozilla Firefox 15.0.1 (x86 el)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OrangeHRM" = OrangeHRM - Opensource HR management
"Picasa 3" = Picasa 3
"PitchPerfect" = PitchPerfect Musical Instrument Tuner
"RocketDock_is1" = RocketDock 1.3.5
"Texmaker" = Texmaker
"Tunatic" = Tunatic
"Update Engine" = Sony Ericsson Update Engine
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1720886877-3019773777-2494609800-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/8/2013 11:32:02 AM | Computer Name = Kopas93 | Source = Application Hang | ID = 1002
Description = Το πρόγραμμα EXCEL.EXE έκδοση 14.0.7104.5000 σταμάτησε να αλληλεπιδρά
με τα Windows και έκλεισε. Για να δείτε αν υπάρχουν διαθέσιμες περισσότερες πληροφορίες
για το πρόβλημα, ελέγξτε το ιστορικό του προβλήματος στον πίνακα ελέγχου του Κέντρου
ενεργειών. Αναγνωριστικό διεργασίας: cf0 Ώρα έναρξης: 01cec43b7847cdfe Ώρα τερματισμού:
0 Διαδρομή εφαρμογής: C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE

Αναγνωριστικό
αναφοράς:

Error - 10/8/2013 11:32:04 AM | Computer Name = Kopas93 | Source = Application Hang | ID = 1002
Description = Το πρόγραμμα EXCEL.EXE έκδοση 14.0.7104.5000 σταμάτησε να αλληλεπιδρά
με τα Windows και έκλεισε. Για να δείτε αν υπάρχουν διαθέσιμες περισσότερες πληροφορίες
για το πρόβλημα, ελέγξτε το ιστορικό του προβλήματος στον πίνακα ελέγχου του Κέντρου
ενεργειών. Αναγνωριστικό διεργασίας: 19bc Ώρα έναρξης: 01cec43b5fff79e9 Ώρα τερματισμού:
0 Διαδρομή εφαρμογής: C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE

Αναγνωριστικό
αναφοράς:

Error - 10/8/2013 11:42:01 AM | Computer Name = Kopas93 | Source = SideBySide | ID = 16842832
Description = Η δημιουργία περιβάλλοντος ενεργοποίησης για το "C:\Program Files
(x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe" απέτυχε. Παρουσιάστηκε σφάλμα
στο αρχείο διακήρυξης ή πολιτικής "" στη γραμμή . Η έκδοση ενός στοιχείου που απαιτείται
για την εφαρμογή έρχεται σε διένεξη με την έκδοση άλλου στοιχείου το οποίο είναι
ήδη ενεργό. Τα στοιχεία που έρχονται σε διένεξη είναι:. Στοιχείο 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Στοιχείο
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 10/9/2013 12:33:06 PM | Computer Name = Kopas93 | Source = SideBySide | ID = 16842815
Description = Η δημιουργία περιβάλλοντος ενεργοποίησης απέτυχε για το "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Παρουσιάστηκε σφάλμα
στο αρχείο διακήρυξης ή πολιτικής "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" στη γραμμή 3. Η τιμή "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
του χαρακτηριστικού "version" στο στοιχείο "assemblyIdentity" δεν είναι έγκυρη.

Error - 10/9/2013 12:33:07 PM | Computer Name = Kopas93 | Source = SideBySide | ID = 16842832
Description = Η δημιουργία περιβάλλοντος ενεργοποίησης για το "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe" απέτυχε. Παρουσιάστηκε σφάλμα
στο αρχείο διακήρυξης ή πολιτικής "" στη γραμμή . Η έκδοση ενός στοιχείου που απαιτείται
για την εφαρμογή έρχεται σε διένεξη με την έκδοση άλλου στοιχείου το οποίο είναι
ήδη ενεργό. Τα στοιχεία που έρχονται σε διένεξη είναι:. Στοιχείο 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Στοιχείο
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 10/10/2013 7:36:44 AM | Computer Name = Kopas93 | Source = SideBySide | ID = 16842815
Description = Η δημιουργία περιβάλλοντος ενεργοποίησης απέτυχε για το "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Παρουσιάστηκε σφάλμα
στο αρχείο διακήρυξης ή πολιτικής "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" στη γραμμή 3. Η τιμή "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
του χαρακτηριστικού "version" στο στοιχείο "assemblyIdentity" δεν είναι έγκυρη.

Error - 10/10/2013 7:36:45 AM | Computer Name = Kopas93 | Source = SideBySide | ID = 16842832
Description = Η δημιουργία περιβάλλοντος ενεργοποίησης για το "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe" απέτυχε. Παρουσιάστηκε σφάλμα
στο αρχείο διακήρυξης ή πολιτικής "" στη γραμμή . Η έκδοση ενός στοιχείου που απαιτείται
για την εφαρμογή έρχεται σε διένεξη με την έκδοση άλλου στοιχείου το οποίο είναι
ήδη ενεργό. Τα στοιχεία που έρχονται σε διένεξη είναι:. Στοιχείο 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Στοιχείο
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 10/10/2013 2:27:34 PM | Computer Name = Kopas93 | Source = Google Update | ID = 20
Description =

Error - 10/11/2013 1:40:09 PM | Computer Name = Kopas93 | Source = Application Error | ID = 1000
Description = Όνομα ελαττωματικής εφαρμογής ePowerSvc.exe, έκδοση 4.6.3007.0, χρονική
σήμανση 0x4ae95707 Όνομα ελαττωματικής λειτουργικής μονάδας ePowerSvc.exe, έκδοση
4.6.3007.0, χρονική σήμανση 0x4ae95707 Κωδικός εξαίρεσης: 0xc0000005 Μετατόπιση σφάλματος:
0x000000000000373d Αναγνωριστικό ελαττωματικής διεργασίας: 0x7dc Χρόνος έναρξης ελαττωματικής
εφαρμογής: 0x01cec68e92032efd Διαδρομή ελαττωματικής εφαρμογής: C:\Program Files\Acer\Acer
PowerSmart Manager\ePowerSvc.exe Διαδρομή ελλατωματικής λειτουργικής μονάδας:C:\Program
Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe Αναγνωριστικό αναφοράς:2bc49777-329c-11e3-a9e2-00235a765294

Error - 10/13/2013 9:23:07 AM | Computer Name = Kopas93 | Source = SideBySide | ID = 16842832
Description = Η δημιουργία περιβάλλοντος ενεργοποίησης για το "C:\Users\Kopas\Downloads\esetsmartinstaller_enu.exe"
απέτυχε. Παρουσιάστηκε σφάλμα στο αρχείο διακήρυξης ή πολιτικής "" στη γραμμή .
Η
έκδοση ενός στοιχείου που απαιτείται για την εφαρμογή έρχεται σε διένεξη με την
έκδοση άλλου στοιχείου το οποίο είναι ήδη ενεργό. Τα στοιχεία που έρχονται σε διένεξη
είναι:. Στοιχείο 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Στοιχείο
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

[ System Events ]
Error - 10/4/2013 4:58:03 AM | Computer Name = Kopas93 | Source = Disk | ID = 262155
Description = Το πρόγραμμα οδήγησης εντόπισε ένα σφάλμα ελεγκτή στο "\Device\Harddisk1\DR1".

Error - 10/4/2013 4:58:03 AM | Computer Name = Kopas93 | Source = Disk | ID = 262155
Description = Το πρόγραμμα οδήγησης εντόπισε ένα σφάλμα ελεγκτή στο "\Device\Harddisk1\DR1".

Error - 10/4/2013 4:58:04 AM | Computer Name = Kopas93 | Source = Disk | ID = 262155
Description = Το πρόγραμμα οδήγησης εντόπισε ένα σφάλμα ελεγκτή στο "\Device\Harddisk1\DR1".

Error - 10/4/2013 4:58:04 AM | Computer Name = Kopas93 | Source = Disk | ID = 262155
Description = Το πρόγραμμα οδήγησης εντόπισε ένα σφάλμα ελεγκτή στο "\Device\Harddisk1\DR1".

Error - 10/7/2013 12:24:40 PM | Computer Name = Kopas93 | Source = EventLog | ID = 6008
Description = Ο προηγούμενος τερματισμός λειτουργίας του συστήματος σε7:23:01 μμ
σε ?7/?10/?2013 ήταν μη αναμενόμενος.

Error - 10/11/2013 1:40:22 PM | Computer Name = Kopas93 | Source = Service Control Manager | ID = 7034
Description = Η λειτουργία της υπηρεσίας Acer ePower Service τερματίστηκε αναπάντεχα.
Αυτό συνέβη 1 φορά(ές).

Error - 10/11/2013 6:36:18 PM | Computer Name = Kopas93 | Source = Service Control Manager | ID = 7011
Description = Το χρονικό όριο αναμονής (30000 χιλιοστά του δευτερολέπτου) ξεπεράστηκε
κατά την αναμονή για απόκριση συναλλαγής από την υπηρεσία SysMain.

Error - 10/12/2013 8:52:00 AM | Computer Name = Kopas93 | Source = Service Control Manager | ID = 7011
Description = Το χρονικό όριο αναμονής (30000 χιλιοστά του δευτερολέπτου) ξεπεράστηκε
κατά την αναμονή για απόκριση συναλλαγής από την υπηρεσία eventlog.

Error - 10/13/2013 9:12:57 AM | Computer Name = Kopas93 | Source = Ntfs | ID = 262199
Description = Η δομή του συστήματος αρχείων στον δίσκο είναι κατεστραμμένη και δεν
είναι δυνατό να χρησιμοποιηθεί. Εκτελέστε το βοηθητικό πρόγραμμα chkdsk στον τόμο
"F:".

Error - 10/13/2013 9:12:57 AM | Computer Name = Kopas93 | Source = Ntfs | ID = 262281
Description = Η προεπιλεγμένη διαχείριση πόρων συναλλαγής στον τόμο F: παρουσίασε
ένα σφάλμα που δεν είναι δυνατόν να επαναληφθεί και δεν ήταν δυνατή η έναρξη.
Τα δεδομένα περιέχουν τον κωδικό σφάλματος.


< End of report >

These are the results of CKFiles.txt:

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\_otl\movedfiles\09252013_184706\c_users\kopas\appdata\roaming\utorrent\eset.smart.security.5.&.eset.nod32.antivirus.5.incl.crack(32.and.64.bit).1.torrent
c:\_otl\movedfiles\09252013_184706\c_users\kopas\appdata\roaming\utorrent\eset.smart.security.5.&.eset.nod32.antivirus.5.incl.crack(32.and.64.bit).torrent
c:\_otl\movedfiles\09252013_184706\c_users\kopas\downloads\efarmoges\eset.smart.security.5.&.eset.nod32.antivirus.5.incl.crack(32.and.64.bit)\read me.txt
c:\_otl\movedfiles\09252013_184706\c_users\kopas\downloads\efarmoges\eset.smart.security.5.&.eset.nod32.antivirus.5.incl.crack(32.and.64.bit)\eset.nod32.anitvirus.5(32.and.64.bit)\eav_nt32_enu.msi
c:\_otl\movedfiles\09252013_184706\c_users\kopas\downloads\efarmoges\eset.smart.security.5.&.eset.nod32.antivirus.5.incl.crack(32.and.64.bit)\eset.nod32.anitvirus.5(32.and.64.bit)\eav_nt64_enu.msi
c:\_otl\movedfiles\09252013_184706\c_users\kopas\downloads\efarmoges\eset.smart.security.5.&.eset.nod32.antivirus.5.incl.crack(32.and.64.bit)\eset.nod32.smart.security.5(x32.and.x64.bit)\ess_nt32_enu.msi
c:\_otl\movedfiles\09252013_184706\c_users\kopas\downloads\efarmoges\eset.smart.security.5.&.eset.nod32.antivirus.5.incl.crack(32.and.64.bit)\eset.nod32.smart.security.5(x32.and.x64.bit)\ess_nt64_enu.msi
c:\_otl\movedfiles\09252013_184706\c_users\kopas\downloads\paretologic regcure pro 3.1.0.0 [h33t.com] full\crack\regcurepro.exe
scanner sequence 3.DD.11.PJABC0
----- EOF -----
  • 0

#28
Nutloaf
Posted 13 October 2013 - 08:00 AM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Thanks for the results.

Don't worry about the DJ program I will sort that out :)

I will get a fix together, get it cleared and be with you a bit later on. :thumbsup:
  • 0

#29
Nutloaf
Posted 13 October 2013 - 03:28 PM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hi there George the log looks O.K so proceed with the following and lets see what's removed :)

1. Uninstall ADWcleaner and Delete JRT icon

We need to use this again and need an updated version. The easiest way is to uninstall and download again in step 4 or you may get lost on a French website :)

  • Open ADWcleaner if prompted to update select Cancel then select Uninstall
  • Right click the JRT icon and select Delete
  • All done!


2. Uninstalls

Free studio and YTdownloader make alterations to the host file with use so get rid of these. ESET is conflicting with another program so we will re-install later on.

  • Click Start then select Control Panel
  • In control panel click Uninstall a Program or Programs and Features and uninstall the following:
  • ESET Online Scanner v3
  • Free Studio version 5.2.1
  • Free YouTube to MP3 Converter version 3.12.4.622

3. OTL Fix

  • Right click the OTL icon and select Run as Administrator.
  • Copy the entire text in the Quote box below, do not include the word QUOTE and Paste into the Custom Scans/Fixes box in OTL.


    :COMMANDS
    [CREATERESTOREPOINT]

    :OTL
    O3 - HKU\S-1-5-21-1720886877-3019773777-2494609800-1000\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
    O3 - HKU\S-1-5-21-1720886877-3019773777-2494609800-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
    O8 - Extra context menu item: Free YouTube Download - C:\Users\Kopas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm File not found
    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Kopas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - File not found
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
    O32 - AutoRun File - [2013/08/22 06:20:01 | 000,356,208 | R--- | M] (Konami Digital Entertainment Co., Ltd.) - D:\autorun.exe -- [ UDF ]
    O32 - AutoRun File - [2013/08/22 06:20:01 | 000,000,047 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
    O33 - MountPoints2\{1d5f2252-ec85-11e1-a33c-00235a765294}\Shell - "" = AutoRun
    O33 - MountPoints2\{1d5f2252-ec85-11e1-a33c-00235a765294}\Shell\AutoRun\command - "" = F:\Startme.exe
    O33 - MountPoints2\{2891363f-d871-11e0-8d8b-00235a765294}\Shell - "" = AutoRun
    O33 - MountPoints2\{2891363f-d871-11e0-8d8b-00235a765294}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2013/08/22 06:20:01 | 000,356,208 | R--- | M] (Konami Digital Entertainment Co., Ltd.)
    [2013/10/03 02:35:12 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
    [2013/10/03 02:35:12 | 000,002,023 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
    [2013/10/09 01:38:23 | 000,000,000 | ---D | C] -- C:\Users\Kopas\Documents\Vuze Downloads
    [2013/10/09 01:38:12 | 000,000,000 | ---- | M] () -- C:\END

    :REG
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Virtual DJ Pro Full - Atomix Productions"=-
    "{90140000-00BD-0408-0000-0000000FF1CE}"=-

    :COMMANDS
    [EMPTYTEMP]

  • Then click Run Fix
  • Click O.K if asked to Reboot.
  • An OTL fix log will be saved in the following location: C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log - Where mmddyyy _hhmmss is the date and time of fix.
  • Copy and Paste the Fix Log in your next reply.


4. Run ADWcleaner

  • Using this link Download ADWcleaner and save to Desktop.
  • Right click ADWcleaner and Run as Administrator then select Scan
  • Once the scan is complete click Clean
  • A reboot will be asked for click O.K
  • On reboot a log will be produced, please post in your next reply.


5. Junkware Removal Tool

Posted Image 1. Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Right-mouse click JRT.exe and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

6. OTL Scan

  • Right click the OTL icon and select Run as Administrator.
  • Select the following boxes:
  • Scan All Users
  • Use Company-Name WhiteList
  • Skip Microsoft Files
  • Use No-Company-Name WhiteList
  • LOP Check
  • Now Click Run Scan
  • OTL will now scan your computer and produce a log file OTL.txt
  • Please post in your next reply

Things I want to see in your next post.

  • OTL fixtxt
  • ADWcleaner results
  • JRT.txt
  • OTL.txt
  • Has the DJ icon been removed?

  • 0

#30
Georgekopa
Posted 14 October 2013 - 01:11 PM

Georgekopa

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Hello.
I would like to ask you about a problem with JRT.. I downloaded it to the desktop. I shut down the avast and then try to open JRT but it didn't open. It asks me to use it as administrator i press yes and then it close!
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP