Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Boaxxe.co.gen trojan detected. Cannot be removed with malwarebytes

Started by MariannaC , Jan 25 2015 12:56 PM
boaxxe trojan spyware_password

  • Please log in to reply

#1
MariannaC
Posted 25 January 2015 - 12:56 PM

MariannaC

    New Member

  • Member
  • Pip
  • 8 posts

Hi there.

 

ESET found on Startup scanner this: Operating memory » C:\Documents and Settings\Vagelis\Local Settings\Application Data\Asnxworks\ngmhumhbbuvxdqi.dll a variant of Win32/Boaxxe.CO.gen trojan among others.

 

1. The desktop has changed to a sort of log file titled: "your personal files are enrypted by CTB-locker".

2. From time to time a "smartwebprinting" starts to run as if it's trying to install a program. 

3. ESET's real time protection has stopped functioning.

 

I did run malware malbytes in order to remove the trojan but the desktop hasn't changed back to normal again. I am not sure that the trojans are removed yet.. The computer belongs to a friend so I'm not sure that I have seen all the symptoms.

 

Below is the OTL log file pasted. Hope my description helped you!

 

Thank you!

Marianna

 

 

OTL logfile created on: 25/1/2015 8:40:09 μμ - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000408 | Country: Ελλάδα | Language: ELL | Date Format: d/M/yyyy
 
1,97 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 51,93% Memory free
3,82 Gb Paging File | 2,83 Gb Available in Paging File | 74,10% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 83,70 Gb Free Space | 56,16% Space Free | Partition Type: NTFS
 
Computer Name: DESKTOP | User Name: Vagelis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2015/01/25 20:35:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\OTL.exe
PRC - [2015/01/09 02:35:57 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/04/25 11:56:12 | 005,024,576 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2009/04/24 10:21:04 | 000,360,448 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
PRC - [2009/03/19 11:44:50 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009/03/19 11:44:28 | 002,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008/04/14 18:31:03 | 000,073,796 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\slserv.exe
PRC - [2008/04/14 18:30:58 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regsvr32.exe
PRC - [2008/04/14 18:30:35 | 001,038,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/10 12:18:26 | 000,835,584 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2006/03/30 08:15:44 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2005/10/28 15:25:44 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2015/01/18 11:44:42 | 001,292,288 | ---- | M] () -- C:\Documents and Settings\Vagelis\Local Settings\Application Data\Asnxworks\ngmhumhbbuvxdqi.dll
MOD - [2015/01/16 15:02:12 | 001,313,792 | ---- | M] () -- C:\Documents and Settings\Vagelis\Local Settings\Application Data\Ofxics\ep0lvrab.dll
MOD - [2015/01/09 02:35:54 | 009,009,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\39.0.2171.99\pdf.dll
MOD - [2015/01/09 02:35:48 | 001,677,128 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
MOD - [2012/02/20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/12/12 15:12:03 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009/09/07 01:30:02 | 000,190,976 | ---- | M] () -- C:\WINDOWS\system32\WgaLogon.dll
MOD - [2009/04/24 10:21:04 | 000,360,448 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
MOD - [2008/04/14 18:29:39 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/05/10 12:18:26 | 000,835,584 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2014/12/15 16:53:40 | 000,075,264 | ---- | M] () [Unknown (-1) | Unknown] -- C:\WINDOWS\System32\drivers\f599a5569ba58b6.sys -- (f599a5569ba58b6)
SRV - [2014/12/10 11:18:07 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/04/25 11:56:12 | 005,024,576 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2009/03/19 11:48:08 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/03/19 11:44:50 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008/04/14 18:31:03 | 000,073,796 | ---- | M] (Smart Link) [Auto | Running] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2006/03/30 08:15:44 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDRm.sys -- (InCDRm)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDPass.sys -- (InCDPass)
DRV - File not found [File_System | Disabled | Stopped] -- system32\drivers\InCDFs.sys -- (InCDFs)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2015/01/25 20:40:45 | 000,114,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014/12/15 16:53:40 | 000,075,264 | ---- | M] () [Unknown (-1) | Unknown (-1) | Unknown] -- C:\WINDOWS\System32\drivers\f599a5569ba58b6.sys -- (f599a5569ba58b6)
DRV - [2013/08/21 06:31:38 | 000,182,680 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013/08/21 06:31:38 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013/04/18 18:06:08 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009/04/24 08:18:40 | 010,472,960 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3)
DRV - [2009/03/25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009/03/25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018unic.sys -- (s1018unic)
DRV - [2009/03/25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mgmt.sys -- (s1018mgmt)
DRV - [2009/03/25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009/03/25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018bus.sys -- (s1018bus)
DRV - [2009/03/25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018nd5.sys -- (s1018nd5)
DRV - [2009/03/25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2009/03/19 11:45:38 | 000,093,848 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009/03/19 11:44:34 | 000,107,256 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/03/19 11:41:38 | 000,113,960 | ---- | M] (ESET) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2008/10/21 09:22:48 | 000,114,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008/10/21 09:22:48 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017unic.sys -- (s0017unic)
DRV - [2008/10/21 09:22:48 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mgmt.sys -- (s0017mgmt)
DRV - [2008/10/21 09:22:48 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008/10/21 09:22:48 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017bus.sys -- (s0017bus)
DRV - [2008/10/21 09:22:48 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017nd5.sys -- (s0017nd5)
DRV - [2008/10/21 09:22:48 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2008/01/16 03:10:51 | 004,609,024 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/01/09 12:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2007/05/11 18:00:14 | 000,045,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI)
DRV - [2006/11/02 06:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2004/08/03 21:41:46 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2004/08/03 21:41:46 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2004/08/03 21:41:42 | 000,129,535 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnt7554.sys -- (Slnt7554)
DRV - [2004/08/03 21:41:40 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2004/08/03 21:41:40 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2004/08/03 21:41:40 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\RecAgent.sys -- (RecAgent)
DRV - [2004/08/03 21:41:38 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.com
IE - HKCU\..\SearchScopes,DefaultScope = {8545F732-03AD-434E-A425-483C8DC457D8}
IE - HKCU\..\SearchScopes\{8545F732-03AD-434E-A425-483C8DC457D8}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..extensions.enabledAddons: %7B75FAD9C3-E976-1115-DB37-B29F176E34F9%7D:4.0.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
FF - prefs.js..browser.startup.homepage: "google.com"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/24 20:25:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/11/26 19:56:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/24 20:25:15 | 000,000,000 | ---D | M]
 
[2012/11/26 20:38:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Vagelis\Application Data\Mozilla\Extensions
[2015/01/25 20:24:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Vagelis\Application Data\Mozilla\Firefox\Profiles\jd5ea4qe.default\extensions
[2015/01/18 11:44:31 | 000,000,000 | ---D | M] (Windows Media Services DRM Storage object) -- C:\Documents and Settings\Vagelis\Application Data\Mozilla\Firefox\Profiles\jd5ea4qe.default\extensions\{75FAD9C3-E976-1115-DB37-B29F176E34F9}
[2014/12/10 11:17:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/12/10 11:18:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\39.0.2171.99\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\39.0.2171.99\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U25 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: MicrosoftΒ® DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: MicrosoftΒ® DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - Extension: No name found = C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.10_0\
CHR - Extension: No name found = C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2001/11/27 15:00:00 | 000,000,944 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [{772114f5-dc48-f646-8b68-1e6d40edd92c}] "C:\Documents and Settings\All Users\Application Data\Microsoft\{772114f5-dc48-f646-8b68-1e6d40edd92c}\{772114f5-dc48-f646-8b68-1e6d40edd92c}.exe" File not found
O4 - HKLM..\Run: [{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2}] "C:\Documents and Settings\All Users\Application Data\Microsoft\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2}\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2}.exe" File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe File not found
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe ()
O4 - HKLM..\Run: [Unrocyytudozn] "C:\Documents and Settings\Vagelis\Application Data\Luobtyy\uvomn.exe" File not found
O4 - HKCU..\Run: [Asnxworks] C:\WINDOWS\System32\regsvr32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [BluetoothS] rundll32.exe "%appdata%\BtvStack.dll",BTHF_Register File not found
O4 - HKCU..\Run: [Icxnsoft] C:\WINDOWS\System32\regsvr32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [Unrocyytudozn] "C:\Documents and Settings\Vagelis\Application Data\Luobtyy\uvomn.exe" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: {772114f5-dc48-f646-8b68-1e6d40edd92c} = "C:\Documents and Settings\All Users\Application Data\Microsoft\{772114f5-dc48-f646-8b68-1e6d40edd92c}\{772114f5-dc48-f646-8b68-1e6d40edd92c}.exe"
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: {c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2} = "C:\Documents and Settings\All Users\Application Data\Microsoft\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2}\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2}.exe"
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {E689A1CC-7220-45EA-9524-DAC4F78355C7} https://www.millenni...ly/GSMonWEB.cab (GSMonWEB)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9E377FF-13CE-482D-833D-928DBDF2D082}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll ()
O24 - Desktop Components:0 (Τρέχουσα αρχική σελίδα) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Vagelis\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Vagelis\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/07 18:07:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{34469552-f469-11e3-bd50-001cc060e7bb}\Shell - "" = AutoRun
O33 - MountPoints2\{34469552-f469-11e3-bd50-001cc060e7bb}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2015/01/25 20:35:19 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\OTL.exe
[2015/01/25 20:28:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\CyberLink PowerDVD
[2015/01/25 19:15:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vagelis\Application Data\Local Store
[2015/01/25 19:14:20 | 000,114,904 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2015/01/25 19:14:03 | 000,000,000 | RHSD | C] -- C:\Documents and Settings\All Users\MicroWindows0Mnger
[2015/01/25 19:13:41 | 000,000,000 | RHSD | C] -- C:\Documents and Settings\All Users\MediaMangr
[2015/01/25 19:13:40 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Vagelis\Application Data\LVS-MUPPSPKSPPO
[2015/01/25 19:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vagelis\Application Data\MicroWindows0Mnger
[2015/01/25 19:13:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Προγράμματα\Malwarebytes Anti-Malware
[2015/01/25 19:13:17 | 000,054,360 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2015/01/25 19:13:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2015/01/25 19:12:09 | 000,000,000 | RHSD | C] -- C:\Documents and Settings\All Users\MdaMngr
[2015/01/25 19:12:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vagelis\Application Data\MdaMngr
[2015/01/25 19:11:29 | 000,712,264 | ---- | C] (MindSpark) -- C:\Program Files\64Uninstall TelevisionFanatic.dll
[2015/01/18 12:33:53 | 000,000,000 | -H-D | C] -- C:\e34abb91
[2015/01/16 14:32:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vagelis\Local Settings\Application Data\Asnxworks
[2015/01/16 14:31:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vagelis\Local Settings\Application Data\Ofxics
[2015/01/08 10:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vagelis\Application Data\Luobtyy
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2015/01/25 20:40:45 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2015/01/25 20:35:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\OTL.exe
[2015/01/25 20:27:52 | 000,001,168 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/01/25 20:27:52 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Σύνδεση στην ειδοποίηση λήξης υπηρεσίας για τα Microsoft Windows XP.job
[2015/01/25 20:27:50 | 000,000,250 | -H-- | M] () -- C:\WINDOWS\tasks\eqkdqlk.job
[2015/01/25 20:27:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/01/25 20:00:02 | 000,001,172 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/01/25 19:27:27 | 000,000,697 | ---- | M] () -- C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\Εκκίνηση του προγράμματος περιήγησης Internet Explorer.lnk
[2015/01/25 19:16:08 | 000,045,458 | ---- | M] () -- C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.PNG
[2015/01/25 19:16:07 | 000,008,528 | ---- | M] () -- C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.HTML
[2015/01/25 19:16:07 | 000,000,272 | ---- | M] () -- C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.URL
[2015/01/25 19:16:02 | 000,000,831 | ---- | M] () -- C:\Documents and Settings\Vagelis\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/01/25 19:16:02 | 000,000,715 | ---- | M] () -- C:\Documents and Settings\Vagelis\Application Data\Microsoft\Internet Explorer\Quick Launch\Εκκίνηση του προγράμματος περιήγησης Internet Explorer.lnk
[2015/01/25 19:14:44 | 000,045,458 | ---- | M] () -- C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.PNG
[2015/01/25 19:14:44 | 000,008,528 | ---- | M] () -- C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.HTML
[2015/01/25 19:14:44 | 000,000,272 | ---- | M] () -- C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.URL
[2015/01/25 19:14:18 | 000,000,813 | ---- | M] () -- C:\Documents and Settings\All Users\Επιφάνεια εργασίας\Google Chrome.lnk
[2015/01/25 19:14:03 | 001,416,192 | ---- | M] () -- C:\WINDOWS\System32\mmc.exe
[2015/01/25 19:13:22 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Επιφάνεια εργασίας\Malwarebytes Anti-Malware.lnk
[2015/01/25 19:13:07 | 000,045,458 | ---- | M] () -- C:\Documents and Settings\All Users\HELP_DECRYPT.PNG
[2015/01/25 19:13:07 | 000,045,458 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.PNG
[2015/01/25 19:13:07 | 000,008,528 | ---- | M] () -- C:\Documents and Settings\All Users\HELP_DECRYPT.HTML
[2015/01/25 19:13:07 | 000,008,528 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.HTML
[2015/01/25 19:13:07 | 000,000,272 | ---- | M] () -- C:\Documents and Settings\All Users\HELP_DECRYPT.URL
[2015/01/25 19:13:07 | 000,000,272 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.URL
[2015/01/25 19:12:58 | 000,045,458 | ---- | M] () -- C:\out.png
[2015/01/25 19:09:29 | 000,000,017 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\systemskey.ini
[2015/01/25 18:59:00 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2015/01/22 01:14:48 | 000,061,440 | ---- | M] () -- C:\Documents and Settings\Vagelis\Application Data\runlet.ph
[2015/01/22 00:21:22 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\Vagelis\Application Data\beanie.g
[2015/01/22 00:12:36 | 000,053,248 | ---- | M] () -- C:\Documents and Settings\Vagelis\Application Data\degrees.vp
[2015/01/18 12:33:58 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Decrypt All Files efzzupf.bmp
[2015/01/18 12:11:49 | 000,963,679 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\eiiceyj.html
[2015/01/17 13:23:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2015/01/13 17:16:55 | 000,002,579 | ---- | M] () -- C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\Microsoft Office Word 2003.lnk
[2015/01/08 16:27:42 | 000,000,220 | ---- | M] () -- C:\WINDOWS\tasks\Μηνιαία ειδοποίηση λήξης υπηρεσίας για τα Microsoft Windows XP.job
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2015/01/25 19:16:07 | 000,045,458 | ---- | C] () -- C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.PNG
[2015/01/25 19:16:07 | 000,008,528 | ---- | C] () -- C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.HTML
[2015/01/25 19:16:07 | 000,000,272 | ---- | C] () -- C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.URL
[2015/01/25 19:14:44 | 000,045,458 | ---- | C] () -- C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.PNG
[2015/01/25 19:14:44 | 000,008,528 | ---- | C] () -- C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.HTML
[2015/01/25 19:14:44 | 000,000,272 | ---- | C] () -- C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.URL
[2015/01/25 19:13:09 | 000,045,458 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.PNG
[2015/01/25 19:13:09 | 000,008,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.HTML
[2015/01/25 19:13:09 | 000,000,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.URL
[2015/01/25 19:13:07 | 000,045,458 | ---- | C] () -- C:\Documents and Settings\All Users\HELP_DECRYPT.PNG
[2015/01/25 19:13:07 | 000,045,458 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.PNG
[2015/01/25 19:13:07 | 000,008,528 | ---- | C] () -- C:\Documents and Settings\All Users\HELP_DECRYPT.HTML
[2015/01/25 19:13:07 | 000,008,528 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.HTML
[2015/01/25 19:13:07 | 000,000,272 | ---- | C] () -- C:\Documents and Settings\All Users\HELP_DECRYPT.URL
[2015/01/25 19:13:07 | 000,000,272 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.URL
[2015/01/25 19:12:58 | 000,045,458 | ---- | C] () -- C:\out.png
[2015/01/25 19:11:29 | 000,194,960 | ---- | C] () -- C:\Program Files\64res.dll
[2015/01/25 19:09:29 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\ffifssssfdfsf4f.ini
[2015/01/25 19:09:29 | 000,000,017 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\systemskey.ini
[2015/01/22 01:14:48 | 000,061,440 | ---- | C] () -- C:\Documents and Settings\Vagelis\Application Data\runlet.ph
[2015/01/22 00:21:22 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\Vagelis\Application Data\beanie.g
[2015/01/22 00:12:36 | 000,053,248 | ---- | C] () -- C:\Documents and Settings\Vagelis\Application Data\degrees.vp
[2015/01/18 12:11:51 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Decrypt All Files efzzupf.bmp
[2015/01/18 11:53:01 | 000,963,679 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\eiiceyj.html
[2015/01/18 11:50:53 | 000,000,250 | -H-- | C] () -- C:\WINDOWS\tasks\eqkdqlk.job
[2014/12/15 16:53:40 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\f599a5569ba58b6.sys
[2013/11/29 15:22:03 | 000,182,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\ssudmdm.sys
[2013/11/29 15:22:02 | 000,084,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\ssudbus.sys
[2013/06/10 22:31:05 | 001,231,742 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1993962763-1409082233-725345543-1003-0.dat
[2013/06/10 22:31:05 | 000,245,742 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013/06/10 12:40:02 | 000,020,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\dgderdrv.sys
[2013/04/18 18:07:00 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2013/04/18 18:06:46 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2013/04/18 18:06:46 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2013/04/18 18:06:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2013/04/18 18:06:46 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2012/02/15 19:10:29 | 000,273,480 | ---- | C] () -- C:\Documents and Settings\Vagelis\Application Data\BtvStack.dll
[2011/07/19 17:06:15 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ReminderNextRun
[2008/10/31 23:56:19 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Vagelis\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/07 19:00:01 | 000,000,149 | ---- | C] () -- C:\Documents and Settings\Vagelis\default.pls
 
========== ZeroAccess Check ==========
 
[2013/10/17 22:35:12 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 18:29:57 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12:52:33 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 18:30:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013/12/05 19:34:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2011/05/18 18:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2011/09/07 17:39:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2013/06/10 12:38:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2012/04/04 21:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/02/09 13:44:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\GlobalSoft
[2015/01/25 19:20:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\Local Store
[2015/01/09 21:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\Luobtyy
[2015/01/25 20:28:43 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Vagelis\Application Data\LVS-MUPPSPKSPPO
[2015/01/25 19:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\MdaMngr
[2015/01/25 19:13:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\MicroWindows0Mnger
[2015/01/25 19:14:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\Samsung
[2012/11/26 20:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\TeamViewer
[2013/06/13 17:49:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\uTorrent
 
========== Purity Check ==========
 
 
 
< End of report >
 

  • 0

Advertisements

#2
RKinner
Posted 25 January 2015 - 01:16 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Looks like one of the programs that encrypt all of your data.  Not much we can do about the encrypted data but we can kill the virus tho it may take several tries.

 

Copy the text in the code box by highlighting and Ctrl + c
 
 
:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [{772114f5-dc48-f646-8b68-1e6d40edd92c}] "C:\Documents and Settings\All Users\Application Data\Microsoft\{772114f5-dc48-f646-8b68-1e6d40edd92c}\{772114f5-dc48-f646-8b68-1e6d40edd92c}.exe" File not found
O4 - HKLM..\Run: [{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2}] "C:\Documents and Settings\All Users\Application Data\Microsoft\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2}\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2}.exe" File not found
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe File not found
O4 - HKLM..\Run: [Unrocyytudozn] "C:\Documents and Settings\Vagelis\Application Data\Luobtyy\uvomn.exe" File not found
O4 - HKCU..\Run: [Asnxworks] C:\WINDOWS\System32\regsvr32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Icxnsoft] C:\WINDOWS\System32\regsvr32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKCU..\Run: [Unrocyytudozn] "C:\Documents and Settings\Vagelis\Application Data\Luobtyy\uvomn.exe" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: {772114f5-dc48-f646-8b68-1e6d40edd92c} = "C:\Documents and Settings\All Users\Application Data\Microsoft\{772114f5-dc48-f646-8b68-1e6d40edd92c}\{772114f5-dc48-f646-8b68-1e6d40edd92c}.exe"
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: {c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2} = "C:\Documents and Settings\All Users\Application Data\Microsoft\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2}\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2}.exe"
O24 - Desktop WallPaper: C:\Documents and Settings\Vagelis\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Vagelis\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
[2015/01/18 12:33:53 | 000,000,000 | -H-D | C] -- C:\e34abb91
[2015/01/16 14:32:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vagelis\Local Settings\Application Data\Asnxworks
[2015/01/16 14:31:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vagelis\Local Settings\Application Data\Ofxics
[2015/01/08 10:04:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vagelis\Application Data\Luobtyy
[2015/01/25 20:27:50 | 000,000,250 | -H-- | M] () -- C:\WINDOWS\tasks\eqkdqlk.job
[2015/01/25 19:16:07 | 000,045,458 | ---- | C] () -- C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.PNG
[2015/01/25 19:16:07 | 000,008,528 | ---- | C] () -- C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.HTML
[2015/01/25 19:16:07 | 000,000,272 | ---- | C] () -- C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.URL
[2015/01/25 19:14:44 | 000,045,458 | ---- | C] () -- C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.PNG
[2015/01/25 19:14:44 | 000,008,528 | ---- | C] () -- C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.HTML
[2015/01/25 19:14:44 | 000,000,272 | ---- | C] () -- C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.URL
[2015/01/25 19:13:09 | 000,045,458 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.PNG
[2015/01/25 19:13:09 | 000,008,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.HTML
[2015/01/25 19:13:09 | 000,000,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.URL
[2015/01/25 19:13:07 | 000,045,458 | ---- | C] () -- C:\Documents and Settings\All Users\HELP_DECRYPT.PNG
[2015/01/25 19:13:07 | 000,045,458 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.PNG
[2015/01/25 19:13:07 | 000,008,528 | ---- | C] () -- C:\Documents and Settings\All Users\HELP_DECRYPT.HTML
[2015/01/25 19:13:07 | 000,008,528 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.HTML
[2015/01/25 19:13:07 | 000,000,272 | ---- | C] () -- C:\Documents and Settings\All Users\HELP_DECRYPT.URL
[2015/01/25 19:13:07 | 000,000,272 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.URL
[2015/01/25 19:12:58 | 000,045,458 | ---- | C] () -- C:\out.png
[2015/01/25 19:11:29 | 000,194,960 | ---- | C] () -- C:\Program Files\64res.dll
[2015/01/25 19:09:29 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\ffifssssfdfsf4f.ini
[2015/01/25 19:09:29 | 000,000,017 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\systemskey.ini
[2015/01/22 01:14:48 | 000,061,440 | ---- | C] () -- C:\Documents and Settings\Vagelis\Application Data\runlet.ph
[2015/01/22 00:21:22 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\Vagelis\Application Data\beanie.g
[2015/01/22 00:12:36 | 000,053,248 | ---- | C] () -- C:\Documents and Settings\Vagelis\Application Data\degrees.vp
[2015/01/18 12:11:51 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Decrypt All Files efzzupf.bmp
[2015/01/18 11:53:01 | 000,963,679 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\eiiceyj.html
[2015/01/18 11:50:53 | 000,000,250 | -H-- | C] () -- C:\WINDOWS\tasks\eqkdqlk.job
[2014/12/15 16:53:40 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\f599a5569ba58b6.sys
 
:files
sc stop f599a5569ba58b6 /c
sc delete f599a5569ba58b6 /c
C:\WINDOWS\System32\drivers\f599a5569ba58b6.sys
C:\Documents and Settings\Vagelis\Local Settings\Application Data\Asnxworks
C:\Documents and Settings\Vagelis\Local Settings\Application Data\Ofxics
C:\Documents and Settings\Vagelis\Application Data\Luobtyy
C:\Documents and Settings\All Users\Application Data\Microsoft\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2}
 
:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]
 
then Double click on OTL to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply. then Double on OTL to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply. 
 

Please download Farbar Recovery Scan Tool and save it to your Desktop. 
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 
  •  
  • XP users click run after receipt of Windows Security Warning - Open File. When the tool opens click Yes to disclaimer. 
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 
 
 

  • 0

#3
MariannaC
Posted 26 January 2015 - 02:11 AM

MariannaC

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Hello!

 

Thank you for the fast reply. 

 

OTL's first scan:

 

 

========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\{772114f5-dc48-f646-8b68-1e6d40edd92c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{772114f5-dc48-f646-8b68-1e6d40edd92c}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\FixCamera deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Unrocyytudozn deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Asnxworks deleted successfully.
C:\WINDOWS\system32\regsvr32.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Icxnsoft deleted successfully.
File C:\WINDOWS\System32\regsvr32.exe not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\KiesAirMessage deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Unrocyytudozn deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HideSCAHealth deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\{772114f5-dc48-f646-8b68-1e6d40edd92c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{772114f5-dc48-f646-8b68-1e6d40edd92c}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General\\WallPaper deleted successfully.
C:\Documents and Settings\Vagelis\Local Settings\Application Data\Microsoft\Wallpaper1.bmp moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General\\BackupWallPaper deleted successfully.
File C:\Documents and Settings\Vagelis\Local Settings\Application Data\Microsoft\Wallpaper1.bmp not found.
C:\e34abb91 folder moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Application Data\Asnxworks folder moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Application Data\Ofxics folder moved successfully.
C:\Documents and Settings\Vagelis\Application Data\Luobtyy folder moved successfully.
C:\WINDOWS\tasks\eqkdqlk.job moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.PNG moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.HTML moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.URL moved successfully.
C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.PNG moved successfully.
C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.HTML moved successfully.
C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.URL moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.PNG moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.HTML moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.URL moved successfully.
C:\Documents and Settings\All Users\HELP_DECRYPT.PNG moved successfully.
C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.PNG moved successfully.
C:\Documents and Settings\All Users\HELP_DECRYPT.HTML moved successfully.
C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.HTML moved successfully.
C:\Documents and Settings\All Users\HELP_DECRYPT.URL moved successfully.
C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.URL moved successfully.
C:\out.png moved successfully.
File C:\Program Files\64res.dll not found.
C:\Documents and Settings\LocalService\Application Data\ffifssssfdfsf4f.ini moved successfully.
C:\Documents and Settings\All Users\Application Data\systemskey.ini moved successfully.
C:\Documents and Settings\Vagelis\Application Data\runlet.ph moved successfully.
C:\Documents and Settings\Vagelis\Application Data\beanie.g moved successfully.
C:\Documents and Settings\Vagelis\Application Data\degrees.vp moved successfully.
C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Decrypt All Files efzzupf.bmp moved successfully.
C:\Documents and Settings\All Users\Application Data\eiiceyj.html moved successfully.
File C:\WINDOWS\tasks\eqkdqlk.job not found.
File move failed. C:\WINDOWS\system32\drivers\f599a5569ba58b6.sys scheduled to be moved on reboot.
========== FILES ==========
< sc stop f599a5569ba58b6 /c >
No captured output from command...
C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\cmd.bat deleted successfully.
< sc delete f599a5569ba58b6 /c >
No captured output from command...
C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\cmd.bat deleted successfully.
File move failed. C:\WINDOWS\System32\drivers\f599a5569ba58b6.sys scheduled to be moved on reboot.
File\Folder C:\Documents and Settings\Vagelis\Local Settings\Application Data\Asnxworks not found.
File\Folder C:\Documents and Settings\Vagelis\Local Settings\Application Data\Ofxics not found.
File\Folder C:\Documents and Settings\Vagelis\Application Data\Luobtyy not found.
C:\Documents and Settings\All Users\Application Data\Microsoft\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2} folder moved successfully.
========== COMMANDS ==========
 
[EMPTYFLASH]
 
User: All Users
 
User: Default User
 
User: LocalService
 
User: NetworkService
 
User: Vagelis
->Flash cache emptied: 2149971 bytes
 
Total Flash Files Cleaned = 2,00 mb
 
 
[EMPTYJAVA]
 
User: All Users
 
User: Default User
 
User: LocalService
 
User: NetworkService
 
User: Vagelis
->Java cache emptied: 1 bytes
 
Total Java Files Cleaned = 0,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 01262015_094146
 
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\system32\drivers\f599a5569ba58b6.sys scheduled to be moved on reboot.
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...
 
 
 
Second fix run:
 

Error: Unable to interpret <========== OTL ==========> in the current context!
Error: Unable to interpret <Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.> in the current context!
Error: Unable to interpret <Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.> in the current context!
Error: Unable to interpret <Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\{772114f5-dc48-f646-8b68-1e6d40edd92c} deleted successfully.> in the current context!
Error: Unable to interpret <Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{772114f5-dc48-f646-8b68-1e6d40edd92c}\ not found.> in the current context!
Error: Unable to interpret <Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2} deleted successfully.> in the current context!
Error: Unable to interpret <Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2}\ not found.> in the current context!
Error: Unable to interpret <Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\FixCamera deleted successfully.> in the current context!
Error: Unable to interpret <Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Unrocyytudozn deleted successfully.> in the current context!
Error: Unable to interpret <Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Asnxworks deleted successfully.> in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\regsvr32.exe moved successfully.> in the current context!
Error: Unable to interpret <Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Icxnsoft deleted successfully.> in the current context!
Error: Unable to interpret <File C:\WINDOWS\System32\regsvr32.exe not found.> in the current context!
Error: Unable to interpret <Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\KiesAirMessage deleted successfully.> in the current context!
Error: Unable to interpret <Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Unrocyytudozn deleted successfully.> in the current context!
Error: Unable to interpret <Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HideSCAHealth deleted successfully.> in the current context!
Error: Unable to interpret <Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\{772114f5-dc48-f646-8b68-1e6d40edd92c} deleted successfully.> in the current context!
Error: Unable to interpret <Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{772114f5-dc48-f646-8b68-1e6d40edd92c}\ not found.> in the current context!
Error: Unable to interpret <Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2} deleted successfully.> in the current context!
Error: Unable to interpret <Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2}\ not found.> in the current context!
Error: Unable to interpret <Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General\\WallPaper deleted successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\Vagelis\Local Settings\Application Data\Microsoft\Wallpaper1.bmp moved successfully.> in the current context!
Error: Unable to interpret <Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General\\BackupWallPaper deleted successfully.> in the current context!
Error: Unable to interpret <File C:\Documents and Settings\Vagelis\Local Settings\Application Data\Microsoft\Wallpaper1.bmp not found.> in the current context!
Error: Unable to interpret <C:\e34abb91 folder moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\Vagelis\Local Settings\Application Data\Asnxworks folder moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\Vagelis\Local Settings\Application Data\Ofxics folder moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\Vagelis\Application Data\Luobtyy folder moved successfully.> in the current context!
Error: Unable to interpret <C:\WINDOWS\tasks\eqkdqlk.job moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.PNG moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.HTML moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.URL moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.PNG moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.HTML moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.URL moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.PNG moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.HTML moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.URL moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\All Users\HELP_DECRYPT.PNG moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.PNG moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\All Users\HELP_DECRYPT.HTML moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.HTML moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\All Users\HELP_DECRYPT.URL moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.URL moved successfully.> in the current context!
Error: Unable to interpret <C:\out.png moved successfully.> in the current context!
Error: Unable to interpret <File C:\Program Files\64res.dll not found.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\LocalService\Application Data\ffifssssfdfsf4f.ini moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\All Users\Application Data\systemskey.ini moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\Vagelis\Application Data\runlet.ph moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\Vagelis\Application Data\beanie.g moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\Vagelis\Application Data\degrees.vp moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Decrypt All Files efzzupf.bmp moved successfully.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\All Users\Application Data\eiiceyj.html moved successfully.> in the current context!
Error: Unable to interpret <File C:\WINDOWS\tasks\eqkdqlk.job not found.> in the current context!
Error: Unable to interpret <File move failed. C:\WINDOWS\system32\drivers\f599a5569ba58b6.sys scheduled to be moved on reboot.> in the current context!
Error: Unable to interpret <========== FILES ==========> in the current context!
Error: Unable to interpret << sc stop f599a5569ba58b6 /c >> in the current context!
Error: Unable to interpret <No captured output from command...> in the current context!
Error: Unable to interpret <C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\cmd.bat deleted successfully.> in the current context!
Error: Unable to interpret << sc delete f599a5569ba58b6 /c >> in the current context!
Error: Unable to interpret <No captured output from command...> in the current context!
Error: Unable to interpret <C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\cmd.bat deleted successfully.> in the current context!
Error: Unable to interpret <File move failed. C:\WINDOWS\System32\drivers\f599a5569ba58b6.sys scheduled to be moved on reboot.> in the current context!
Error: Unable to interpret <File\Folder C:\Documents and Settings\Vagelis\Local Settings\Application Data\Asnxworks not found.> in the current context!
Error: Unable to interpret <File\Folder C:\Documents and Settings\Vagelis\Local Settings\Application Data\Ofxics not found.> in the current context!
Error: Unable to interpret <File\Folder C:\Documents and Settings\Vagelis\Application Data\Luobtyy not found.> in the current context!
Error: Unable to interpret <C:\Documents and Settings\All Users\Application Data\Microsoft\{c1fa5480-038e-2ff8-53a8-30d9e4bc4ed2} folder moved successfully.> in the current context!
Error: Unable to interpret <========== COMMANDS ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[EMPTYFLASH]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: All Users> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: Default User> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: LocalService> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: NetworkService> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: Vagelis> in the current context!
Error: Unable to interpret <->Flash cache emptied: 2149971 bytes> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Total Flash Files Cleaned = 2,00 mb> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[EMPTYJAVA]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: All Users> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: Default User> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: LocalService> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: NetworkService> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <User: Vagelis> in the current context!
Error: Unable to interpret <->Java cache emptied: 1 bytes> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Total Java Files Cleaned = 0,00 mb> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.69.0 log created on 01262015_094146> in the current context!
Error: Unable to interpret <Files\Folders moved on Reboot...> in the current context!
Error: Unable to interpret <File move failed. C:\WINDOWS\system32\drivers\f599a5569ba58b6.sys scheduled to be moved on reboot.> in the current context!
Error: Unable to interpret <PendingFileRenameOperations files...> in the current context!
Error: Unable to interpret <Registry entries deleted on Reboot...> in the current context!
 
OTL by OldTimer - Version 3.2.69.0 log created on 01262015_095251
 
FRST log:
 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2015 01
Ran by Vagelis (administrator) on DESKTOP on 26-01-2015 10:03:45
Running from C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας
Loaded Profiles: Vagelis (Available profiles: Vagelis)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Ελληνικά
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Smart Link) C:\WINDOWS\system32\slserv.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Canon Inc.) C:\Program Files\Canon\CAL\CALMAIN.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
() C:\WINDOWS\vsnpstd3.exe
() C:\WINDOWS\tsnpstd3.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Desktop.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16384512 2008-01-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2008-01-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [56928 2006-11-23] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [54832 2006-12-05] ()
HKLM\...\Run: [snpstd3] => C:\WINDOWS\vsnpstd3.exe [835584 2007-05-10] ()
HKLM\...\Run: [tsnpstd3] => C:\WINDOWS\tsnpstd3.exe [360448 2009-04-24] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [253672 2011-01-07] (Sun Microsystems, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2029640 2009-03-19] (ESET)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Synchronization Manager] => C:\WINDOWS\system32\mobsync.exe [143872 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
Winlogon\Notify\WgaLogon: C:\WINDOWS\system32\WgaLogon.dll ()
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <===== ATTENTION
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [94208 2005-10-28] (Nero AG)
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\...\Run: [BluetoothS] => rundll32.exe "%appdata%\BtvStack.dll",BTHF_Register
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\...\MountPoints2: E - E:\LaunchU3.exe -a
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\...\MountPoints2: {34469552-f469-11e3-bd50-001cc060e7bb} - E:\LaunchU3.exe -a
Startup: C:\Documents and Settings\All Users\Start Menu\Προγράμματα\Εκκίνηση\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση\e34abb91.exe ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-1993962763-1409082233-725345543-1003 -> DefaultScope {8545F732-03AD-434E-A425-483C8DC457D8} URL = http://search.yahoo....=utf-8&fr=b1ie7
SearchScopes: HKU\S-1-5-21-1993962763-1409082233-725345543-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1993962763-1409082233-725345543-1003 -> {8545F732-03AD-434E-A425-483C8DC457D8} URL = http://search.yahoo....=utf-8&fr=b1ie7
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {E689A1CC-7220-45EA-9524-DAC4F78355C7} https://www.millenni...ly/GSMonWEB.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Vagelis\Application Data\Mozilla\Firefox\Profiles\jd5ea4qe.default
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Windows Media Services DRM Storage object - C:\Documents and Settings\Vagelis\Application Data\Mozilla\Firefox\Profiles\jd5ea4qe.default\Extensions\{75FAD9C3-E976-1115-DB37-B29F176E34F9} [2015-01-18]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-24]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2011-05-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-17]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: Eset Plugin - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-11-26]
FF HKU\S-1-5-21-1993962763-1409082233-725345543-1003\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.gr/
CHR StartupUrls: Default -> "https://www.google.gr/"
CHR Profile: C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Έγγραφα Google) - C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-02]
CHR Extension: (Google Drive ) - C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-02]
CHR Extension: (YouTube) - C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-02]
CHR Extension: (Adblock Plus) - C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-04]
CHR Extension: (Αναζήτηση Google) - C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-02]
CHR Extension: (Πορτοφόλι Google) - C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-07]
CHR Extension: (Gmail) - C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-02]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
Locked "f599a5569ba58b6" service could not be unlocked. <===== ATTENTION
 
R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96341 2006-03-30] (Canon Inc.) [File not signed]
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [20680 2009-03-19] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [731840 2009-03-19] (ESET)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2011-05-18] (Sun Microsystems, Inc.)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [167936 2005-08-08] () [File not signed]
R2 SLService; C:\WINDOWS\system32\slserv.exe [73796 2008-04-14] (Smart Link)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [113960 2009-03-19] (ESET)
S1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [107256 2009-03-19] (ESET)
S1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [93848 2009-03-19] (ESET)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-01-17] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-01-17] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-01-17] (HP)
S3 Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [126686 2004-08-03] (Smart Link)
S3 Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [1309184 2004-08-03] (Smart Link)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [180360 2004-08-03] (Smart Link)
R0 RecAgent; C:\WINDOWS\System32\DRIVERS\RecAgent.sys [13776 2004-08-03] (Smart Link)
S3 s0017bus; C:\WINDOWS\System32\DRIVERS\s0017bus.sys [86824 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\WINDOWS\System32\DRIVERS\s0017mdfl.sys [15016 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\WINDOWS\System32\DRIVERS\s0017mdm.sys [114600 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\WINDOWS\System32\DRIVERS\s0017mgmt.sys [108328 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\WINDOWS\System32\DRIVERS\s0017nd5.sys [26024 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\WINDOWS\System32\DRIVERS\s0017obex.sys [104616 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\WINDOWS\System32\DRIVERS\s0017unic.sys [109736 2008-10-21] (MCCI Corporation)
S3 s1018obex; C:\WINDOWS\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation)
S3 Slnt7554; C:\WINDOWS\System32\DRIVERS\slnt7554.sys [129535 2004-08-03] (Smart Link)
S3 SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [95424 2004-08-03] (Smart Link)
S3 SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [13240 2004-08-03] (Smart Link)
R3 SNPSTD3; C:\WINDOWS\System32\DRIVERS\snpstd3.sys [10472960 2009-04-24] (Sonix Co. Ltd.) [File not signed]
U5 f599a5569ba58b6; C:\Windows\System32\Drivers\f599a5569ba58b6.sys [75264 2014-12-15] () <===== ATTENTION Necurs Rootkit?
S4 InCDFs; system32\drivers\InCDFs.sys [X]
S1 InCDPass; system32\drivers\InCDPass.sys [X]
S1 InCDRm; system32\drivers\InCDRm.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-26 10:03 - 2015-01-26 10:04 - 00017788 _____ () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\FRST.txt
2015-01-26 10:03 - 2015-01-26 10:03 - 00000000 ____D () C:\FRST
2015-01-26 10:01 - 2015-01-26 10:01 - 01120768 _____ (Farbar) C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\FRST.exe
2015-01-26 09:54 - 2015-01-26 09:54 - 00025308 _____ () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\01262015_095251.log
2015-01-26 09:43 - 2015-01-26 09:43 - 00008528 _____ () C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.HTML
2015-01-26 09:43 - 2015-01-26 09:43 - 00000272 _____ () C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.URL
2015-01-26 09:42 - 2015-01-26 09:48 - 00000000 ___HD () C:\e34abb91
2015-01-26 09:41 - 2015-01-26 09:41 - 00000000 ____D () C:\_OTL
2015-01-26 09:28 - 2015-01-26 09:48 - 00000000 ____D () C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\CyberLink PowerDVD
2015-01-25 20:46 - 2015-01-25 20:56 - 00080848 _____ () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\OTL.Txt
2015-01-25 20:46 - 2015-01-25 20:46 - 00040432 _____ () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\Extras.Txt
2015-01-25 20:35 - 2015-01-25 20:35 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\OTL.exe
2015-01-25 20:25 - 2015-01-25 20:25 - 00011408 _____ () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\mal.txt
2015-01-25 19:16 - 2015-01-25 19:16 - 00008528 _____ () C:\Documents and Settings\Vagelis\Local Settings\HELP_DECRYPT.HTML
2015-01-25 19:16 - 2015-01-25 19:16 - 00004204 _____ () C:\Documents and Settings\Vagelis\Local Settings\HELP_DECRYPT.TXT
2015-01-25 19:16 - 2015-01-25 19:16 - 00004204 _____ () C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-01-25 19:16 - 2015-01-25 19:16 - 00000272 _____ () C:\Documents and Settings\Vagelis\Local Settings\HELP_DECRYPT.URL
2015-01-25 19:15 - 2015-01-25 19:20 - 00000000 ____D () C:\Documents and Settings\Vagelis\Application Data\Local Store
2015-01-25 19:14 - 2015-01-26 09:43 - 00004204 _____ () C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.TXT
2015-01-25 19:14 - 2015-01-25 20:40 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-25 19:14 - 2015-01-25 20:27 - 00000000 _RSHD () C:\Documents and Settings\All Users\MicroWindows0Mnger
2015-01-25 19:13 - 2015-01-26 09:42 - 00000000 ____D () C:\Documents and Settings\Vagelis\Application Data\MicroWindows0Mnger
2015-01-25 19:13 - 2015-01-25 20:28 - 00000000 __SHD () C:\Documents and Settings\Vagelis\Application Data\LVS-MUPPSPKSPPO
2015-01-25 19:13 - 2015-01-25 20:27 - 00000000 _RSHD () C:\Documents and Settings\All Users\MediaMangr
2015-01-25 19:13 - 2015-01-25 19:13 - 00008528 _____ () C:\Documents and Settings\LocalService\Local Settings\HELP_DECRYPT.HTML
2015-01-25 19:13 - 2015-01-25 19:13 - 00008528 _____ () C:\Documents and Settings\LocalService\HELP_DECRYPT.HTML
2015-01-25 19:13 - 2015-01-25 19:13 - 00008528 _____ () C:\Documents and Settings\Default User\Local Settings\HELP_DECRYPT.HTML
2015-01-25 19:13 - 2015-01-25 19:13 - 00008528 _____ () C:\Documents and Settings\Default User\Local Settings\Application Data\HELP_DECRYPT.HTML
2015-01-25 19:13 - 2015-01-25 19:13 - 00008528 _____ () C:\Documents and Settings\Default User\HELP_DECRYPT.HTML
2015-01-25 19:13 - 2015-01-25 19:13 - 00008528 _____ () C:\Documents and Settings\Default User\Application Data\HELP_DECRYPT.HTML
2015-01-25 19:13 - 2015-01-25 19:13 - 00004204 _____ () C:\Documents and Settings\LocalService\Local Settings\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 00004204 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 00004204 _____ () C:\Documents and Settings\LocalService\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 00004204 _____ () C:\Documents and Settings\Default User\Local Settings\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 00004204 _____ () C:\Documents and Settings\Default User\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 00004204 _____ () C:\Documents and Settings\Default User\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 00004204 _____ () C:\Documents and Settings\Default User\Application Data\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 00004204 _____ () C:\Documents and Settings\All Users\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 00004204 _____ () C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 00000304 _____ () C:\Documents and Settings\Vagelis\Application Data\cc35312fb3a7e05b7a44db2326bd29040.txt
2015-01-25 19:13 - 2015-01-25 19:13 - 00000272 _____ () C:\Documents and Settings\LocalService\Local Settings\HELP_DECRYPT.URL
2015-01-25 19:13 - 2015-01-25 19:13 - 00000272 _____ () C:\Documents and Settings\LocalService\HELP_DECRYPT.URL
2015-01-25 19:13 - 2015-01-25 19:13 - 00000272 _____ () C:\Documents and Settings\Default User\Local Settings\HELP_DECRYPT.URL
2015-01-25 19:13 - 2015-01-25 19:13 - 00000272 _____ () C:\Documents and Settings\Default User\Local Settings\Application Data\HELP_DECRYPT.URL
2015-01-25 19:13 - 2015-01-25 19:13 - 00000272 _____ () C:\Documents and Settings\Default User\HELP_DECRYPT.URL
2015-01-25 19:13 - 2015-01-25 19:13 - 00000272 _____ () C:\Documents and Settings\Default User\Application Data\HELP_DECRYPT.URL
2015-01-25 19:13 - 2015-01-25 19:13 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-25 19:13 - 2015-01-25 19:13 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Προγράμματα\Malwarebytes Anti-Malware
2015-01-25 19:13 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-25 19:12 - 2015-01-25 20:27 - 00000000 _RSHD () C:\Documents and Settings\All Users\MdaMngr
2015-01-25 19:12 - 2015-01-25 19:13 - 00000000 ____D () C:\Documents and Settings\Vagelis\Application Data\MdaMngr
2015-01-18 12:11 - 2015-01-18 12:33 - 00001552 _____ () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Decrypt All Files efzzupf.txt
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-26 10:05 - 2008-10-07 18:10 - 00000000 ___RD () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Οι εικόνες μου
2015-01-26 10:04 - 2008-10-07 18:10 - 00000000 ____D () C:\Documents and Settings\Vagelis\Local Settings\Temp
2015-01-26 10:03 - 2013-06-02 11:56 - 00001841 _____ () C:\Documents and Settings\All Users\Επιφάνεια εργασίας\Google Chrome.lnk
2015-01-26 10:03 - 2013-06-02 11:54 - 00001172 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-26 10:03 - 2008-10-07 18:10 - 00000000 ____D () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας
2015-01-26 09:48 - 2014-03-09 12:59 - 00000226 _____ () C:\WINDOWS\Tasks\Σύνδεση στην ειδοποίηση λήξης υπηρεσίας για τα Microsoft Windows XP.job
2015-01-26 09:48 - 2013-06-02 11:54 - 00001168 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-26 09:44 - 2008-10-07 20:55 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-01-26 09:44 - 2008-10-07 20:55 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-01-26 09:44 - 2008-10-07 18:09 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-26 09:43 - 2014-10-01 13:40 - 00000000 ____D () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\photos
2015-01-26 09:43 - 2008-10-07 18:10 - 00000278 ___SH () C:\Documents and Settings\Vagelis\ntuser.ini
2015-01-26 09:43 - 2008-10-07 18:09 - 00032472 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-26 09:43 - 2008-10-07 18:06 - 01479621 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-26 09:42 - 2008-10-07 18:10 - 00000000 ___RD () C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση
2015-01-26 09:41 - 2008-10-07 18:10 - 00000000 ___RD () C:\Documents and Settings\Vagelis\Τα έγγραφά μου
2015-01-26 09:28 - 2008-10-07 18:10 - 00000000 ___RD () C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα
2015-01-25 20:14 - 2008-10-07 18:10 - 00000000 ___RD () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Η μουσική μου
2015-01-25 19:27 - 2010-06-17 12:51 - 00000697 _____ () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\Εκκίνηση του προγράμματος περιήγησης Internet Explorer.lnk
2015-01-25 19:27 - 2008-10-07 18:10 - 00000703 _____ () C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Internet Explorer.lnk
2015-01-25 19:16 - 2012-11-26 20:38 - 00000000 ____D () C:\Documents and Settings\Vagelis\Local Settings\Application Data\Mozilla
2015-01-25 19:15 - 2013-06-02 11:54 - 00000000 ____D () C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google
2015-01-25 19:15 - 2012-04-04 21:04 - 00000000 ____D () C:\Documents and Settings\Vagelis\Local Settings\Application Data\Apple Computer
2015-01-25 19:15 - 2008-10-07 18:37 - 00000000 ____D () C:\Documents and Settings\Vagelis\Local Settings\Application Data\Ahead
2015-01-25 19:14 - 2013-06-10 12:42 - 00000000 ____D () C:\Documents and Settings\Vagelis\Application Data\Samsung
2015-01-25 19:14 - 2012-11-26 20:38 - 00000000 ____D () C:\Documents and Settings\Vagelis\Application Data\Mozilla
2015-01-25 19:14 - 2012-11-26 20:37 - 00000686 _____ () C:\Documents and Settings\All Users\Start Menu\Προγράμματα\Mozilla Firefox.lnk
2015-01-25 19:14 - 2011-05-19 07:49 - 00000000 ____D () C:\Documents and Settings\Vagelis\Application Data\Sun
2015-01-25 19:14 - 2010-10-25 21:16 - 00000000 ____D () C:\Documents and Settings\Vagelis\Application Data\Skype
2015-01-25 19:14 - 2004-08-04 02:45 - 01416192 _____ () C:\WINDOWS\system32\mmc.exe
2015-01-25 19:13 - 2012-11-26 20:07 - 00000777 _____ () C:\Documents and Settings\All Users\Επιφάνεια εργασίας\Malwarebytes Anti-Malware.lnk
2015-01-25 19:13 - 2011-05-24 12:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2015-01-25 19:13 - 2010-10-25 21:16 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
2015-01-25 19:13 - 2009-11-04 18:58 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HP
2015-01-25 19:13 - 2008-10-07 20:52 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Προγράμματα
2015-01-25 19:13 - 2008-10-07 20:52 - 00000000 ____D () C:\Documents and Settings\All Users\Επιφάνεια εργασίας
2015-01-25 19:13 - 2008-10-07 18:09 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-01-25 19:11 - 2014-04-16 18:42 - 00000000 ____D () C:\Documents and Settings\Vagelis\Local Settings\Application Data\Unity
2015-01-25 19:02 - 2008-10-07 18:10 - 00000000 ____D () C:\Documents and Settings\Vagelis
2015-01-25 18:59 - 2001-11-27 15:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-18 12:11 - 2008-10-07 18:09 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-01-18 12:10 - 2013-05-15 19:41 - 00000000 ____D () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\PHOTO OLGA
2015-01-18 11:55 - 2012-11-30 23:38 - 00000000 ____D () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Ληφθέντα αρχεία
2015-01-18 11:54 - 2012-01-16 14:58 - 00000000 ____D () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Olga
2015-01-18 11:54 - 2011-05-24 12:12 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2015-01-18 11:54 - 2010-05-21 17:31 - 00000000 ____D () C:\Program Files\Windows Media Connect 2
2015-01-18 11:54 - 2010-02-01 14:26 - 00000000 ____D () C:\Program Files\WinRAR
2015-01-18 11:54 - 2009-01-08 22:31 - 00000000 ____D () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\ΦΡΟΣΩ
2015-01-18 11:54 - 2008-11-01 00:03 - 00000000 ____D () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\vangelis doulia
2015-01-18 11:54 - 2008-10-07 18:46 - 00000000 ____D () C:\Program Files\WinZip
2015-01-18 11:54 - 2008-10-07 18:39 - 00000000 ____D () C:\Program Files\PDFCreator
2015-01-18 11:54 - 2008-10-07 18:04 - 00000000 ____D () C:\Program Files\Outlook Express
2015-01-18 11:53 - 2013-12-05 19:33 - 00000000 ____D () C:\Program Files\iTunes
2015-01-18 11:53 - 2013-12-05 19:33 - 00000000 ____D () C:\Program Files\iPod
2015-01-18 11:53 - 2008-10-07 18:11 - 00000000 ____D () C:\I386
2015-01-18 11:51 - 2012-11-26 20:37 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Mozilla
2015-01-17 22:44 - 2008-10-07 18:17 - 00000000 __SHD () C:\WINDOWS\CSC
2015-01-17 13:23 - 2012-04-04 21:03 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-01-15 17:09 - 2012-10-17 19:07 - 00028816 _____ () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Τον Ιούνιο του 1822.doc ολγα.DOC.efzzupf
2015-01-15 12:44 - 2008-10-07 18:04 - 00000000 ____D () C:\WINDOWS\system32\Restore
2015-01-13 17:16 - 2008-10-07 18:52 - 00002579 _____ () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\Microsoft Office Word 2003.lnk
2015-01-12 18:46 - 2012-10-17 19:07 - 00100416 _____ () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Φράγματα.doc olga.DOC.efzzupf
2015-01-08 16:27 - 2014-03-09 12:59 - 00000220 _____ () C:\WINDOWS\Tasks\Μηνιαία ειδοποίηση λήξης υπηρεσίας για τα Microsoft Windows XP.job
 
==================== Files in the root of some directories =======
 
2013-05-02 11:11 - 2013-05-02 11:13 - 0006208 _____ () C:\Program Files\CMS Setup Log.TXT.efzzupf
2012-02-15 19:10 - 2012-02-15 19:10 - 0273480 _____ () C:\Documents and Settings\Vagelis\Application Data\BtvStack.dll
2015-01-25 19:13 - 2015-01-25 19:13 - 0000304 _____ () C:\Documents and Settings\Vagelis\Application Data\cc35312fb3a7e05b7a44db2326bd29040.txt
2015-01-26 09:43 - 2015-01-26 09:43 - 0008528 _____ () C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.HTML
2015-01-26 09:43 - 2015-01-26 09:43 - 0045351 _____ () C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.PNG
2015-01-25 19:14 - 2015-01-26 09:43 - 0004204 _____ () C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.TXT
2015-01-26 09:43 - 2015-01-26 09:43 - 0000272 _____ () C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.URL
2008-10-31 23:56 - 2011-05-24 22:16 - 0005632 _____ () C:\Documents and Settings\Vagelis\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-25 19:16 - 2015-01-25 19:16 - 0004204 _____ () C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 0004204 _____ () C:\Documents and Settings\All Users\HELP_DECRYPT.TXT
 
Some content of TEMP:
====================
C:\Documents and Settings\Vagelis\Local Settings\Temp\disktool.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\fp_pl_pfs_installer-1.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\fp_pl_pfs_installer-2.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\fp_pl_pfs_installer-3.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\fp_pl_pfs_installer-4.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\fp_pl_pfs_installer.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\fvw_k[2584].exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\hpzmsi01.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\hpzscr01.EXE
C:\Documents and Settings\Vagelis\Local Settings\Temp\iMesh_setup.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\install_flashplayer11x32_mssd_aih.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\xzoOTrBaMHrTyeOJeLZ.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\_is100D.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\_is59F.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\_is89E.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End Of Log ============================
 
ADDITION FRST LOG:
 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-01-2015 01
Ran by Vagelis at 2015-01-26 10:05:51
Running from C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET NOD32 Antivirus 4.0 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKLM\...\uTorrent) (Version: 3.3.0.29625 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
4500_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.6.602.180 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.6.602.180 - Adobe Systems Incorporated)
Adobe Reader 8.1.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81000000003}) (Version: 8.1.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BPD_HPSU (Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
BudgetIII Web camera (HKLM\...\{ECD03DA7-5952-406A-8156-5F0C93618D1F}) (Version: 5.18.1209.103 - Sonix)
BufferChm (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Canon Camera Access Library (HKLM\...\CAL) (Version: 8.3.0.1 - )
Canon Camera Support Core Library (HKLM\...\CSCLIB) (Version: 7.3.1.6 - )
Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM\...\CameraWindowDVC5) (Version: 5.4.5.17 - )
Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.4.0.9 - )
Canon Camera Window MC 6 for ZoomBrowser EX (HKLM\...\CameraWindowMC) (Version: 6.3.0.8 - )
Canon G.726 WMP-Decoder (HKLM\...\Canon G.726 WMP-Decoder) (Version: 1.1.0.4 - )
Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 2.5.0.8 - )
Canon RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.7.0.8 - )
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 1.1.0.8 - )
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.19.43 - )
CMS (HKLM\...\CMS) (Version:  - )
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Destination Component (Version: 100.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DocMgr (Version: 100.0.201.000 - Hewlett-Packard) Hidden
DocProc (Version: 10.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
ESET NOD32 Antivirus (HKLM\...\{FE9C13F6-6BBD-47D3-B939-F7E061BC4930}) (Version: 4.0.417.0 - ESET, spol s r. o.)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Fax (Version: 100.0.187.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService (Version: 100.0.187.000 - Hewlett-Packard) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Document Manager 1.0 (HKLM\...\HP Document Manager) (Version: 1.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP Officejet J4500 Series (HKLM\...\{CD0773D5-C18E-495c-B39B-21A96415EDD5}) (Version: 1.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Intel® PRO Network Connections 12.1.12.0 (HKLM\...\{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}) (Version:  - Intel)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
J4500 (Version: 50.0.165.000 - Επωνυμία Επιχείρησης) Hidden
Java™ 6 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
Malwarebytes Anti-Malware έκδοση 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110408-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft WinUsb 1.0 (HKLM\...\winusb0100) (Version:  - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 el) (HKLM\...\Mozilla Firefox 34.0.5 (x86 el)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCSetup (Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero 7 Demo (HKLM\...\{AC6E2D54-D21C-4350-7911-77D83EAF1032}) (Version: 7.00.1553 - Nero AG)
NetSurveillance (HKLM\...\NetSurveillance) (Version:  - )
OCR Software by I.R.I.S. 10.0 (HKLM\...\HPOCR) (Version: 10.0 - HP)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.5 - Frank Heindφrfer, Philip Chinery)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2414.0 - CyberLink Corporation)
ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5473 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Scan (Version: 10.1.0.0 - Hewlett-Packard) Hidden
Skype Toolbars (HKLM\...\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}) (Version: 5.0.4126 - Skype Technologies S.A.)
Skype™ 5.0 (HKLM\...\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}) (Version: 5.0.152 - Skype Technologies S.A.)
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (Version: 100.0.175.000 - Hewlett-Packard) Hidden
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
Toolbox (Version: 100.0.170.000 - Hewlett-Packard) Hidden
TrayApp (Version: 100.0.170.000 - Hewlett-Packard) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.175803 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WinZip (HKLM\...\WinZip) (Version:  10.0  (6667) - WinZip Computing LP)
Διασύνδεση μηχανισμού διαχείρισης Intel® (HKLM\...\HECI) (Version:  - Intel Corporation)
Ενημερωμένη έκδοση ασφαλείας για Windows XP (KB941569) (HKLM\...\KB941569) (Version:  - Microsoft Corporation)
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version:  - Microsoft Corporation)
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player (KB2834904) (HKLM\...\KB2834904_WM11) (Version:  - Microsoft Corporation)
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player (KB2834904-v2) (HKLM\...\KB2834904-v2_WM11) (Version:  - Microsoft Corporation)
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player (KB952069) (Version:  - Microsoft Corporation) Hidden
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player (KB954155) (Version:  - Microsoft Corporation) Hidden
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player (KB968816) (Version:  - Microsoft Corporation) Hidden
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player (KB973540) (Version:  - Microsoft Corporation) Hidden
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version:  - Microsoft Corporation)
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version:  - Microsoft Corporation)
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player 11 (KB954154) (HKLM\...\KB954154_WM11) (Version:  - Microsoft Corporation)
Ενημέρωση ασφαλείας για Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version:  - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2497640) (HKLM\...\KB2497640-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2559049) (HKLM\...\KB2559049-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2586448) (HKLM\...\KB2586448-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB981332) (HKLM\...\KB981332-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2121546) (HKLM\...\KB2121546) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2476687) (HKLM\...\KB2476687) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2491683) (HKLM\...\KB2491683) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2503658) (HKLM\...\KB2503658) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2503665) (HKLM\...\KB2503665) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2506223) (HKLM\...\KB2506223) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2511455) (HKLM\...\KB2511455) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2524375) (HKLM\...\KB2524375) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2544893) (HKLM\...\KB2544893) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2555917) (HKLM\...\KB2555917) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2618451) (HKLM\...\KB2618451) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2621440) (HKLM\...\KB2621440) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2624667) (HKLM\...\KB2624667) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2633171) (HKLM\...\KB2633171) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2639417) (HKLM\...\KB2639417) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2641653) (HKLM\...\KB2641653) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2646524) (HKLM\...\KB2646524) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2647518) (HKLM\...\KB2647518) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2660465) (HKLM\...\KB2660465) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2685939) (HKLM\...\KB2685939) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2695962) (HKLM\...\KB2695962) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2705219) (HKLM\...\KB2705219) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2707511) (HKLM\...\KB2707511) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2709162) (HKLM\...\KB2709162) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2718523) (HKLM\...\KB2718523) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2723135) (HKLM\...\KB2723135) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2724197) (HKLM\...\KB2724197) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2731847) (HKLM\...\KB2731847) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2753842) (HKLM\...\KB2753842) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2753842-v2) (HKLM\...\KB2753842-v2) (Version: 2 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2761226) (HKLM\...\KB2761226) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2778344) (HKLM\...\KB2778344) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2779030) (HKLM\...\KB2779030) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2799494) (HKLM\...\KB2799494) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2808735) (HKLM\...\KB2808735) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2813170) (HKLM\...\KB2813170) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2820197) (HKLM\...\KB2820197) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2829361) (HKLM\...\KB2829361) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2839229) (HKLM\...\KB2839229) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2849470) (HKLM\...\KB2849470) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2850851) (HKLM\...\KB2850851) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2876315) (HKLM\...\KB2876315) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2883150) (HKLM\...\KB2883150) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2893984) (HKLM\...\KB2893984) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB950760) (HKLM\...\KB950760) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB951066) (HKLM\...\KB951066) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB969947) (HKLM\...\KB969947) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB973354) (HKLM\...\KB973354) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB975713) (Version: 1 - Microsoft Corporation) Hidden
Ενημέρωση ασφαλείας για Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB978251) (HKLM\...\KB978251) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB978262) (HKLM\...\KB978262) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB980436) (HKLM\...\KB980436) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows Internet Explorer 8 (KB982632) (HKLM\...\KB982632-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB978207) (Version: 1 - Microsoft Corporation) Hidden
Επείγουσα επιδιόρθωση για Windows XP (KB2443685) (HKLM\...\KB2443685) (Version: 1 - Microsoft Corporation)
Επείγουσα επιδιόρθωση για Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation)
Επείγουσα επιδιόρθωση για Windows XP (KB2633952) (HKLM\...\KB2633952) (Version: 1 - Microsoft Corporation)
Επείγουσα επιδιόρθωση για Windows XP (KB2756822) (HKLM\...\KB2756822) (Version: 1 - Microsoft Corporation)
Επείγουσα επιδιόρθωση για Windows XP (KB2779562) (HKLM\...\KB2779562) (Version: 1 - Microsoft Corporation)
Επείγουσα επιδιόρθωση για Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Επείγουσα επιδιόρθωση για Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
Επείγουσα επιδιόρθωση για Windows XP (KB979306) (HKLM\...\KB979306) (Version: 1 - Microsoft Corporation)
Επείγουσα επιδιόρθωση για Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation)
Επείγουσα επιδιόρθωση για το Windows Media Player 11 (KB939683) (HKLM\...\KB939683) (Version:  - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1993962763-1409082233-725345543-1003_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-1993962763-1409082233-725345543-1003_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-1993962763-1409082233-725345543-1003_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-1993962763-1409082233-725345543-1003_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-1993962763-1409082233-725345543-1003_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-1993962763-1409082233-725345543-1003_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
 
==================== Restore Points  =========================
 
ATTENTION: System Restore is disabled.
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2001-11-27 15:00 - 2001-11-27 15:00 - 00000944 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Μηνιαία ειδοποίηση λήξης υπηρεσίας για τα Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Σύνδεση στην ειδοποίηση λήξης υπηρεσίας για τα Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
 
==================== Loaded Modules (whitelisted) =============
 
2009-03-10 22:18 - 2009-09-07 01:30 - 00190976 _____ () C:\WINDOWS\system32\WgaLogon.dll
2012-02-20 20:29 - 2012-02-20 20:29 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 20:28 - 2012-02-20 20:28 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-10-07 18:44 - 2005-08-08 06:54 - 00167936 ____N () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2010-02-01 14:26 - 2009-12-12 15:12 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2010-10-25 21:01 - 2007-05-10 12:18 - 00835584 _____ () C:\WINDOWS\vsnpstd3.exe
2010-10-25 21:01 - 2009-04-24 10:21 - 00360448 _____ () C:\WINDOWS\tsnpstd3.exe
2004-08-04 02:45 - 2008-04-14 18:29 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2012-02-15 19:10 - 2012-02-15 19:10 - 00273480 _____ () C:\Documents and Settings\Vagelis\Application Data\BtvStack.dll
2015-01-25 19:20 - 2015-01-25 19:20 - 38714368 _____ () C:\Documents and Settings\Vagelis\Application Data\Local Store\libcef.dll
2015-01-25 19:20 - 2015-01-25 19:20 - 00873472 _____ () C:\Documents and Settings\Vagelis\Application Data\Local Store\ffmpegsumo.dll
2015-01-25 19:20 - 2015-01-25 19:20 - 16840880 _____ () C:\Documents and Settings\Vagelis\Application Data\Local Store\NPSWF32.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-1993962763-1409082233-725345543-500 - Administrator - Enabled)
ASPNET (S-1-5-21-1993962763-1409082233-725345543-1005 - Limited - Enabled)
Guest (S-1-5-21-1993962763-1409082233-725345543-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-1993962763-1409082233-725345543-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1993962763-1409082233-725345543-1002 - Limited - Disabled)
Vagelis (S-1-5-21-1993962763-1409082233-725345543-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Vagelis
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/25/2015 07:05:23 PM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.
 
Error: (01/18/2015 00:09:44 PM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.
 
Error: (01/18/2015 00:09:37 PM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.
 
Error: (01/18/2015 00:08:27 PM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.
 
Error: (12/24/2014 11:53:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21469
 
Error: (12/24/2014 11:53:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21469
 
Error: (12/24/2014 11:53:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (12/17/2014 05:56:44 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: Το σύστημα συμβάντων COM+ εντόπισε έναν εσφαλμένο κωδικό επιστροφής κατά την εσωτερική του επεξεργασία.  Το HRESULT ήταν 80070005 από τη γραμμή 44 του d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Επικοινωνήστε με τις υπηρεσίες υποστήριξης προϊόντων της Microsoft για να αναφέρετε αυτό το σφάλμα.
 
Error: (12/17/2014 05:55:43 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: Το σύστημα συμβάντων COM+ εντόπισε έναν εσφαλμένο κωδικό επιστροφής κατά την εσωτερική του επεξεργασία.  Το HRESULT ήταν 800706BA από τη γραμμή 44 του d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Επικοινωνήστε με τις υπηρεσίες υποστήριξης προϊόντων της Microsoft για να αναφέρετε αυτό το σφάλμα.
 
Error: (12/17/2014 05:28:18 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: Το σύστημα συμβάντων COM+ εντόπισε έναν εσφαλμένο κωδικό επιστροφής κατά την εσωτερική του επεξεργασία.  Το HRESULT ήταν 80070005 από τη γραμμή 44 του d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Επικοινωνήστε με τις υπηρεσίες υποστήριξης προϊόντων της Microsoft για να αναφέρετε αυτό το σφάλμα.
 
 
System errors:
=============
Error: (01/26/2015 09:46:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας ehdrv εξαιτίας του ακόλουθου σφάλματος: 
%%31
 
Error: (01/26/2015 09:46:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας eamon εξαιτίας του ακόλουθου σφάλματος: 
%%31
 
Error: (01/26/2015 09:46:15 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Απέτυχε η φόρτωση των ακόλουθων προγραμμάτων οδήγησης της εκκίνησης του υπολογιστή ή της εκκίνησης του συστήματος: 
ehdrv
epfwtdir
 
Error: (01/26/2015 09:46:15 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Η υπηρεσία Υπηρεσία HP CUE DeviceDiscovery έκλεισε ενώ ξεκινούσε.
 
Error: (01/26/2015 09:30:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας ehdrv εξαιτίας του ακόλουθου σφάλματος: 
%%31
 
Error: (01/26/2015 09:30:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας eamon εξαιτίας του ακόλουθου σφάλματος: 
%%31
 
Error: (01/26/2015 09:30:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Απέτυχε η φόρτωση των ακόλουθων προγραμμάτων οδήγησης της εκκίνησης του υπολογιστή ή της εκκίνησης του συστήματος: 
ehdrv
epfwtdir
 
Error: (01/26/2015 09:30:01 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Η υπηρεσία Υπηρεσία HP CUE DeviceDiscovery έκλεισε ενώ ξεκινούσε.
 
Error: (01/25/2015 09:00:51 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Ο διακομιστής {B366DEBE-645B-43A5-B865-DDD82C345492} δεν καταχωρήθηκε με το διακομιστή DCOM μέσα το απαιτούμενο χρονικό όριο.
 
Error: (01/25/2015 08:59:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP)
Description: Ο διακομιστής {121BC3CF-7F8A-4CFF-80DB-3853231BE619} δεν καταχωρήθηκε με το διακομιστή DCOM μέσα το απαιτούμενο χρονικό όριο.
 
 
Microsoft Office Sessions:
=========================
Error: (01/25/2015 07:05:23 PM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.(NULL)(NULL)(NULL)
 
Error: (01/18/2015 00:09:44 PM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.(NULL)(NULL)(NULL)
 
Error: (01/18/2015 00:09:37 PM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.(NULL)(NULL)(NULL)
 
Error: (01/18/2015 00:08:27 PM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.(NULL)(NULL)(NULL)
 
Error: (12/24/2014 11:53:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21469
 
Error: (12/24/2014 11:53:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21469
 
Error: (12/24/2014 11:53:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (12/17/2014 05:56:44 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp4480070005
 
Error: (12/17/2014 05:55:43 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp44800706BA
 
Error: (12/17/2014 05:28:18 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp4480070005
 
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® Dual CPU E2180 @ 2.00GHz
Percentage of memory in use: 40%
Total physical RAM: 2020.71 MB
Available physical RAM: 1192.4 MB
Total Pagefile: 3913.7 MB
Available Pagefile: 3262.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1918.16 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:149.04 GB) (Free:83.35 GB) NTFS ==>[Drive with boot components (Windows XP)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: BD8581D7)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
 
Thank you!!!
 
Marianna
 

  • 0

#4
RKinner
Posted 26 January 2015 - 08:25 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.
 
 
Copy the text in the code box:
 
DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
rsvpsp.dll
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
user32.dll
/md5stop
C:\Windows\assembly\tmp\U\*.* /s
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%ProgramFiles%\WINDOWS NT\*.* /s
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT
 
Run OTL (Vista or Win 7 => right click and Run As Administrator)
 
Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes
 
Select the All option in the Extra Registry group then Run Scan.
 
You should get two logs.  Please copy and paste both of them.
 
 
 
ComboFix
 
:!: It must be saved to your desktop, do not run it from your browser:!:
 
:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well.  See: http://www.bleepingc...opic114351.html
 
 
Download and Save this file --  to your Desktop -- from either of these two sources:
 
Double click on ComboFix to start the program.  
 
 
 
    * :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
    
    
    * A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.  
 
A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.
 
A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.
 

 


  • 0

#5
MariannaC
Posted 26 January 2015 - 01:14 PM

MariannaC

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

FRST FIX LOG:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-01-2015 01
Ran by Vagelis at 2015-01-26 17:06:21 Run:1
Running from C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας
Loaded Profiles: Vagelis (Available profiles: Vagelis)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <===== ATTENTION
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\...\Policies\Explorer: [HideSCAHealth] 1
Startup: C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση\e34abb91.exe ()
SearchScopes: HKU\S-1-5-21-1993962763-1409082233-725345543-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2011-05-18]
Locked "f599a5569ba58b6" service could not be unlocked. <===== ATTENTION
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2011-05-18] (Sun Microsystems, Inc.)
U5 f599a5569ba58b6; C:\Windows\System32\Drivers\f599a5569ba58b6.sys [75264 2014-12-15] () <===== ATTENTION Necurs Rootkit?
S4 InCDFs; system32\drivers\InCDFs.sys [X]
S1 InCDPass; system32\drivers\InCDPass.sys [X]
S1 InCDRm; system32\drivers\InCDRm.sys [X]
S4 IntelIde; No ImagePath
C:\Windows\System32\Drivers\f599a5569ba58b6.sys
2015-01-26 09:43 - 2015-01-26 09:43 - 00008528 _____ () C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.HTML
2015-01-26 09:43 - 2015-01-26 09:43 - 00000272 _____ () C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.URL
2015-01-26 09:42 - 2015-01-26 09:48 - 00000000 ___HD () C:\e34abb91
2015-01-25 19:16 - 2015-01-25 19:16 - 00008528 _____ () C:\Documents and Settings\Vagelis\Local Settings\HELP_DECRYPT.HTML
2015-01-25 19:16 - 2015-01-25 19:16 - 00004204 _____ () C:\Documents and Settings\Vagelis\Local Settings\HELP_DECRYPT.TXT
2015-01-25 19:16 - 2015-01-25 19:16 - 00004204 _____ () C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-01-25 19:16 - 2015-01-25 19:16 - 00000272 _____ () C:\Documents and Settings\Vagelis\Local Settings\HELP_DECRYPT.URL
2015-01-25 19:14 - 2015-01-26 09:43 - 00004204 _____ () C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.TXT
2015-01-25 19:14 - 2015-01-25 20:27 - 00000000 _RSHD () C:\Documents and Settings\All Users\MicroWindows0Mnger
2015-01-25 19:13 - 2015-01-26 09:42 - 00000000 ____D () C:\Documents and Settings\Vagelis\Application Data\MicroWindows0Mnger
2015-01-25 19:13 - 2015-01-25 20:28 - 00000000 __SHD () C:\Documents and Settings\Vagelis\Application Data\LVS-MUPPSPKSPPO
2015-01-25 19:13 - 2015-01-25 20:27 - 00000000 _RSHD () C:\Documents and Settings\All Users\MediaMangr
2015-01-25 19:13 - 2015-01-25 19:13 - 00008528 _____ () C:\Documents and Settings\LocalService\Local Settings\HELP_DECRYPT.HTML
2015-01-25 19:13 - 2015-01-25 19:13 - 00008528 _____ () C:\Documents and Settings\LocalService\HELP_DECRYPT.HTML
2015-01-25 19:13 - 2015-01-25 19:13 - 00008528 _____ () C:\Documents and Settings\Default User\Local Settings\HELP_DECRYPT.HTML
2015-01-25 19:13 - 2015-01-25 19:13 - 00008528 _____ () C:\Documents and Settings\Default User\Local Settings\Application Data\HELP_DECRYPT.HTML
2015-01-25 19:13 - 2015-01-25 19:13 - 00008528 _____ () C:\Documents and Settings\Default User\HELP_DECRYPT.HTML
2015-01-25 19:13 - 2015-01-25 19:13 - 00008528 _____ () C:\Documents and Settings\Default User\Application Data\HELP_DECRYPT.HTML
2015-01-25 19:13 - 2015-01-25 19:13 - 00004204 _____ () C:\Documents and Settings\LocalService\Local Settings\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 00004204 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 00004204 _____ () C:\Documents and Settings\LocalService\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 00004204 _____ () C:\Documents and Settings\Default User\Local Settings\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 00004204 _____ () C:\Documents and Settings\Default User\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 00004204 _____ () C:\Documents and Settings\Default User\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 00000272 _____ () C:\Documents and Settings\Default User\Local Settings\Application Data\HELP_DECRYPT.URL
2015-01-25 19:13 - 2015-01-25 19:13 - 00000272 _____ () C:\Documents and Settings\Default User\HELP_DECRYPT.URL
2015-01-25 19:13 - 2015-01-25 19:13 - 00000272 _____ () C:\Documents and Settings\Default User\Application Data\HELP_DECRYPT.URL
2015-01-25 19:13 - 2015-01-25 19:13 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-25 19:12 - 2015-01-25 20:27 - 00000000 _RSHD () C:\Documents and Settings\All Users\MdaMngr
2015-01-25 19:12 - 2015-01-25 19:13 - 00000000 ____D () C:\Documents and Settings\Vagelis\Application Data\MdaMngr
2015-01-18 12:11 - 2015-01-18 12:33 - 00001552 _____ () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Decrypt All Files efzzupf.txt
2015-01-26 10:03 - 2013-06-02 11:54 - 00001172 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-26 09:48 - 2014-03-09 12:59 - 00000226 _____ () C:\WINDOWS\Tasks\Σύνδεση στην ειδοποίηση λήξης υπηρεσίας για τα Microsoft Windows XP.job
2015-01-26 09:48 - 2013-06-02 11:54 - 00001168 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-12 18:46 - 2012-10-17 19:07 - 00100416 _____ () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Φράγματα.doc olga.DOC.efzzupf
2015-01-08 16:27 - 2014-03-09 12:59 - 00000220 _____ () C:\WINDOWS\Tasks\Μηνιαία ειδοποίηση λήξης υπηρεσίας για τα Microsoft Windows XP.job
2013-05-02 11:11 - 2013-05-02 11:13 - 0006208 _____ () C:\Program Files\CMS Setup Log.TXT.efzzupf
2015-01-26 09:43 - 2015-01-26 09:43 - 0008528 _____ () C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.HTML
2015-01-26 09:43 - 2015-01-26 09:43 - 0045351 _____ () C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.PNG
2015-01-25 19:14 - 2015-01-26 09:43 - 0004204 _____ () C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.TXT
2015-01-26 09:43 - 2015-01-26 09:43 - 0000272 _____ () C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.URL
2015-01-25 19:16 - 2015-01-25 19:16 - 0004204 _____ () C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 0004204 _____ () C:\Documents and Settings\All Users\HELP_DECRYPT.TXT
C:\Documents and Settings\Vagelis\Local Settings\Temp\disktool.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\fp_pl_pfs_installer-1.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\fp_pl_pfs_installer-2.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\fp_pl_pfs_installer-3.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\fp_pl_pfs_installer-4.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\fp_pl_pfs_installer.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\fvw_k[2584].exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\hpzmsi01.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\hpzscr01.EXE
C:\Documents and Settings\Vagelis\Local Settings\Temp\iMesh_setup.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\install_flashplayer11x32_mssd_aih.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\xzoOTrBaMHrTyeOJeLZ.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\_is100D.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\_is59F.exe
C:\Documents and Settings\Vagelis\Local Settings\Temp\_is89E.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Μηνιαία ειδοποίηση λήξης υπηρεσίας για τα Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Σύνδεση στην ειδοποίηση λήξης υπηρεσίας για τα Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""




*****************

HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value deleted successfully.
"HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore" => Key deleted successfully.
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value deleted successfully.
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση\e34abb91.exe not found.
"HKU\S-1-5-21-1993962763-1409082233-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}" => Key deleted successfully.
"HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}" => Key deleted successfully.
"HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}" => Key deleted successfully.
"HKCR\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" => Key deleted successfully.
"HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" => Key deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\[email protected] => value deleted successfully.
C:\Program Files\Java\jre6\lib\deploy\jqs\ff => Moved successfully.
Locked "f599a5569ba58b6" service could not be unlocked. <===== ATTENTION => Error: No automatic fix found for this entry.
JavaQuickStarterService => Service stopped successfully.
JavaQuickStarterService => Service deleted successfully.
f599a5569ba58b6 => Error deleting Service
InCDFs => Service deleted successfully.
InCDPass => Service deleted successfully.
InCDRm => Service deleted successfully.
IntelIde => Service deleted successfully.
Could not move "C:\Windows\System32\Drivers\f599a5569ba58b6.sys" => Scheduled to move on reboot.
C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.HTML => Moved successfully.
C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.URL => Moved successfully.
"C:\e34abb91" => File/Directory not found.
C:\Documents and Settings\Vagelis\Local Settings\HELP_DECRYPT.HTML => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\HELP_DECRYPT.TXT => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.TXT => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\HELP_DECRYPT.URL => Moved successfully.
C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.TXT => Moved successfully.
C:\Documents and Settings\All Users\MicroWindows0Mnger => Moved successfully.
C:\Documents and Settings\Vagelis\Application Data\MicroWindows0Mnger => Moved successfully.
C:\Documents and Settings\Vagelis\Application Data\LVS-MUPPSPKSPPO => Moved successfully.
C:\Documents and Settings\All Users\MediaMangr => Moved successfully.
C:\Documents and Settings\LocalService\Local Settings\HELP_DECRYPT.HTML => Moved successfully.
C:\Documents and Settings\LocalService\HELP_DECRYPT.HTML => Moved successfully.
C:\Documents and Settings\Default User\Local Settings\HELP_DECRYPT.HTML => Moved successfully.
C:\Documents and Settings\Default User\Local Settings\Application Data\HELP_DECRYPT.HTML => Moved successfully.
C:\Documents and Settings\Default User\HELP_DECRYPT.HTML => Moved successfully.
C:\Documents and Settings\Default User\Application Data\HELP_DECRYPT.HTML => Moved successfully.
C:\Documents and Settings\LocalService\Local Settings\HELP_DECRYPT.TXT => Moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.TXT => Moved successfully.
C:\Documents and Settings\LocalService\HELP_DECRYPT.TXT => Moved successfully.
C:\Documents and Settings\Default User\Local Settings\HELP_DECRYPT.TXT => Moved successfully.
C:\Documents and Settings\Default User\Local Settings\Application Data\HELP_DECRYPT.TXT => Moved successfully.
C:\Documents and Settings\Default User\HELP_DECRYPT.TXT => Moved successfully.
C:\Documents and Settings\Default User\Local Settings\Application Data\HELP_DECRYPT.URL => Moved successfully.
C:\Documents and Settings\Default User\HELP_DECRYPT.URL => Moved successfully.
C:\Documents and Settings\Default User\Application Data\HELP_DECRYPT.URL => Moved successfully.
C:\Program Files\Malwarebytes Anti-Malware => Moved successfully.
C:\Documents and Settings\All Users\MdaMngr => Moved successfully.
C:\Documents and Settings\Vagelis\Application Data\MdaMngr => Moved successfully.
C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Decrypt All Files efzzupf.txt => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\Σύνδεση στην ειδοποίηση λήξης υπηρεσίας για τα Microsoft Windows XP.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Φράγματα.doc olga.DOC.efzzupf => Moved successfully.
C:\WINDOWS\Tasks\Μηνιαία ειδοποίηση λήξης υπηρεσίας για τα Microsoft Windows XP.job => Moved successfully.
C:\Program Files\CMS Setup Log.TXT.efzzupf => Moved successfully.
"C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.HTML" => File/Directory not found.
C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.PNG => Moved successfully.
"C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.TXT" => File/Directory not found.
"C:\Documents and Settings\Vagelis\Application Data\HELP_DECRYPT.URL" => File/Directory not found.
"C:\Documents and Settings\Vagelis\Local Settings\Application Data\HELP_DECRYPT.TXT" => File/Directory not found.
C:\Documents and Settings\All Users\HELP_DECRYPT.TXT => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Temp\disktool.exe => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Temp\fp_pl_pfs_installer-1.exe => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Temp\fp_pl_pfs_installer-2.exe => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Temp\fp_pl_pfs_installer-3.exe => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Temp\fp_pl_pfs_installer-4.exe => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Temp\fp_pl_pfs_installer.exe => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Temp\fvw_k[2584].exe => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Temp\hpzmsi01.exe => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Temp\hpzscr01.EXE => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Temp\iMesh_setup.exe => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Temp\install_flashplayer11x32_mssd_aih.exe => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Temp\setup_wm.exe => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Temp\SkypeSetup.exe => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Temp\xzoOTrBaMHrTyeOJeLZ.exe => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Temp\_is100D.exe => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Temp\_is59F.exe => Moved successfully.
C:\Documents and Settings\Vagelis\Local Settings\Temp\_is89E.exe => Moved successfully.
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job not found.
C:\WINDOWS\Tasks\Μηνιαία ειδοποίηση λήξης υπηρεσίας για τα Microsoft Windows XP.job not found.
C:\WINDOWS\Tasks\Σύνδεση στην ειδοποίηση λήξης υπηρεσίας για τα Microsoft Windows XP.job not found.
HKLM\System\CurrentControlSet\Control\SafeBoot\\Default => Value was restored successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\\AlternateShell => Value was restored successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-26 17:07:40)<=

"C:\Windows\System32\Drivers\f599a5569ba58b6.sys" => File could not move.

==== End of Fixlog 17:07:40 ====


FRST + ADDITIONS:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2015 01
Ran by Vagelis (administrator) on DESKTOP on 26-01-2015 17:09:44
Running from C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας
Loaded Profiles: Vagelis (Available profiles: Vagelis)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Ελληνικά
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Smart Link) C:\WINDOWS\system32\slserv.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Canon Inc.) C:\Program Files\Canon\CAL\CALMAIN.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Desktop.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
() C:\WINDOWS\vsnpstd3.exe
() C:\WINDOWS\tsnpstd3.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16384512 2008-01-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2008-01-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [56928 2006-11-23] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [54832 2006-12-05] ()
HKLM\...\Run: [snpstd3] => C:\WINDOWS\vsnpstd3.exe [835584 2007-05-10] ()
HKLM\...\Run: [tsnpstd3] => C:\WINDOWS\tsnpstd3.exe [360448 2009-04-24] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [253672 2011-01-07] (Sun Microsystems, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2029640 2009-03-19] (ESET)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Synchronization Manager] => C:\WINDOWS\system32\mobsync.exe [143872 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\WgaLogon: C:\WINDOWS\system32\WgaLogon.dll ()
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [94208 2005-10-28] (Nero AG)
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\...\Run: [BluetoothS] => rundll32.exe "%appdata%\BtvStack.dll",BTHF_Register
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\...\MountPoints2: E - E:\LaunchU3.exe -a
HKU\S-1-5-21-1993962763-1409082233-725345543-1003\...\MountPoints2: {34469552-f469-11e3-bd50-001cc060e7bb} - E:\LaunchU3.exe -a
Startup: C:\Documents and Settings\All Users\Start Menu\Προγράμματα\Εκκίνηση\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση\HELP_DECRYPT.HTML ()
Startup: C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση\HELP_DECRYPT.PNG ()
Startup: C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση\HELP_DECRYPT.TXT ()
InternetURL: C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση\HELP_DECRYPT.URL -> hxxp://paytoc4gtpn5czl2.tostotor.com/mppL1b

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1993962763-1409082233-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-1993962763-1409082233-725345543-1003 -> DefaultScope {8545F732-03AD-434E-A425-483C8DC457D8} URL = http://search.yahoo....=utf-8&fr=b1ie7
SearchScopes: HKU\S-1-5-21-1993962763-1409082233-725345543-1003 -> {8545F732-03AD-434E-A425-483C8DC457D8} URL = http://search.yahoo....=utf-8&fr=b1ie7
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
DPF: {E689A1CC-7220-45EA-9524-DAC4F78355C7} https://www.millenni...ly/GSMonWEB.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Vagelis\Application Data\Mozilla\Firefox\Profiles\jd5ea4qe.default
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Windows Media Services DRM Storage object - C:\Documents and Settings\Vagelis\Application Data\Mozilla\Firefox\Profiles\jd5ea4qe.default\Extensions\{75FAD9C3-E976-1115-DB37-B29F176E34F9} [2015-01-18]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-24]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-17]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: Eset Plugin - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-11-26]
FF HKU\S-1-5-21-1993962763-1409082233-725345543-1003\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.gr/
CHR StartupUrls: Default -> "https://www.google.gr/"
CHR Profile: C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Έγγραφα Google) - C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-02]
CHR Extension: (Google Drive ) - C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-02]
CHR Extension: (YouTube) - C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-02]
CHR Extension: (Adblock Plus) - C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-04]
CHR Extension: (Αναζήτηση Google) - C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-02]
CHR Extension: (Πορτοφόλι Google) - C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-07]
CHR Extension: (Gmail) - C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-02]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

Locked "f599a5569ba58b6" service could not be unlocked. <===== ATTENTION

R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96341 2006-03-30] (Canon Inc.) [File not signed]
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [20680 2009-03-19] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [731840 2009-03-19] (ESET)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [167936 2005-08-08] () [File not signed]
R2 SLService; C:\WINDOWS\system32\slserv.exe [73796 2008-04-14] (Smart Link)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [113960 2009-03-19] (ESET)
S1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [107256 2009-03-19] (ESET)
S1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [93848 2009-03-19] (ESET)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-01-17] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-01-17] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-01-17] (HP)
S3 Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [126686 2004-08-03] (Smart Link)
S3 Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [1309184 2004-08-03] (Smart Link)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [180360 2004-08-03] (Smart Link)
R0 RecAgent; C:\WINDOWS\System32\DRIVERS\RecAgent.sys [13776 2004-08-03] (Smart Link)
S3 s0017bus; C:\WINDOWS\System32\DRIVERS\s0017bus.sys [86824 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\WINDOWS\System32\DRIVERS\s0017mdfl.sys [15016 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\WINDOWS\System32\DRIVERS\s0017mdm.sys [114600 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\WINDOWS\System32\DRIVERS\s0017mgmt.sys [108328 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\WINDOWS\System32\DRIVERS\s0017nd5.sys [26024 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\WINDOWS\System32\DRIVERS\s0017obex.sys [104616 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\WINDOWS\System32\DRIVERS\s0017unic.sys [109736 2008-10-21] (MCCI Corporation)
S3 s1018obex; C:\WINDOWS\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation)
S3 Slnt7554; C:\WINDOWS\System32\DRIVERS\slnt7554.sys [129535 2004-08-03] (Smart Link)
S3 SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [95424 2004-08-03] (Smart Link)
S3 SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [13240 2004-08-03] (Smart Link)
R3 SNPSTD3; C:\WINDOWS\System32\DRIVERS\snpstd3.sys [10472960 2009-04-24] (Sonix Co. Ltd.) [File not signed]
U5 f599a5569ba58b6; C:\Windows\System32\Drivers\f599a5569ba58b6.sys [75264 2014-12-15] () <===== ATTENTION Necurs Rootkit?
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-26 17:07 - 2015-01-26 17:07 - 00000000 ____D () C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\CyberLink PowerDVD
2015-01-26 12:50 - 2015-01-26 12:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Προγράμματα\TeamViewer 9
2015-01-26 10:07 - 2015-01-26 10:07 - 00008528 _____ () C:\HELP_DECRYPT.HTML
2015-01-26 10:07 - 2015-01-26 10:07 - 00008528 _____ () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\HELP_DECRYPT.HTML
2015-01-26 10:07 - 2015-01-26 10:07 - 00008528 _____ () C:\Documents and Settings\Vagelis\HELP_DECRYPT.HTML
2015-01-26 10:07 - 2015-01-26 10:07 - 00008528 _____ () C:\Documents and Settings\HELP_DECRYPT.HTML
2015-01-26 10:07 - 2015-01-26 10:07 - 00004204 _____ () C:\HELP_DECRYPT.TXT
2015-01-26 10:07 - 2015-01-26 10:07 - 00004204 _____ () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\HELP_DECRYPT.TXT
2015-01-26 10:07 - 2015-01-26 10:07 - 00004204 _____ () C:\Documents and Settings\Vagelis\HELP_DECRYPT.TXT
2015-01-26 10:07 - 2015-01-26 10:07 - 00004204 _____ () C:\Documents and Settings\HELP_DECRYPT.TXT
2015-01-26 10:07 - 2015-01-26 10:07 - 00000272 _____ () C:\HELP_DECRYPT.URL
2015-01-26 10:07 - 2015-01-26 10:07 - 00000272 _____ () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\HELP_DECRYPT.URL
2015-01-26 10:07 - 2015-01-26 10:07 - 00000272 _____ () C:\Documents and Settings\Vagelis\HELP_DECRYPT.URL
2015-01-26 10:07 - 2015-01-26 10:07 - 00000272 _____ () C:\Documents and Settings\HELP_DECRYPT.URL
2015-01-26 10:05 - 2015-01-26 10:06 - 00060114 _____ () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\Addition.txt
2015-01-26 10:03 - 2015-01-26 17:10 - 00016262 _____ () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\FRST.txt
2015-01-26 10:03 - 2015-01-26 17:09 - 00000000 ____D () C:\FRST
2015-01-26 10:01 - 2015-01-26 10:01 - 01120768 _____ (Farbar) C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\FRST.exe
2015-01-26 09:54 - 2015-01-26 09:54 - 00025308 _____ () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\01262015_095251.log
2015-01-26 09:41 - 2015-01-26 09:41 - 00000000 ____D () C:\_OTL
2015-01-25 20:46 - 2015-01-25 20:56 - 00080848 _____ () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\OTL.Txt
2015-01-25 20:46 - 2015-01-25 20:46 - 00040432 _____ () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\Extras.Txt
2015-01-25 20:35 - 2015-01-25 20:35 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\OTL.exe
2015-01-25 20:25 - 2015-01-25 20:25 - 00011408 _____ () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\mal.txt
2015-01-25 19:15 - 2015-01-25 19:20 - 00000000 ____D () C:\Documents and Settings\Vagelis\Application Data\Local Store
2015-01-25 19:14 - 2015-01-25 20:40 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-25 19:13 - 2015-01-25 19:13 - 00004204 _____ () C:\Documents and Settings\Default User\Application Data\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 00004204 _____ () C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.TXT
2015-01-25 19:13 - 2015-01-25 19:13 - 00000304 _____ () C:\Documents and Settings\Vagelis\Application Data\cc35312fb3a7e05b7a44db2326bd29040.txt
2015-01-25 19:13 - 2015-01-25 19:13 - 00000272 _____ () C:\Documents and Settings\LocalService\Local Settings\HELP_DECRYPT.URL
2015-01-25 19:13 - 2015-01-25 19:13 - 00000272 _____ () C:\Documents and Settings\LocalService\HELP_DECRYPT.URL
2015-01-25 19:13 - 2015-01-25 19:13 - 00000272 _____ () C:\Documents and Settings\Default User\Local Settings\HELP_DECRYPT.URL
2015-01-25 19:13 - 2015-01-25 19:13 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Προγράμματα\Malwarebytes Anti-Malware
2015-01-25 19:13 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-26 17:10 - 2008-10-07 18:10 - 00000000 ____D () C:\Documents and Settings\Vagelis\Local Settings\Temp
2015-01-26 17:09 - 2008-10-07 18:10 - 00000000 ____D () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας
2015-01-26 17:07 - 2008-10-07 20:55 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2015-01-26 17:07 - 2008-10-07 20:55 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-01-26 17:07 - 2008-10-07 18:10 - 00000000 ___RD () C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα
2015-01-26 17:07 - 2008-10-07 18:09 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-26 17:06 - 2008-10-07 18:10 - 00000278 ___SH () C:\Documents and Settings\Vagelis\ntuser.ini
2015-01-26 17:06 - 2008-10-07 18:10 - 00000000 ___RD () C:\Documents and Settings\Vagelis\Τα έγγραφά μου
2015-01-26 17:06 - 2008-10-07 18:09 - 00032472 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-26 17:06 - 2008-10-07 18:09 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-01-26 17:06 - 2008-10-07 18:06 - 01481059 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-26 12:50 - 2014-05-25 19:57 - 00000815 _____ () C:\Documents and Settings\All Users\Επιφάνεια εργασίας\TeamViewer 9.lnk
2015-01-26 12:50 - 2008-10-07 20:52 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Προγράμματα
2015-01-26 12:50 - 2008-10-07 20:52 - 00000000 ____D () C:\Documents and Settings\All Users\Επιφάνεια εργασίας
2015-01-26 10:09 - 2008-10-07 18:10 - 00000000 ___RD () C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση
2015-01-26 10:07 - 2010-04-14 14:32 - 00000000 ___SD () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Προσωπικά αρχεία προέλευσης δεδομένων
2015-01-26 10:07 - 2008-10-07 18:10 - 00000000 ___RD () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Οι εικόνες μου
2015-01-26 10:07 - 2008-10-07 18:10 - 00000000 ____D () C:\Documents and Settings\Vagelis
2015-01-26 10:03 - 2013-06-02 11:56 - 00001841 _____ () C:\Documents and Settings\All Users\Επιφάνεια εργασίας\Google Chrome.lnk
2015-01-26 09:43 - 2014-10-01 13:40 - 00000000 ____D () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\photos
2015-01-25 20:14 - 2008-10-07 18:10 - 00000000 ___RD () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Η μουσική μου
2015-01-25 19:27 - 2010-06-17 12:51 - 00000697 _____ () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\Εκκίνηση του προγράμματος περιήγησης Internet Explorer.lnk
2015-01-25 19:27 - 2008-10-07 18:10 - 00000703 _____ () C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Internet Explorer.lnk
2015-01-25 19:16 - 2012-11-26 20:38 - 00000000 ____D () C:\Documents and Settings\Vagelis\Local Settings\Application Data\Mozilla
2015-01-25 19:15 - 2013-06-02 11:54 - 00000000 ____D () C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google
2015-01-25 19:15 - 2012-04-04 21:04 - 00000000 ____D () C:\Documents and Settings\Vagelis\Local Settings\Application Data\Apple Computer
2015-01-25 19:15 - 2008-10-07 18:37 - 00000000 ____D () C:\Documents and Settings\Vagelis\Local Settings\Application Data\Ahead
2015-01-25 19:14 - 2013-06-10 12:42 - 00000000 ____D () C:\Documents and Settings\Vagelis\Application Data\Samsung
2015-01-25 19:14 - 2012-11-26 20:38 - 00000000 ____D () C:\Documents and Settings\Vagelis\Application Data\Mozilla
2015-01-25 19:14 - 2012-11-26 20:37 - 00000686 _____ () C:\Documents and Settings\All Users\Start Menu\Προγράμματα\Mozilla Firefox.lnk
2015-01-25 19:14 - 2011-05-19 07:49 - 00000000 ____D () C:\Documents and Settings\Vagelis\Application Data\Sun
2015-01-25 19:14 - 2010-10-25 21:16 - 00000000 ____D () C:\Documents and Settings\Vagelis\Application Data\Skype
2015-01-25 19:14 - 2004-08-04 02:45 - 01416192 _____ () C:\WINDOWS\system32\mmc.exe
2015-01-25 19:13 - 2012-11-26 20:07 - 00000777 _____ () C:\Documents and Settings\All Users\Επιφάνεια εργασίας\Malwarebytes Anti-Malware.lnk
2015-01-25 19:13 - 2011-05-24 12:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2015-01-25 19:13 - 2010-10-25 21:16 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
2015-01-25 19:13 - 2009-11-04 18:58 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HP
2015-01-25 19:11 - 2014-04-16 18:42 - 00000000 ____D () C:\Documents and Settings\Vagelis\Local Settings\Application Data\Unity
2015-01-25 18:59 - 2001-11-27 15:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-18 12:11 - 2008-10-07 18:09 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-01-18 12:10 - 2013-05-15 19:41 - 00000000 ____D () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\PHOTO OLGA
2015-01-18 11:55 - 2012-11-30 23:38 - 00000000 ____D () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Ληφθέντα αρχεία
2015-01-18 11:54 - 2012-01-16 14:58 - 00000000 ____D () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Olga
2015-01-18 11:54 - 2011-05-24 12:12 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2015-01-18 11:54 - 2010-05-21 17:31 - 00000000 ____D () C:\Program Files\Windows Media Connect 2
2015-01-18 11:54 - 2010-02-01 14:26 - 00000000 ____D () C:\Program Files\WinRAR
2015-01-18 11:54 - 2009-01-08 22:31 - 00000000 ____D () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\ΦΡΟΣΩ
2015-01-18 11:54 - 2008-11-01 00:03 - 00000000 ____D () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\vangelis doulia
2015-01-18 11:54 - 2008-10-07 18:46 - 00000000 ____D () C:\Program Files\WinZip
2015-01-18 11:54 - 2008-10-07 18:39 - 00000000 ____D () C:\Program Files\PDFCreator
2015-01-18 11:54 - 2008-10-07 18:04 - 00000000 ____D () C:\Program Files\Outlook Express
2015-01-18 11:53 - 2013-12-05 19:33 - 00000000 ____D () C:\Program Files\iTunes
2015-01-18 11:53 - 2013-12-05 19:33 - 00000000 ____D () C:\Program Files\iPod
2015-01-18 11:53 - 2008-10-07 18:11 - 00000000 ____D () C:\I386
2015-01-18 11:51 - 2012-11-26 20:37 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Mozilla
2015-01-17 22:44 - 2008-10-07 18:17 - 00000000 __SHD () C:\WINDOWS\CSC
2015-01-15 17:09 - 2012-10-17 19:07 - 00028816 _____ () C:\Documents and Settings\Vagelis\Τα έγγραφά μου\Τον Ιούνιο του 1822.doc ολγα.DOC.efzzupf
2015-01-15 12:44 - 2008-10-07 18:04 - 00000000 ____D () C:\WINDOWS\system32\Restore
2015-01-13 17:16 - 2008-10-07 18:52 - 00002579 _____ () C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\Microsoft Office Word 2003.lnk

==================== Files in the root of some directories =======

2012-02-15 19:10 - 2012-02-15 19:10 - 0273480 _____ () C:\Documents and Settings\Vagelis\Application Data\BtvStack.dll
2015-01-25 19:13 - 2015-01-25 19:13 - 0000304 _____ () C:\Documents and Settings\Vagelis\Application Data\cc35312fb3a7e05b7a44db2326bd29040.txt
2008-10-31 23:56 - 2011-05-24 22:16 - 0005632 _____ () C:\Documents and Settings\Vagelis\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-01-2015 01
Ran by Vagelis at 2015-01-26 17:10:35
Running from C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 4.0 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 3.3.0.29625 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
4500_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.6.602.180 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.6.602.180 - Adobe Systems Incorporated)
Adobe Reader 8.1.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81000000003}) (Version: 8.1.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BPD_HPSU (Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
BudgetIII Web camera (HKLM\...\{ECD03DA7-5952-406A-8156-5F0C93618D1F}) (Version: 5.18.1209.103 - Sonix)
BufferChm (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Canon Camera Access Library (HKLM\...\CAL) (Version: 8.3.0.1 - )
Canon Camera Support Core Library (HKLM\...\CSCLIB) (Version: 7.3.1.6 - )
Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM\...\CameraWindowDVC5) (Version: 5.4.5.17 - )
Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.4.0.9 - )
Canon Camera Window MC 6 for ZoomBrowser EX (HKLM\...\CameraWindowMC) (Version: 6.3.0.8 - )
Canon G.726 WMP-Decoder (HKLM\...\Canon G.726 WMP-Decoder) (Version: 1.1.0.4 - )
Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 2.5.0.8 - )
Canon RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.7.0.8 - )
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 1.1.0.8 - )
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.19.43 - )
CMS (HKLM\...\CMS) (Version:  - )
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Destination Component (Version: 100.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DocMgr (Version: 100.0.201.000 - Hewlett-Packard) Hidden
DocProc (Version: 10.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
ESET NOD32 Antivirus (HKLM\...\{FE9C13F6-6BBD-47D3-B939-F7E061BC4930}) (Version: 4.0.417.0 - ESET, spol s r. o.)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Fax (Version: 100.0.187.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService (Version: 100.0.187.000 - Hewlett-Packard) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Document Manager 1.0 (HKLM\...\HP Document Manager) (Version: 1.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP Officejet J4500 Series (HKLM\...\{CD0773D5-C18E-495c-B39B-21A96415EDD5}) (Version: 1.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Intel® PRO Network Connections 12.1.12.0 (HKLM\...\{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}) (Version:  - Intel)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
J4500 (Version: 50.0.165.000 - Επωνυμία Επιχείρησης) Hidden
Java™ 6 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
Malwarebytes Anti-Malware έκδοση 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110408-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft WinUsb 1.0 (HKLM\...\winusb0100) (Version:  - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 el) (HKLM\...\Mozilla Firefox 34.0.5 (x86 el)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCSetup (Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero 7 Demo (HKLM\...\{AC6E2D54-D21C-4350-7911-77D83EAF1032}) (Version: 7.00.1553 - Nero AG)
NetSurveillance (HKLM\...\NetSurveillance) (Version:  - )
OCR Software by I.R.I.S. 10.0 (HKLM\...\HPOCR) (Version: 10.0 - HP)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.5 - Frank Heindφrfer, Philip Chinery)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2414.0 - CyberLink Corporation)
ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5473 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Scan (Version: 10.1.0.0 - Hewlett-Packard) Hidden
Skype Toolbars (HKLM\...\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}) (Version: 5.0.4126 - Skype Technologies S.A.)
Skype™ 5.0 (HKLM\...\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}) (Version: 5.0.152 - Skype Technologies S.A.)
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (Version: 100.0.175.000 - Hewlett-Packard) Hidden
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Toolbox (Version: 100.0.170.000 - Hewlett-Packard) Hidden
TrayApp (Version: 100.0.170.000 - Hewlett-Packard) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.175803 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WinZip (HKLM\...\WinZip) (Version:  10.0  (6667) - WinZip Computing LP)
Διασύνδεση μηχανισμού διαχείρισης Intel® (HKLM\...\HECI) (Version:  - Intel Corporation)
Ενημερωμένη έκδοση ασφαλείας για Windows XP (KB941569) (HKLM\...\KB941569) (Version:  - Microsoft Corporation)
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version:  - Microsoft Corporation)
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player (KB2834904) (HKLM\...\KB2834904_WM11) (Version:  - Microsoft Corporation)
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player (KB2834904-v2) (HKLM\...\KB2834904-v2_WM11) (Version:  - Microsoft Corporation)
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player (KB952069) (Version:  - Microsoft Corporation) Hidden
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player (KB954155) (Version:  - Microsoft Corporation) Hidden
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player (KB968816) (Version:  - Microsoft Corporation) Hidden
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player (KB973540) (Version:  - Microsoft Corporation) Hidden
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version:  - Microsoft Corporation)
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version:  - Microsoft Corporation)
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player 11 (KB954154) (HKLM\...\KB954154_WM11) (Version:  - Microsoft Corporation)
Ενημέρωση ασφαλείας για Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version:  - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2497640) (HKLM\...\KB2497640-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2559049) (HKLM\...\KB2559049-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2586448) (HKLM\...\KB2586448-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB981332) (HKLM\...\KB981332-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2121546) (HKLM\...\KB2121546) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2476687) (HKLM\...\KB2476687) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2491683) (HKLM\...\KB2491683) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2503658) (HKLM\...\KB2503658) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2503665) (HKLM\...\KB2503665) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2506223) (HKLM\...\KB2506223) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2511455) (HKLM\...\KB2511455) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2524375) (HKLM\...\KB2524375) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2544893) (HKLM\...\KB2544893) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2555917) (HKLM\...\KB2555917) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2618451) (HKLM\...\KB2618451) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2621440) (HKLM\...\KB2621440) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2624667) (HKLM\...\KB2624667) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2633171) (HKLM\...\KB2633171) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2639417) (HKLM\...\KB2639417) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2641653) (HKLM\...\KB2641653) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2646524) (HKLM\...\KB2646524) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2647518) (HKLM\...\KB2647518) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2660465) (HKLM\...\KB2660465) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2685939) (HKLM\...\KB2685939) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2695962) (HKLM\...\KB2695962) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2705219) (HKLM\...\KB2705219) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2707511) (HKLM\...\KB2707511) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2709162) (HKLM\...\KB2709162) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2718523) (HKLM\...\KB2718523) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2723135) (HKLM\...\KB2723135) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2724197) (HKLM\...\KB2724197) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2731847) (HKLM\...\KB2731847) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2753842) (HKLM\...\KB2753842) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2753842-v2) (HKLM\...\KB2753842-v2) (Version: 2 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2761226) (HKLM\...\KB2761226) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2778344) (HKLM\...\KB2778344) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2779030) (HKLM\...\KB2779030) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2799494) (HKLM\...\KB2799494) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2808735) (HKLM\...\KB2808735) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2813170) (HKLM\...\KB2813170) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2820197) (HKLM\...\KB2820197) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2829361) (HKLM\...\KB2829361) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2839229) (HKLM\...\KB2839229) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2849470) (HKLM\...\KB2849470) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2850851) (HKLM\...\KB2850851) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2876315) (HKLM\...\KB2876315) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2883150) (HKLM\...\KB2883150) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2893984) (HKLM\...\KB2893984) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB950760) (HKLM\...\KB950760) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB951066) (HKLM\...\KB951066) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB969947) (HKLM\...\KB969947) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB973354) (HKLM\...\KB973354) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB975713) (Version: 1 - Microsoft Corporation) Hidden
Ενημέρωση ασφαλείας για Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB978251) (HKLM\...\KB978251) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB978262) (HKLM\...\KB978262) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB980436) (HKLM\...\KB980436) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Ενημέρωση ασφαλείας για Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows Internet Explorer 8 (KB982632) (HKLM\...\KB982632-IE8) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Ενημέρωση για Windows XP (KB978207) (Version: 1 - Microsoft Corporation) Hidden
Επείγουσα επιδιόρθωση για Windows XP (KB2443685) (HKLM\...\KB2443685) (Version: 1 - Microsoft Corporation)
Επείγουσα επιδιόρθωση για Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation)
Επείγουσα επιδιόρθωση για Windows XP (KB2633952) (HKLM\...\KB2633952) (Version: 1 - Microsoft Corporation)
Επείγουσα επιδιόρθωση για Windows XP (KB2756822) (HKLM\...\KB2756822) (Version: 1 - Microsoft Corporation)
Επείγουσα επιδιόρθωση για Windows XP (KB2779562) (HKLM\...\KB2779562) (Version: 1 - Microsoft Corporation)
Επείγουσα επιδιόρθωση για Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Επείγουσα επιδιόρθωση για Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
Επείγουσα επιδιόρθωση για Windows XP (KB979306) (HKLM\...\KB979306) (Version: 1 - Microsoft Corporation)
Επείγουσα επιδιόρθωση για Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation)
Επείγουσα επιδιόρθωση για το Windows Media Player 11 (KB939683) (HKLM\...\KB939683) (Version:  - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1993962763-1409082233-725345543-1003_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-1993962763-1409082233-725345543-1003_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-1993962763-1409082233-725345543-1003_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-1993962763-1409082233-725345543-1003_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-1993962763-1409082233-725345543-1003_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
CustomCLSID: HKU\S-1-5-21-1993962763-1409082233-725345543-1003_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)

==================== Restore Points  =========================

ATTENTION: System Restore is disabled.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2001-11-27 15:00 - 2001-11-27 15:00 - 00000944 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Loaded Modules (whitelisted) =============

2009-03-10 22:18 - 2009-09-07 01:30 - 00190976 _____ () C:\WINDOWS\system32\WgaLogon.dll
2012-02-20 20:29 - 2012-02-20 20:29 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 20:28 - 2012-02-20 20:28 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-10-07 18:44 - 2005-08-08 06:54 - 00167936 ____N () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2004-08-04 02:45 - 2008-04-14 18:29 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2010-10-25 21:01 - 2007-05-10 12:18 - 00835584 _____ () C:\WINDOWS\vsnpstd3.exe
2010-10-25 21:01 - 2009-04-24 10:21 - 00360448 _____ () C:\WINDOWS\tsnpstd3.exe
2012-02-15 19:10 - 2012-02-15 19:10 - 00273480 _____ () C:\Documents and Settings\Vagelis\Application Data\BtvStack.dll
2015-01-25 19:20 - 2015-01-25 19:20 - 38714368 _____ () C:\Documents and Settings\Vagelis\Application Data\Local Store\libcef.dll
2015-01-25 19:20 - 2015-01-25 19:20 - 00873472 _____ () C:\Documents and Settings\Vagelis\Application Data\Local Store\ffmpegsumo.dll
2015-01-25 19:20 - 2015-01-25 19:20 - 16840880 _____ () C:\Documents and Settings\Vagelis\Application Data\Local Store\NPSWF32.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1993962763-1409082233-725345543-500 - Administrator - Enabled)
ASPNET (S-1-5-21-1993962763-1409082233-725345543-1005 - Limited - Enabled)
Guest (S-1-5-21-1993962763-1409082233-725345543-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-1993962763-1409082233-725345543-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1993962763-1409082233-725345543-1002 - Limited - Disabled)
Vagelis (S-1-5-21-1993962763-1409082233-725345543-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Vagelis

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/25/2015 07:05:23 PM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.

Error: (01/18/2015 00:09:44 PM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.

Error: (01/18/2015 00:09:37 PM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.

Error: (01/18/2015 00:08:27 PM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.

Error: (12/24/2014 11:53:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21469

Error: (12/24/2014 11:53:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21469

Error: (12/24/2014 11:53:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/17/2014 05:56:44 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: Το σύστημα συμβάντων COM+ εντόπισε έναν εσφαλμένο κωδικό επιστροφής κατά την εσωτερική του επεξεργασία.  Το HRESULT ήταν 80070005 από τη γραμμή 44 του d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Επικοινωνήστε με τις υπηρεσίες υποστήριξης προϊόντων της Microsoft για να αναφέρετε αυτό το σφάλμα.

Error: (12/17/2014 05:55:43 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: Το σύστημα συμβάντων COM+ εντόπισε έναν εσφαλμένο κωδικό επιστροφής κατά την εσωτερική του επεξεργασία.  Το HRESULT ήταν 800706BA από τη γραμμή 44 του d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Επικοινωνήστε με τις υπηρεσίες υποστήριξης προϊόντων της Microsoft για να αναφέρετε αυτό το σφάλμα.

Error: (12/17/2014 05:28:18 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: Το σύστημα συμβάντων COM+ εντόπισε έναν εσφαλμένο κωδικό επιστροφής κατά την εσωτερική του επεξεργασία.  Το HRESULT ήταν 80070005 από τη γραμμή 44 του d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Επικοινωνήστε με τις υπηρεσίες υποστήριξης προϊόντων της Microsoft για να αναφέρετε αυτό το σφάλμα.


System errors:
=============
Error: (01/26/2015 05:08:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας ehdrv εξαιτίας του ακόλουθου σφάλματος:
%%31

Error: (01/26/2015 05:08:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας eamon εξαιτίας του ακόλουθου σφάλματος:
%%31

Error: (01/26/2015 04:37:57 PM) (Source: Schannel) (EventID: 4108) (User: )
Description: Η επικύρωση του πιστοποιητικού που λήφθηκε από τον απομακρυσμένο διακομιστή δεν έγινε σωστά. Ο
κωδικός σφάλματος είναι 0x80092013. Η αίτηση για σύνδεση SSL απέτυχε. Τα συνημμένα δεδομένα περιέχουν
το πιστοποιητικό διακομιστή.

Error: (01/26/2015 09:46:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας ehdrv εξαιτίας του ακόλουθου σφάλματος:
%%31

Error: (01/26/2015 09:46:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας eamon εξαιτίας του ακόλουθου σφάλματος:
%%31

Error: (01/26/2015 09:46:15 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Απέτυχε η φόρτωση των ακόλουθων προγραμμάτων οδήγησης της εκκίνησης του υπολογιστή ή της εκκίνησης του συστήματος:
ehdrv
epfwtdir

Error: (01/26/2015 09:46:15 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Η υπηρεσία Υπηρεσία HP CUE DeviceDiscovery έκλεισε ενώ ξεκινούσε.

Error: (01/26/2015 09:30:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας ehdrv εξαιτίας του ακόλουθου σφάλματος:
%%31

Error: (01/26/2015 09:30:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας eamon εξαιτίας του ακόλουθου σφάλματος:
%%31

Error: (01/26/2015 09:30:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Απέτυχε η φόρτωση των ακόλουθων προγραμμάτων οδήγησης της εκκίνησης του υπολογιστή ή της εκκίνησης του συστήματος:
ehdrv
epfwtdir


Microsoft Office Sessions:
=========================
Error: (01/25/2015 07:05:23 PM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.(NULL)(NULL)(NULL)

Error: (01/18/2015 00:09:44 PM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.(NULL)(NULL)(NULL)

Error: (01/18/2015 00:09:37 PM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.(NULL)(NULL)(NULL)

Error: (01/18/2015 00:08:27 PM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP)
Description: Product: SmartWebPrinting -- Error 1706. An installation package for the product SmartWebPrinting cannot be found. Try the installation again using a valid copy of the installation package 'SmartWebPrinting.msi'.(NULL)(NULL)(NULL)

Error: (12/24/2014 11:53:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21469

Error: (12/24/2014 11:53:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21469

Error: (12/24/2014 11:53:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/17/2014 05:56:44 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp4480070005

Error: (12/17/2014 05:55:43 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp44800706BA

Error: (12/17/2014 05:28:18 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp4480070005


==================== Memory info ===========================

Processor: Intel® Pentium® Dual CPU E2180 @ 2.00GHz
Percentage of memory in use: 34%
Total physical RAM: 2020.71 MB
Available physical RAM: 1331.5 MB
Total Pagefile: 3913.7 MB
Available Pagefile: 3397.68 MB
Total Virtual: 2047.88 MB
Available Virtual: 1921.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.04 GB) (Free:83.53 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: BD8581D7)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================


OTL logfile created on: 26/1/2015 5:13:11 μμ - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000408 | Country: Ελλάδα | Language: ELL | Date Format: d/M/yyyy

1,97 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 67,07% Memory free
3,82 Gb Paging File | 3,34 Gb Available in Paging File | 87,51% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 83,54 Gb Free Space | 56,05% Space Free | Partition Type: NTFS

Computer Name: DESKTOP | User Name: Vagelis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015/01/25 20:35:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\OTL.exe
PRC - [2014/09/12 20:14:56 | 004,812,048 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version9\TeamViewer_Desktop.exe
PRC - [2014/09/12 20:14:55 | 013,559,056 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version9\TeamViewer.exe
PRC - [2014/09/12 20:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014/09/12 20:00:53 | 000,229,648 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\tv_w32.exe
PRC - [2009/04/24 10:21:04 | 000,360,448 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
PRC - [2009/03/19 11:44:50 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009/03/19 11:44:28 | 002,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008/04/14 18:31:03 | 000,073,796 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\slserv.exe
PRC - [2008/04/14 18:30:35 | 001,038,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/10 12:18:26 | 000,835,584 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2006/03/30 08:15:44 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2005/10/28 15:25:44 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe


========== Modules (No Company Name) ==========

MOD - [2015/01/25 19:20:45 | 038,714,368 | ---- | M] () -- C:\Documents and Settings\Vagelis\Application Data\Local Store\libcef.dll
MOD - [2015/01/25 19:20:30 | 000,873,472 | ---- | M] () -- C:\Documents and Settings\Vagelis\Application Data\Local Store\ffmpegsumo.dll
MOD - [2012/02/20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/02/15 19:10:29 | 000,273,480 | ---- | M] () -- C:\Documents and Settings\Vagelis\Application Data\BtvStack.dll
MOD - [2009/12/12 15:12:03 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009/09/07 01:30:02 | 000,190,976 | ---- | M] () -- C:\WINDOWS\system32\WgaLogon.dll
MOD - [2009/04/24 10:21:04 | 000,360,448 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
MOD - [2008/04/14 18:29:39 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/05/10 12:18:26 | 000,835,584 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2014/12/15 16:53:40 | 000,075,264 | ---- | M] () [Unknown (-1) | Unknown] -- C:\WINDOWS\System32\drivers\f599a5569ba58b6.sys -- (f599a5569ba58b6)
SRV - [2014/12/10 11:18:07 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/09/12 20:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2009/03/19 11:48:08 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/03/19 11:44:50 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008/04/14 18:31:03 | 000,073,796 | ---- | M] (Smart Link) [Auto | Running] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2006/03/30 08:15:44 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2014/12/15 16:53:40 | 000,075,264 | ---- | M] () [Unknown (-1) | Unknown (-1) | Unknown] -- C:\WINDOWS\System32\drivers\f599a5569ba58b6.sys -- (f599a5569ba58b6)
DRV - [2013/08/21 06:31:38 | 000,182,680 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013/08/21 06:31:38 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013/04/18 18:06:08 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009/04/24 08:18:40 | 010,472,960 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3)
DRV - [2009/03/25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009/03/25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018unic.sys -- (s1018unic)
DRV - [2009/03/25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mgmt.sys -- (s1018mgmt)
DRV - [2009/03/25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009/03/25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018bus.sys -- (s1018bus)
DRV - [2009/03/25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018nd5.sys -- (s1018nd5)
DRV - [2009/03/25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2009/03/19 11:45:38 | 000,093,848 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009/03/19 11:44:34 | 000,107,256 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/03/19 11:41:38 | 000,113,960 | ---- | M] (ESET) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2008/10/21 09:22:48 | 000,114,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008/10/21 09:22:48 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017unic.sys -- (s0017unic)
DRV - [2008/10/21 09:22:48 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mgmt.sys -- (s0017mgmt)
DRV - [2008/10/21 09:22:48 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008/10/21 09:22:48 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017bus.sys -- (s0017bus)
DRV - [2008/10/21 09:22:48 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017nd5.sys -- (s0017nd5)
DRV - [2008/10/21 09:22:48 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2008/01/16 03:10:51 | 004,609,024 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/01/09 12:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2007/05/11 18:00:14 | 000,045,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI)
DRV - [2006/11/02 06:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2004/08/03 21:41:46 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2004/08/03 21:41:46 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2004/08/03 21:41:42 | 000,129,535 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnt7554.sys -- (Slnt7554)
DRV - [2004/08/03 21:41:40 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2004/08/03 21:41:40 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2004/08/03 21:41:40 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\RecAgent.sys -- (RecAgent)
DRV - [2004/08/03 21:41:38 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.com
IE - HKCU\..\SearchScopes,DefaultScope = {8545F732-03AD-434E-A425-483C8DC457D8}
IE - HKCU\..\SearchScopes\{8545F732-03AD-434E-A425-483C8DC457D8}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.isUS: false
FF - prefs.js..extensions.enabledAddons: %7B75FAD9C3-E976-1115-DB37-B29F176E34F9%7D:4.0.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
FF - prefs.js..browser.startup.homepage: "google.com"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/24 20:25:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/11/26 19:56:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/24 20:25:15 | 000,000,000 | ---D | M]

[2012/11/26 20:38:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Vagelis\Application Data\Mozilla\Extensions
[2015/01/25 20:24:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Vagelis\Application Data\Mozilla\Firefox\Profiles\jd5ea4qe.default\extensions
[2015/01/18 11:44:31 | 000,000,000 | ---D | M] (Windows Media Services DRM Storage object) -- C:\Documents and Settings\Vagelis\Application Data\Mozilla\Firefox\Profiles\jd5ea4qe.default\extensions\{75FAD9C3-E976-1115-DB37-B29F176E34F9}
[2014/12/10 11:17:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/12/10 11:18:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome  ==========

CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\39.0.2171.99\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\39.0.2171.99\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U25 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: MicrosoftΒ® DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: MicrosoftΒ® DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - Extension: No name found = C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.10_0\
CHR - Extension: No name found = C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Documents and Settings\Vagelis\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2001/11/27 15:00:00 | 000,000,944 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe ()
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [BluetoothS] rundll32.exe "%appdata%\BtvStack.dll",BTHF_Register File not found
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - Startup: C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση\HELP_DECRYPT.HTML ()
O4 - Startup: C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση\HELP_DECRYPT.PNG ()
O4 - Startup: C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση\HELP_DECRYPT.TXT ()
O4 - Startup: C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση\HELP_DECRYPT.URL ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {E689A1CC-7220-45EA-9524-DAC4F78355C7} https://www.millenni...ly/GSMonWEB.cab (GSMonWEB)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9E377FF-13CE-482D-833D-928DBDF2D082}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll ()
O24 - Desktop Components:0 (Τρέχουσα αρχική σελίδα) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/07 18:07:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{34469552-f469-11e3-bd50-001cc060e7bb}\Shell - "" = AutoRun
O33 - MountPoints2\{34469552-f469-11e3-bd50-001cc060e7bb}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 -  File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found




ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Ενοποίηση δεδομένων για τη δυναμική HTML της Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Σύνταξη ιστοσελίδων για προχωρημένους
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Κλάσεις DirectAnimation της Java
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Φάκελοι Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - DOTNETFRAMEWORKS
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\40.0.2214.91\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Χρονοδιάγραμμα εργασιών
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2015/01/26 17:07:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\CyberLink PowerDVD
[2015/01/26 12:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Προγράμματα\TeamViewer 9
[2015/01/26 10:03:27 | 000,000,000 | ---D | C] -- C:\FRST
[2015/01/26 10:01:46 | 001,120,768 | ---- | C] (Farbar) -- C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\FRST.exe
[2015/01/26 09:41:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2015/01/25 20:35:19 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\OTL.exe
[2015/01/25 19:15:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Vagelis\Application Data\Local Store
[2015/01/25 19:14:20 | 000,114,904 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2015/01/25 19:13:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Προγράμματα\Malwarebytes Anti-Malware
[2015/01/25 19:13:17 | 000,054,360 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015/01/26 17:07:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/01/26 12:50:44 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Επιφάνεια εργασίας\TeamViewer 9.lnk
[2015/01/26 10:09:39 | 000,045,356 | ---- | M] () -- C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση\HELP_DECRYPT.PNG
[2015/01/26 10:09:39 | 000,008,528 | ---- | M] () -- C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση\HELP_DECRYPT.HTML
[2015/01/26 10:09:39 | 000,000,272 | ---- | M] () -- C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση\HELP_DECRYPT.URL
[2015/01/26 10:07:22 | 000,045,356 | ---- | M] () -- C:\HELP_DECRYPT.PNG
[2015/01/26 10:07:22 | 000,008,528 | ---- | M] () -- C:\HELP_DECRYPT.HTML
[2015/01/26 10:07:22 | 000,000,272 | ---- | M] () -- C:\HELP_DECRYPT.URL
[2015/01/26 10:07:19 | 000,045,356 | ---- | M] () -- C:\Documents and Settings\Vagelis\Τα έγγραφά μου\HELP_DECRYPT.PNG
[2015/01/26 10:07:19 | 000,045,356 | ---- | M] () -- C:\Documents and Settings\Vagelis\HELP_DECRYPT.PNG
[2015/01/26 10:07:19 | 000,008,528 | ---- | M] () -- C:\Documents and Settings\Vagelis\Τα έγγραφά μου\HELP_DECRYPT.HTML
[2015/01/26 10:07:19 | 000,008,528 | ---- | M] () -- C:\Documents and Settings\Vagelis\HELP_DECRYPT.HTML
[2015/01/26 10:07:19 | 000,000,272 | ---- | M] () -- C:\Documents and Settings\Vagelis\Τα έγγραφά μου\HELP_DECRYPT.URL
[2015/01/26 10:07:19 | 000,000,272 | ---- | M] () -- C:\Documents and Settings\Vagelis\HELP_DECRYPT.URL
[2015/01/26 10:03:08 | 000,001,841 | ---- | M] () -- C:\Documents and Settings\All Users\Επιφάνεια εργασίας\Google Chrome.lnk
[2015/01/26 10:01:51 | 001,120,768 | ---- | M] (Farbar) -- C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\FRST.exe
[2015/01/26 09:48:40 | 000,045,356 | ---- | M] () -- C:\out.png
[2015/01/25 20:40:45 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2015/01/25 20:35:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\OTL.exe
[2015/01/25 19:27:27 | 000,000,697 | ---- | M] () -- C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\Εκκίνηση του προγράμματος περιήγησης Internet Explorer.lnk
[2015/01/25 19:16:02 | 000,000,831 | ---- | M] () -- C:\Documents and Settings\Vagelis\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/01/25 19:16:02 | 000,000,715 | ---- | M] () -- C:\Documents and Settings\Vagelis\Application Data\Microsoft\Internet Explorer\Quick Launch\Εκκίνηση του προγράμματος περιήγησης Internet Explorer.lnk
[2015/01/25 19:14:03 | 001,416,192 | ---- | M] () -- C:\WINDOWS\System32\mmc.exe
[2015/01/25 19:13:22 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Επιφάνεια εργασίας\Malwarebytes Anti-Malware.lnk
[2015/01/25 18:59:00 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2015/01/13 17:16:55 | 000,002,579 | ---- | M] () -- C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\Microsoft Office Word 2003.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015/01/26 10:09:39 | 000,045,356 | ---- | C] () -- C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση\HELP_DECRYPT.PNG
[2015/01/26 10:09:39 | 000,008,528 | ---- | C] () -- C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση\HELP_DECRYPT.HTML
[2015/01/26 10:09:39 | 000,000,272 | ---- | C] () -- C:\Documents and Settings\Vagelis\Start Menu\Προγράμματα\Εκκίνηση\HELP_DECRYPT.URL
[2015/01/26 10:07:22 | 000,045,356 | ---- | C] () -- C:\HELP_DECRYPT.PNG
[2015/01/26 10:07:22 | 000,008,528 | ---- | C] () -- C:\HELP_DECRYPT.HTML
[2015/01/26 10:07:22 | 000,000,272 | ---- | C] () -- C:\HELP_DECRYPT.URL
[2015/01/26 10:07:19 | 000,045,356 | ---- | C] () -- C:\Documents and Settings\Vagelis\Τα έγγραφά μου\HELP_DECRYPT.PNG
[2015/01/26 10:07:19 | 000,045,356 | ---- | C] () -- C:\Documents and Settings\Vagelis\HELP_DECRYPT.PNG
[2015/01/26 10:07:19 | 000,008,528 | ---- | C] () -- C:\Documents and Settings\Vagelis\Τα έγγραφά μου\HELP_DECRYPT.HTML
[2015/01/26 10:07:19 | 000,008,528 | ---- | C] () -- C:\Documents and Settings\Vagelis\HELP_DECRYPT.HTML
[2015/01/26 10:07:19 | 000,000,272 | ---- | C] () -- C:\Documents and Settings\Vagelis\Τα έγγραφά μου\HELP_DECRYPT.URL
[2015/01/26 10:07:19 | 000,000,272 | ---- | C] () -- C:\Documents and Settings\Vagelis\HELP_DECRYPT.URL
[2015/01/26 09:42:38 | 000,045,356 | ---- | C] () -- C:\out.png
[2014/12/15 16:53:40 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\f599a5569ba58b6.sys
[2013/11/29 15:22:03 | 000,182,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\ssudmdm.sys
[2013/11/29 15:22:02 | 000,084,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\ssudbus.sys
[2013/06/10 22:31:05 | 001,231,742 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1993962763-1409082233-725345543-1003-0.dat
[2013/06/10 22:31:05 | 000,245,742 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013/06/10 12:40:02 | 000,020,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\dgderdrv.sys
[2013/04/18 18:07:00 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2013/04/18 18:06:46 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2013/04/18 18:06:46 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2013/04/18 18:06:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2013/04/18 18:06:46 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2012/02/15 19:10:29 | 000,273,480 | ---- | C] () -- C:\Documents and Settings\Vagelis\Application Data\BtvStack.dll
[2011/07/19 17:06:15 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ReminderNextRun
[2008/10/31 23:56:19 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Vagelis\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/07 19:00:01 | 000,000,149 | ---- | C] () -- C:\Documents and Settings\Vagelis\default.pls

========== ZeroAccess Check ==========

[2013/10/17 22:35:12 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 18:29:57 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12:52:33 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 18:30:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: WDC WD1600AAJS-00PSA0
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 149,00GB
Starting Offset: 32256
Hidden sectors: 0


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\assembly\GAC_32\*.ini >

< %systemroot%\assembly\GAC_64\*.ini >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe >

< %APPDATA%\*. >
[2008/12/02 20:03:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\Adobe
[2008/10/07 18:34:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\Ahead
[2013/06/02 22:03:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\Apple Computer
[2010/12/13 15:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\CyberLink
[2010/02/09 13:44:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\GlobalSoft
[2009/11/04 19:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\HP
[2015/01/26 17:09:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\HPAppData
[2013/06/07 23:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\HpUpdate
[2008/10/07 18:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\Identities
[2010/10/25 21:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\InstallShield
[2015/01/25 19:20:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\Local Store
[2008/11/09 13:10:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\Macromedia
[2011/05/24 12:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\Malwarebytes
[2015/01/25 19:13:38 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Vagelis\Application Data\Microsoft
[2015/01/25 19:14:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\Mozilla
[2015/01/25 19:14:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\Samsung
[2015/01/25 19:14:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\Skype
[2014/09/13 09:10:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\skypePM
[2015/01/25 19:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\Sun
[2012/11/26 20:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\TeamViewer
[2014/06/15 10:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\U3
[2013/06/13 17:49:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\uTorrent
[2010/02/01 14:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\WinRAR
[2011/02/18 20:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Vagelis\Application Data\ZoomBrowser EX

< MD5 for: ATAPI.SYS  >
[2002/09/24 16:42:10 | 010,188,778 | ---- | M] () .cab file -- C:\I386\sp1.cab:atapi.sys
[2004/08/04 02:56:12 | 018,808,537 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004/08/04 02:56:12 | 018,808,537 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011/03/10 19:09:17 | 023,920,796 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011/03/10 19:09:17 | 023,920,796 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CSRSS.EXE  >
[2008/04/14 18:30:27 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=C8FEA6E2E509545EB2F7A120C7EBCD06 -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
[2008/04/14 18:30:27 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=C8FEA6E2E509545EB2F7A120C7EBCD06 -- C:\WINDOWS\system32\csrss.exe
[2004/08/04 02:45:38 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=E2EE6F01233257CF599354C3B040C892 -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe

< MD5 for: EXPLORER.EXE  >
[2008/04/14 18:30:35 | 001,038,336 | ---- | M] (Microsoft Corporation) MD5=8B93A11CDA30DD8AD9902B59BB401411 -- C:\WINDOWS\explorer.exe
[2008/04/14 18:30:35 | 001,038,336 | ---- | M] (Microsoft Corporation) MD5=8B93A11CDA30DD8AD9902B59BB401411 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004/08/04 02:45:40 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=C2291EA9D689EB8021169FC52AF4E7F0 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: MSWSOCK.DLL  >
[2008/04/14 18:29:43 | 000,249,856 | ---- | M] (Microsoft Corporation) MD5=205B0507C0D7AFE3ACAF669AB3E245F1 -- C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
[2008/04/14 18:29:43 | 000,249,856 | ---- | M] (Microsoft Corporation) MD5=205B0507C0D7AFE3ACAF669AB3E245F1 -- C:\WINDOWS\ServicePackFiles\i386\mswsock.dll
[2008/06/20 19:47:20 | 000,249,856 | ---- | M] (Microsoft Corporation) MD5=54353A3D81D042C9BF4990CB3E8C4439 -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[2008/06/20 19:47:20 | 000,249,856 | ---- | M] (Microsoft Corporation) MD5=54353A3D81D042C9BF4990CB3E8C4439 -- C:\WINDOWS\$NtUninstallKB2509553$\mswsock.dll
[2004/08/04 02:45:26 | 000,249,856 | ---- | M] (Microsoft Corporation) MD5=7393F4E056E5D0EA610560C7B9C1CA34 -- C:\WINDOWS\$NtUninstallKB951748_0$\mswsock.dll
[2008/06/20 19:39:47 | 000,249,856 | ---- | M] (Microsoft Corporation) MD5=B63267FD3D2025423FE3B5BA7A87CCC9 -- C:\WINDOWS\$NtServicePackUninstall$\mswsock.dll
[2008/06/20 18:02:23 | 000,249,856 | ---- | M] (Microsoft Corporation) MD5=C5E2A69E52BB7F3B0C698E2726D871EF -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2008/06/20 18:02:23 | 000,249,856 | ---- | M] (Microsoft Corporation) MD5=C5E2A69E52BB7F3B0C698E2726D871EF -- C:\WINDOWS\system32\mswsock.dll
[2008/06/20 19:36:12 | 000,249,856 | ---- | M] (Microsoft Corporation) MD5=E52E420C7FE2DF8ACC4C83012BB383E5 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[2008/06/20 19:43:51 | 000,249,856 | ---- | M] (Microsoft Corporation) MD5=F9CAAFDE74239A9FB6A2023B730CAD2B -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[2008/06/20 19:43:51 | 000,249,856 | ---- | M] (Microsoft Corporation) MD5=F9CAAFDE74239A9FB6A2023B730CAD2B -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll

< MD5 for: NWPROVAU.DLL  >
[2008/04/14 18:29:47 | 000,146,944 | ---- | M] (Microsoft Corporation) MD5=3A15ADC003BFBCD0049F26C9B37C80D0 -- C:\WINDOWS\ServicePackFiles\i386\nwprovau.dll
[2008/04/14 18:29:47 | 000,146,944 | ---- | M] (Microsoft Corporation) MD5=3A15ADC003BFBCD0049F26C9B37C80D0 -- C:\WINDOWS\system32\nwprovau.dll
[2004/08/04 02:45:28 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=A5486972EFD40FFDC08BDE6B6427CE29 -- C:\WINDOWS\$NtServicePackUninstall$\nwprovau.dll

< MD5 for: PNRPNSP.DLL  >
[2004/08/04 02:45:28 | 000,048,640 | ---- | M] (Microsoft Corporation) MD5=1BE057BD95946B7539FF713A7444B36B -- C:\WINDOWS\$NtServicePackUninstall$\pnrpnsp.dll
[2008/04/14 18:29:51 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=28B228B1AE8DC7391BC6761E7C9D1BCC -- C:\WINDOWS\ServicePackFiles\i386\pnrpnsp.dll
[2008/04/14 18:29:51 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=28B228B1AE8DC7391BC6761E7C9D1BCC -- C:\WINDOWS\system32\pnrpnsp.dll

< MD5 for: RSVPSP.DLL  >
[2001/11/27 15:00:00 | 000,090,112 | ---- | M] (Microsoft Corporation) MD5=704BB4FF3C3920C6E6E6E70C8BCA3DD4 -- C:\WINDOWS\$NtServicePackUninstall$\rsvpsp.dll
[2008/04/14 18:29:54 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=D9EC7E663602781B5B5507D848274C55 -- C:\WINDOWS\ServicePackFiles\i386\rsvpsp.dll
[2008/04/14 18:29:54 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=D9EC7E663602781B5B5507D848274C55 -- C:\WINDOWS\system32\rsvpsp.dll

< MD5 for: SERVICES.EXE  >
[2009/02/09 11:50:45 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=14378B794DD02504AD6FD7B668AC8C94 -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2004/08/04 02:45:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=15C23549B784771185D21F518B84D355 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe
[2009/02/09 13:16:08 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=1AE2E5CE9EEE92C125D2B95B1B85268C -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/14 18:31:01 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=207AB7A1A36004BB6F33E58E71C1C90E -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008/04/14 18:31:01 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=207AB7A1A36004BB6F33E58E71C1C90E -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/09 13:23:04 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=2A0BB5C67281C423F8D7D6B7D79699AC -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009/02/09 13:23:04 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=2A0BB5C67281C423F8D7D6B7D79699AC -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/09 13:23:04 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=2A0BB5C67281C423F8D7D6B7D79699AC -- C:\WINDOWS\system32\services.exe
[2009/02/09 12:07:24 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=8B030D578706000A9416A7B244A415F4 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe

< MD5 for: SVCHOST.EXE  >
[2008/04/14 18:31:05 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=274E9C78C12EBF74DC56B2BF64312F34 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 18:31:05 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=274E9C78C12EBF74DC56B2BF64312F34 -- C:\WINDOWS\system32\svchost.exe
[2014/11/21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\FRST\Quarantine\C\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2004/08/04 02:45:46 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=75009AA20465ABE92AE1340B5D473812 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: USER32.DLL  >
[2008/04/14 18:30:08 | 000,580,608 | ---- | M] (Microsoft Corporation) MD5=5BB2A1C2290E910AE145C80DF491B600 -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008/04/14 18:30:08 | 000,580,608 | ---- | M] (Microsoft Corporation) MD5=5BB2A1C2290E910AE145C80DF491B600 -- C:\WINDOWS\system32\user32.dll
[2004/08/04 02:45:34 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=851E107101C6D22828362719CFCE14C0 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll

< MD5 for: USERINIT.EXE  >
[2004/08/04 02:45:48 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=2805D99944A7808ABD8E92CD0730EF32 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/14 18:31:08 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=FD570C21EC04E768DE7577CAD6081C76 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 18:31:08 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=FD570C21EC04E768DE7577CAD6081C76 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE  >
[2008/04/14 18:31:11 | 000,513,536 | ---- | M] (Microsoft Corporation) MD5=5C928CB57C89F8623608DBF5467379EE -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 18:31:11 | 000,513,536 | ---- | M] (Microsoft Corporation) MD5=5C928CB57C89F8623608DBF5467379EE -- C:\WINDOWS\system32\winlogon.exe
[2014/11/21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\FRST\Quarantine\C\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2004/08/04 02:45:48 | 000,508,416 | ---- | M] (Microsoft Corporation) MD5=96EDA6106432427A4DBD29DD8D516EB0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

< MD5 for: WINRNR.DLL  >
[2008/04/14 18:30:11 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=7E537815677B9EC5050D1FB88743140E -- C:\WINDOWS\ServicePackFiles\i386\winrnr.dll
[2008/04/14 18:30:11 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=7E537815677B9EC5050D1FB88743140E -- C:\WINDOWS\system32\winrnr.dll
[2004/08/04 02:45:34 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=C697968239A9E455C2F44DE6A95087F9 -- C:\WINDOWS\$NtServicePackUninstall$\winrnr.dll

< C:\Windows\assembly\tmp\U\*.* /s >

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2015/01/21 05:50:49 | 000,843,592 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2014/12/10 11:18:06 | 000,905,912 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2014/12/10 11:18:06 | 000,905,912 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2014/12/10 11:18:06 | 000,905,912 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" [2014/12/10 11:18:09 | 000,337,520 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2014/12/10 11:18:09 | 000,337,520 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2014/12/10 11:18:09 | 000,337,520 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2015/01/21 05:50:49 | 000,843,592 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2015/01/21 05:50:49 | 000,843,592 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2015/01/21 05:50:49 | 000,843,592 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2015/01/21 05:50:49 | 000,843,592 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2014/03/06 05:17:24 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2014/03/06 05:17:24 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2014/03/06 05:17:24 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2015/01/21 05:50:49 | 000,843,592 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2014/12/10 11:18:06 | 000,905,912 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2014/12/10 11:18:06 | 000,905,912 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2014/12/10 11:18:06 | 000,905,912 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" [2014/12/10 11:18:09 | 000,337,520 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2014/12/10 11:18:09 | 000,337,520 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2014/12/10 11:18:09 | 000,337,520 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2015/01/21 05:50:49 | 000,843,592 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2015/01/21 05:50:49 | 000,843,592 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2015/01/21 05:50:49 | 000,843,592 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2015/01/21 05:50:49 | 000,843,592 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2014/03/06 05:17:24 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2014/03/06 05:17:24 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2014/03/06 05:17:24 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\*.dll /lockedfiles >
[2008/04/14 18:29:22 | 000,377,984 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\ati2dvaa.dll
[2008/04/14 18:29:22 | 000,201,728 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\ati2dvag.dll
[2008/04/14 18:29:22 | 000,870,784 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\ati3d1ag.dll
[2008/04/14 18:29:22 | 001,888,992 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\ati3duag.dll
[2008/04/14 18:29:22 | 000,516,768 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\ativvaxx.dll
[2013/06/04 02:53:15 | 000,290,816 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\atmfd.dll
[2001/11/27 15:00:00 | 000,012,288 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\bootvid.dll
[2011/10/28 07:31:47 | 000,033,280 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\csrsrv.dll
[2008/04/14 18:26:24 | 000,009,344 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\framebuf.dll
[2008/04/13 20:31:28 | 000,134,400 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\HAL.DLL
[2008/01/16 03:12:49 | 001,668,960 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\igxpdv32.dll
[2008/01/16 03:12:49 | 002,643,968 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\igxpdx32.dll
[2008/01/16 03:12:49 | 000,151,040 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\igxpgd32.dll
[2008/01/16 03:12:50 | 000,057,344 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\igxprd32.dll
[2001/11/27 15:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\KBDAL.DLL
[2001/11/27 15:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdaze.dll
[2001/11/27 15:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdazel.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdbe.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdbene.dll
[2008/04/14 18:26:54 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdbhc.dll
[2001/11/27 15:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdblr.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdbr.dll
[2001/11/27 15:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdbu.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdca.dll
[2001/11/27 15:00:00 | 000,007,680 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdcan.dll
[2001/11/27 15:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdcr.dll
[2001/11/27 15:00:00 | 000,007,168 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdcz.dll
[2001/11/27 15:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdcz1.dll
[2001/11/27 15:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdcz2.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdda.dll
[2001/11/27 15:00:00 | 000,005,120 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbddv.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdes.dll
[2001/11/27 15:00:00 | 000,006,144 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdest.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdfc.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdfi.dll
[2008/04/14 18:26:54 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdfi1.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdfo.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdfr.dll
[2001/11/27 15:00:00 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdgae.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdgkl.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdgr.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdgr1.dll
[2001/11/27 15:00:00 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdhe.dll
[2001/11/27 15:00:00 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdhe220.dll
[2001/11/27 15:00:00 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdhe319.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdhela2.dll
[2001/11/27 15:00:00 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdhela3.dll
[2001/11/27 15:00:00 | 000,008,192 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdhept.dll
[2001/11/27 15:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdhu.dll
[2001/11/27 15:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdhu1.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdic.dll
[2008/04/14 18:26:54 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdinbe1.dll
[2008/04/14 18:26:54 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdinben.dll
[2008/04/14 18:26:54 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdinmal.dll
[2001/11/27 15:00:00 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdir.dll
[2001/11/27 15:00:00 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdit.dll
[2001/11/27 15:00:00 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdit142.dll
[2008/04/14 18:26:54 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdiultn.dll
[2001/11/27 15:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdkaz.dll
[2001/11/27 15:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdkyr.dll
[2001/11/27 15:00:00 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdla.dll
[2001/11/27 15:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdlt.dll
[2001/11/27 15:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdlt1.dll
[2001/11/27 15:00:00 | 000,006,144 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdlv.dll
[2001/11/27 15:00:00 | 000,006,144 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdlv1.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdmac.dll
[2008/04/14 18:26:54 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdmaori.dll
[2008/04/14 18:26:54 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdmlt47.dll
[2008/04/14 18:26:54 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdmlt48.dll
[2001/11/27 15:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdmon.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdne.dll
[2008/04/14 18:26:54 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdnec.dll
[2008/04/14 18:26:54 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdnepr.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdno.dll
[2008/04/14 18:26:54 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdno1.dll
[2008/04/14 18:26:54 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdpash.dll
[2001/11/27 15:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdpl.dll
[2001/11/27 15:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdpl1.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdpo.dll
[2001/11/27 15:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdro.dll
[2001/11/27 15:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdru.dll
[2001/11/27 15:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdru1.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdsf.dll
[2001/11/27 15:00:00 | 000,006,656 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdsg.dll
[2001/11/27 15:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdsl.dll
[2001/11/27 15:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdsl1.dll
[2008/04/14 18:26:54 | 000,007,680 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdsmsfi.dll
[2008/04/14 18:26:54 | 000,007,680 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdsmsno.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdsp.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdsw.dll
[2001/11/27 15:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdtat.dll
[2001/11/27 15:00:00 | 000,006,144 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdtuf.dll
[2001/11/27 15:00:00 | 000,006,144 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdtuq.dll
[2001/11/27 15:00:00 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbduk.dll
[2008/04/14 18:26:54 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdukx.dll
[2001/11/27 15:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdur.dll
[2001/11/27 15:00:00 | 000,005,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdus.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdusl.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdusr.dll
[2001/11/27 15:00:00 | 000,006,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdusx.dll
[2001/11/27 15:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbduzb.dll
[2001/11/27 15:00:00 | 000,005,632 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdycc.dll
[2001/11/27 15:00:00 | 000,006,656 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kbdycl.dll
[2008/04/13 20:31:35 | 000,007,424 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kd1394.dll
[2001/11/27 15:00:00 | 000,007,040 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kdcom.dll
[2001/11/27 15:00:00 | 000,010,496 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\mcdsrv32.dll
[2008/04/14 18:29:36 | 000,034,560 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\mnmdd.dll
[2001/11/27 15:00:00 | 000,010,112 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\modex.dll
[2008/04/13 20:30:46 | 000,061,440 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\msvcrt40.dll
[2008/04/14 18:29:44 | 001,737,856 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\mtxparhd.dll
[2008/04/14 18:29:46 | 004,274,816 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\nv4_disp.dll
[2008/04/14 18:31:39 | 000,092,424 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\rdpdd.dll
[2008/04/14 18:29:54 | 000,397,056 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\s3gnb.dll
[2009/08/26 10:01:13 | 000,247,326 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\strmdll.dll
[2008/04/14 18:31:39 | 000,012,168 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\tsddd.dll
[2001/11/27 15:00:00 | 000,009,344 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\vga.dll
[2001/11/27 15:00:00 | 000,051,456 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\vga256.dll
[2001/11/27 15:00:00 | 000,018,176 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\vga64k.dll
[2001/11/27 15:00:00 | 000,066,560 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\wmerrELL.dll
[2008/04/14 18:30:12 | 000,303,616 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\wmstream.dll
[2001/11/27 15:00:00 | 000,003,200 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\wowfax.dll
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %ProgramFiles%\WINDOWS NT\*.* /s >
[2008/04/14 18:30:28 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\dialer.exe
[2001/11/27 15:00:00 | 000,013,312 | ---- | M] (Hilgraeve, Inc.) -- C:\Program Files\WINDOWS NT\htrn_jis.dll
[2001/11/27 15:00:00 | 000,028,160 | ---- | M] (Hilgraeve, Inc.) -- C:\Program Files\WINDOWS NT\hypertrm.exe
[2009/11/21 12:02:10 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\mswrd6.wpc
[2010/12/21 21:39:37 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\mswrd8.wpc
[2010/07/16 14:03:06 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\wordpad.exe
[2009/11/21 12:02:09 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\write.wpc
[2001/11/27 15:00:00 | 000,003,947 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\FONT.DAT
[2001/11/27 15:00:00 | 000,928,700 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\PINBALL.DAT
[2008/04/14 18:30:56 | 000,284,160 | ---- | M] (Cinematronics) -- C:\Program Files\WINDOWS NT\Pinball\pinball.exe
[2001/11/27 15:00:00 | 000,108,607 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\PINBALL.MID
[2001/11/27 15:00:00 | 000,028,888 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\PINBALL2.MID
[2001/11/27 15:00:00 | 000,055,490 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND1.WAV
[2001/11/27 15:00:00 | 000,001,226 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND104.WAV
[2001/11/27 15:00:00 | 000,001,968 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND105.WAV
[2001/11/27 15:00:00 | 000,007,754 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND108.WAV
[2001/11/27 15:00:00 | 000,000,890 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND111.WAV
[2001/11/27 15:00:00 | 000,000,824 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND112.WAV
[2001/11/27 15:00:00 | 000,004,296 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND12.WAV
[2001/11/27 15:00:00 | 000,008,034 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND13.WAV
[2001/11/27 15:00:00 | 000,001,290 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND131.WAV
[2001/11/27 15:00:00 | 000,019,282 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND136.WAV
[2001/11/27 15:00:00 | 000,003,002 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND14.WAV
[2001/11/27 15:00:00 | 000,001,046 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND16.WAV
[2001/11/27 15:00:00 | 000,002,090 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND17.WAV
[2001/11/27 15:00:00 | 000,003,986 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND18.WAV
[2001/11/27 15:00:00 | 000,027,472 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND181.WAV
[2001/11/27 15:00:00 | 000,005,230 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND19.WAV
[2001/11/27 15:00:00 | 000,008,650 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND20.WAV
[2001/11/27 15:00:00 | 000,009,194 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND21.WAV
[2001/11/27 15:00:00 | 000,007,376 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND22.WAV
[2001/11/27 15:00:00 | 000,012,106 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND24.WAV
[2001/11/27 15:00:00 | 000,014,600 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND240.WAV
[2001/11/27 15:00:00 | 000,020,712 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND243.WAV
[2001/11/27 15:00:00 | 000,025,704 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND25.WAV
[2001/11/27 15:00:00 | 000,007,306 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND26.WAV
[2001/11/27 15:00:00 | 000,020,242 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND27.WAV
[2001/11/27 15:00:00 | 000,008,650 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND28.WAV
[2001/11/27 15:00:00 | 000,010,364 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND29.WAV
[2001/11/27 15:00:00 | 000,022,858 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND3.WAV
[2001/11/27 15:00:00 | 000,022,570 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND30.WAV
[2001/11/27 15:00:00 | 000,001,520 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND34.WAV
[2001/11/27 15:00:00 | 000,019,498 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND35.WAV
[2001/11/27 15:00:00 | 000,033,848 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND36.WAV
[2001/11/27 15:00:00 | 000,013,024 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND38.WAV
[2001/11/27 15:00:00 | 000,028,282 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND39.WAV
[2001/11/27 15:00:00 | 000,016,626 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND4.WAV
[2001/11/27 15:00:00 | 000,029,140 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND42.WAV
[2001/11/27 15:00:00 | 000,022,796 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND43.WAV
[2001/11/27 15:00:00 | 000,009,770 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND45.WAV
[2001/11/27 15:00:00 | 000,001,876 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND49.WAV
[2001/11/27 15:00:00 | 000,003,330 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND49D.WAV
[2001/11/27 15:00:00 | 000,003,180 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND5.WAV
[2001/11/27 15:00:00 | 000,012,074 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND50.WAV
[2001/11/27 15:00:00 | 000,008,932 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND528.WAV
[2001/11/27 15:00:00 | 000,009,022 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND53.WAV
[2001/11/27 15:00:00 | 000,018,250 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND54.WAV
[2001/11/27 15:00:00 | 000,021,890 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND55.WAV
[2001/11/27 15:00:00 | 000,029,004 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND560.WAV
[2001/11/27 15:00:00 | 000,024,192 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND563.WAV
[2001/11/27 15:00:00 | 000,030,502 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND57.WAV
[2001/11/27 15:00:00 | 000,003,408 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND58.WAV
[2001/11/27 15:00:00 | 000,004,376 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND6.WAV
[2001/11/27 15:00:00 | 000,017,676 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND65.WAV
[2001/11/27 15:00:00 | 000,032,402 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND68.WAV
[2001/11/27 15:00:00 | 000,026,442 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND7.WAV
[2001/11/27 15:00:00 | 000,014,592 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND713.WAV
[2001/11/27 15:00:00 | 000,027,268 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND735.WAV
[2001/11/27 15:00:00 | 000,002,102 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND8.WAV
[2001/11/27 15:00:00 | 000,047,230 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND827.WAV
[2001/11/27 15:00:00 | 000,020,098 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND9.WAV
[2001/11/27 15:00:00 | 000,006,742 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND999.WAV
[2001/11/27 15:00:00 | 000,339,178 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\table.bmp
[2001/11/27 15:00:00 | 000,002,687 | R--- | M] () -- C:\Program Files\WINDOWS NT\Pinball\wavemix.inf

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008/04/13 20:46:18 | 000,053,376 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\1394bus.sys
[2008/04/14 17:42:09 | 000,189,184 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\acpi.sys
[2001/11/27 15:00:00 | 000,012,032 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\acpiec.sys
[2008/04/13 18:39:23 | 000,142,592 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\aec.sys
[2011/08/17 15:49:54 | 000,138,496 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\afd.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\agp440.sys
[2008/04/13 20:36:39 | 000,044,928 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\agpcpq.sys
[2008/04/13 20:36:38 | 000,042,752 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\alim1541.sys
[2008/04/13 20:36:39 | 000,043,008 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\amdagp.sys
[2008/04/14 17:44:10 | 000,041,728 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\amdk6.sys
[2008/04/14 17:44:12 | 000,042,112 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\amdk7.sys
[2008/04/13 20:51:25 | 000,060,800 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\arp1394.sys
[2008/04/13 20:57:27 | 000,014,336 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\asyncmac.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:29:30 | 000,056,623 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1btxx.sys
[2004/08/03 22:29:30 | 000,011,615 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1mdxx.sys
[2004/08/03 22:29:30 | 000,012,047 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1pdxx.sys
[2004/08/03 22:29:32 | 000,030,671 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1raxx.sys
[2004/08/03 22:29:32 | 000,063,663 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1rvxx.sys
[2004/08/03 22:29:32 | 000,026,367 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1snxx.sys
[2004/08/03 22:29:32 | 000,021,343 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1ttxx.sys
[2004/08/03 22:29:32 | 000,036,463 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1tuxx.sys
[2004/08/03 22:29:32 | 000,029,455 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1xbxx.sys
[2004/08/03 22:29:32 | 000,034,735 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati1xsxx.sys
[2004/08/04 00:36:16 | 000,327,168 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati2mtaa.sys
[2004/08/04 00:36:18 | 000,701,952 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ati2mtag.sys
[2004/08/03 22:29:28 | 000,057,856 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atinbtxx.sys
[2004/08/03 22:29:30 | 000,013,824 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atinmdxx.sys
[2004/08/03 22:29:30 | 000,014,336 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atinpdxx.sys
[2004/08/03 22:29:30 | 000,052,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atinraxx.sys
[2004/08/03 22:29:32 | 000,104,960 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atinrvxx.sys
[2004/08/03 22:29:32 | 000,028,672 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atinsnxx.sys
[2004/08/03 22:29:32 | 000,013,824 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atinttxx.sys
[2004/08/03 22:29:32 | 000,073,216 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atintuxx.sys
[2004/08/03 22:29:32 | 000,031,744 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atinxbxx.sys
[2004/08/03 22:29:32 | 000,063,488 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atinxsxx.sys
[2008/04/13 20:51:25 | 000,059,904 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atmarpc.sys
[2001/11/27 15:00:00 | 000,031,360 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atmepvc.sys
[2008/04/13 20:51:30 | 000,055,808 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atmlane.sys
[2001/11/27 15:00:00 | 000,352,256 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atmuni.sys
[2001/08/17 22:59:44 | 000,003,072 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\audstub.sys
[2001/11/27 15:00:00 | 000,004,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\beep.sys
[2008/04/13 20:53:23 | 000,071,552 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\bridge.sys
[2008/04/13 20:46:33 | 000,017,024 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\bthenum.sys
[2008/04/13 20:46:33 | 000,037,888 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\bthmodem.sys
[2008/04/13 20:51:34 | 000,101,120 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\bthpan.sys
[2008/06/14 19:33:23 | 000,273,152 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\bthport.sys
[2008/04/13 20:46:31 | 000,036,480 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\bthprint.sys
[2008/04/13 20:46:29 | 000,018,944 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\bthusb.sys
[2001/11/27 15:00:00 | 000,013,952 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\cbidf2k.sys
[2008/04/13 20:46:23 | 000,017,024 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ccdecode.sys
[2001/11/27 15:00:00 | 000,018,688 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\cdaudio.sys
[2008/04/13 21:14:21 | 000,063,744 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\cdfs.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\cdrom.sys
[2001/11/27 15:00:00 | 000,262,528 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\cinemst2.sys
[2008/04/13 21:16:22 | 000,049,536 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\classpnp.sys
[2001/11/27 15:00:00 | 000,011,776 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\cpqdap01.sys
[2008/04/14 17:54:12 | 000,041,216 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\crusoe.sys
[2008/02/21 16:15:46 | 000,003,968 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\DeNoise.sys
[2013/04/18 18:06:08 | 000,020,032 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dgderdrv.sys
[2008/04/13 20:40:47 | 000,036,352 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\disk.sys
[2008/04/13 20:40:44 | 000,014,208 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\diskdump.sys
[2008/04/14 17:56:51 | 000,800,256 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dmboot.sys
[2008/04/14 17:56:59 | 000,154,368 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dmio.sys
[2001/11/27 15:00:00 | 000,005,888 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dmload.sys
[2008/04/13 20:45:01 | 000,052,864 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dmusic.sys
[2008/04/13 20:45:14 | 000,060,160 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\drmk.sys
[2008/04/13 20:45:13 | 000,002,944 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\drmkaud.sys
[2001/11/27 15:00:00 | 000,010,496 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dxapi.sys
[2008/04/13 20:38:29 | 000,071,168 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dxg.sys
[2001/11/27 15:00:00 | 000,003,328 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dxgthk.sys
[2008/01/16 03:12:20 | 000,254,872 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\e1e5132.sys
[2001/08/17 22:46:40 | 000,006,400 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\enum1394.sys
[2014/12/15 16:53:40 | 000,075,264 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\f599a5569ba58b6.sys
[2008/04/13 21:14:29 | 000,143,744 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\fastfat.sys
[2008/04/13 20:40:25 | 000,027,392 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\fdc.sys
[2008/04/14 17:46:47 | 000,044,800 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\fips.sys
[2008/04/13 20:40:25 | 000,020,480 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\flpydisk.sys
[2008/04/13 20:32:59 | 000,129,792 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\fltmgr.sys
[2001/11/27 15:00:00 | 000,012,416 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\fsvga.sys
[2001/11/27 15:00:00 | 000,007,936 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\fs_rec.sys
[2001/11/27 15:00:00 | 000,126,080 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ftdisk.sys
[2008/04/13 20:36:40 | 000,046,464 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\gagp30kx.sys
[2012/08/21 12:01:22 | 000,026,840 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
[2008/04/13 18:36:05 | 000,144,384 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\hdaudbus.sys
[2005/01/07 16:07:16 | 000,145,920 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\Hdaudio.sys
[2007/05/11 18:00:14 | 000,045,056 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\HECI.sys
[2008/04/14 17:50:09 | 000,025,728 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\hidbth.sys
[2008/04/13 20:45:26 | 000,036,864 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\hidclass.sys
[2008/04/13 20:45:26 | 000,019,200 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\hidir.sys
[2013/07/03 04:12:52 | 000,025,088 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\hidparse.sys
[2008/04/13 20:45:27 | 000,010,368 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\hidusb.sys
[2007/01/17 02:37:17 | 000,049,920 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\HPZid412.sys
[2007/01/17 02:37:18 | 000,016,496 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\HPZipr12.sys
[2007/01/17 02:37:19 | 000,021,568 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\HPZius12.sys
[2004/08/03 22:41:48 | 000,220,032 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
[2004/08/03 22:41:50 | 000,685,056 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\hsfcxts2.sys
[2004/08/03 22:41:56 | 001,041,536 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
[2009/10/20 18:20:16 | 000,265,728 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\http.sys
[2008/04/14 17:51:22 | 000,054,528 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\i8042prt.sys
[2008/01/16 03:12:50 | 005,851,488 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\igxpmp32.sys
[2008/04/13 20:40:58 | 000,042,112 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\imapi.sys
[2008/04/14 17:54:28 | 000,040,832 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\intelppm.sys
[2008/04/13 20:53:34 | 000,036,608 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ip6fw.sys
[2001/11/27 15:00:00 | 000,032,896 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ipfltdrv.sys
[2008/04/13 20:57:07 | 000,020,864 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ipinip.sys
[2008/04/13 20:57:15 | 000,152,832 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ipnat.sys
[2008/04/13 21:19:42 | 000,075,264 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ipsec.sys
[2007/03/09 16:04:42 | 000,031,072 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\iqvw32.sys
[2013/07/17 02:58:06 | 000,046,848 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\irbus.sys
[2008/04/13 20:54:28 | 000,011,264 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\irenum.sys
[2008/04/14 17:55:49 | 000,038,016 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008/04/14 17:56:45 | 000,025,728 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\kbdclass.sys
[2008/04/13 20:45:09 | 000,172,416 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\kmixer.sys
[2008/04/13 21:16:36 | 000,141,056 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ks.sys
[2009/06/24 13:18:41 | 000,092,928 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ksecdd.sys
[2001/11/27 15:00:00 | 000,007,680 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mcd.sys
[2004/08/03 22:41:56 | 000,011,868 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mdmxsdk.sys
[2008/04/13 20:36:41 | 000,063,744 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mf.sys
[2001/11/27 15:00:00 | 000,004,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mnmdd.sys
[2008/04/14 17:42:34 | 000,030,464 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\modem.sys
[2001/08/17 19:57:38 | 000,016,128 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\MODEMCSA.sys
[2008/04/14 17:42:48 | 000,024,064 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mouclass.sys
[2001/11/27 15:00:00 | 000,012,288 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mouhid.sys
[2008/04/13 20:39:46 | 000,042,368 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mountmgr.sys
[2009/06/22 13:48:44 | 000,091,776 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mqac.sys
[2008/04/13 20:32:44 | 000,180,608 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mrxdav.sys
[2011/07/15 15:29:31 | 000,456,320 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mrxsmb.sys
[2008/04/13 20:32:39 | 000,019,072 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\msfs.sys
[2008/04/13 20:56:32 | 000,035,072 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\msgpc.sys
[2008/04/13 20:39:52 | 000,007,552 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mskssrv.sys
[2008/04/13 20:39:50 | 000,005,376 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mspclock.sys
[2008/04/13 20:39:51 | 000,004,992 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mspqm.sys
[2008/04/13 20:36:46 | 000,015,488 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mssmbios.sys
[2008/04/13 20:39:50 | 000,005,504 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mstee.sys
[2004/08/03 21:41:40 | 000,126,686 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mtlmnt5.sys
[2004/08/03 21:41:38 | 001,309,184 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mtlstrm.sys
[2004/08/03 22:29:38 | 000,452,736 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mtxparhm.sys
[2011/04/21 15:37:43 | 000,105,472 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mup.sys
[2008/04/13 20:43:55 | 000,012,672 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mutohpen.sys
[2008/04/13 20:46:25 | 000,085,248 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nabtsfec.sys
[2008/04/13 21:20:37 | 000,182,656 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ndis.sys
[2008/04/13 20:46:22 | 000,010,880 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ndisip.sys
[2011/07/08 16:02:00 | 000,010,496 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ndistapi.sys
[2008/04/13 20:55:58 | 000,014,592 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ndisuio.sys
[2008/04/13 21:20:42 | 000,091,520 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ndiswan.sys
[2013/11/27 22:21:06 | 000,040,960 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ndproxy.sys
[2008/04/13 20:56:02 | 000,034,688 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\netbios.sys
[2008/04/13 21:21:00 | 000,162,816 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\netbt.sys
[2008/04/13 20:51:25 | 000,061,824 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nic1394.sys
[2001/11/27 15:00:00 | 000,012,032 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nikedrv.sys
[2008/04/13 20:53:09 | 000,040,320 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nmnt.sys
[2008/04/13 20:32:39 | 000,030,848 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\npfs.sys
[2008/04/13 21:15:53 | 000,574,976 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004/08/03 21:41:40 | 000,180,360 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ntmtlfax.sys
[2001/11/27 15:00:00 | 000,002,944 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\null.sys
[2004/08/03 22:29:56 | 001,897,408 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nv4_mini.sys
[2001/11/27 15:00:00 | 000,012,416 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nwlnkflt.sys
[2001/11/27 15:00:00 | 000,032,512 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys
[2008/04/13 20:56:06 | 000,088,320 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nwlnkipx.sys
[2001/11/27 15:00:00 | 000,063,232 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nwlnknb.sys
[2001/11/27 15:00:00 | 000,055,936 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nwlnkspx.sys
[2008/04/13 20:34:12 | 000,163,584 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nwrdr.sys
[2008/04/13 20:46:18 | 000,061,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ohci1394.sys
[2001/11/27 15:00:00 | 000,003,456 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\oprghdlr.sys
[2008/04/14 18:02:08 | 000,047,104 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\p3.sys
[2008/04/14 18:02:10 | 000,080,512 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\parport.sys
[2008/04/13 20:40:49 | 000,019,712 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\partmgr.sys
[2001/11/27 15:00:00 | 000,007,168 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\parvdm.sys
[2008/04/14 18:02:15 | 000,068,480 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\pci.sys
[2001/11/26 21:57:54 | 000,003,456 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\pciide.sys
[2008/04/13 20:40:29 | 000,024,960 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\pciidex.sys
[2008/04/14 18:02:17 | 000,120,576 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\pcmcia.sys
[2008/04/13 21:19:41 | 000,146,048 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\portcls.sys
[2008/04/14 17:45:24 | 000,040,320 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\processr.sys
[2008/04/13 20:56:38 | 000,069,120 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\psched.sys
[2001/11/27 15:00:00 | 000,017,792 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ptilink.sys
[2001/11/27 15:00:00 | 000,008,832 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rasacd.sys
[2008/04/13 21:19:43 | 000,051,328 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rasl2tp.sys
[2008/04/13 20:57:32 | 000,041,472 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\raspppoe.sys
[2008/04/13 21:19:48 | 000,048,384 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\raspptp.sys
[2001/11/27 15:00:00 | 000,016,512 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\raspti.sys
[2001/11/27 15:00:00 | 000,034,432 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rawwan.sys
[2008/04/13 21:28:39 | 000,175,744 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rdbss.sys
[2001/11/27 15:00:00 | 000,004,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rdpcdd.sys
[2008/04/13 20:32:51 | 000,196,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rdpdr.sys
[2012/07/04 16:05:12 | 000,139,784 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rdpwd.sys
[2004/08/03 21:41:40 | 000,013,776 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\RecAgent.sys
[2008/04/14 17:48:11 | 000,058,880 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\redbook.sys
[2008/04/13 20:46:32 | 000,059,136 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rfcomm.sys
[2001/11/27 15:00:00 | 000,012,032 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rio8drv.sys
[2001/11/27 15:00:00 | 000,012,032 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\riodrv.sys
[2008/05/08 16:02:52 | 000,203,136 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rmcast.sys
[2008/04/13 20:56:49 | 000,030,592 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rndismp.sys
[2008/04/13 20:56:49 | 000,030,592 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rndismpx.sys
[2001/11/27 15:00:00 | 000,005,888 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rootmdm.sys
[2008/01/16 03:10:51 | 004,609,024 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\RtkHDAud.sys
[2008/10/21 09:22:48 | 000,086,824 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s0017bus.sys
[2008/10/21 09:22:48 | 000,012,200 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s0017cm.sys
[2008/10/21 09:22:48 | 000,012,200 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s0017cmnt.sys
[2008/10/21 09:22:48 | 000,010,792 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s0017cr.sys
[2008/10/21 09:22:48 | 000,015,016 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s0017mdfl.sys
[2008/10/21 09:22:48 | 000,114,600 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s0017mdm.sys
[2008/10/21 09:22:48 | 000,108,328 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s0017mgmt.sys
[2008/10/21 09:22:48 | 000,026,024 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s0017nd5.sys
[2008/10/21 09:22:48 | 000,104,616 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s0017obex.sys
[2008/10/21 09:22:48 | 000,109,736 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s0017unic.sys
[2008/10/21 09:22:48 | 000,012,200 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s0017wh.sys
[2008/10/21 09:22:48 | 000,012,200 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s0017whnt.sys
[2009/03/25 16:48:00 | 000,086,824 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s1018bus.sys
[2009/03/25 16:48:00 | 000,012,200 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s1018cm.sys
[2009/03/25 16:48:00 | 000,012,200 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s1018cmnt.sys
[2009/03/25 16:48:00 | 000,010,792 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s1018cr.sys
[2009/03/25 16:48:00 | 000,015,016 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s1018mdfl.sys
[2009/03/25 16:48:00 | 000,114,728 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s1018mdm.sys
[2009/03/25 16:48:00 | 000,106,208 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s1018mgmt.sys
[2009/03/25 16:48:00 | 000,026,024 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s1018nd5.sys
[2009/03/25 16:48:00 | 000,104,744 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s1018obex.sys
[2009/03/25 16:48:00 | 000,109,864 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s1018unic.sys
[2009/03/25 16:48:00 | 000,012,200 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s1018wh.sys
[2009/03/25 16:48:00 | 000,012,200 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s1018whnt.sys
[2004/08/03 22:29:52 | 000,166,912 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s3gnbm.sys
[2008/04/13 20:40:30 | 000,096,384 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\scsiport.sys
[2008/04/13 20:36:44 | 000,079,232 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sdbus.sys
[2008/04/13 18:39:15 | 000,020,480 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\secdrv.sys
[2008/01/09 12:28:34 | 000,027,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\seehcri.sys
[2008/04/13 20:40:12 | 000,015,744 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\serenum.sys
[2008/04/14 17:51:35 | 000,066,432 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\serial.sys
[2008/04/13 20:40:47 | 000,011,904 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sffdisk.sys
[2008/04/13 20:40:48 | 000,010,240 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sffp_mmc.sys
[2008/04/13 20:40:47 | 000,011,008 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sffp_sd.sys
[2008/04/13 20:40:48 | 000,011,392 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sfloppy.sys
[2008/04/13 20:36:39 | 000,040,960 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sisagp.sys
[2008/04/13 20:46:23 | 000,011,136 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\slip.sys
[2004/08/03 21:41:42 | 000,129,535 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\slnt7554.sys
[2004/08/03 22:41:44 | 000,404,990 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\slntamr.sys
[2004/08/03 21:41:46 | 000,095,424 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\slnthal.sys
[2004/08/03 21:41:46 | 000,013,240 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\slwdmsup.sys
[2008/04/13 20:36:34 | 000,005,888 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\smbali.sys
[2001/11/27 15:00:00 | 000,014,592 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\smclib.sys
[2009/04/24 08:18:40 | 010,472,960 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\snpstd3.sys
[2008/04/13 20:46:07 | 000,025,344 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sonydcam.sys
[2008/04/13 20:45:07 | 000,006,272 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\splitter.sys
[2008/04/14 18:02:25 | 000,073,472 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sr.sys
[2011/02/17 15:18:03 | 000,357,888 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\srv.sys
[2013/08/21 06:31:38 | 000,084,248 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ssudbus.sys
[2013/08/21 06:31:38 | 000,182,680 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ssudmdm.sys
[2008/04/13 20:45:15 | 000,049,408 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\stream.sys
[2008/04/13 20:46:21 | 000,015,232 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\streamip.sys
[2008/04/13 20:39:53 | 000,004,352 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\swenum.sys
[2008/04/13 20:45:09 | 000,056,576 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\swmidi.sys
[2008/04/13 21:15:55 | 000,060,800 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sysaudio.sys
[2008/04/13 20:40:50 | 000,014,976 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tape.sys
[2008/06/20 13:51:12 | 000,361,600 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2010/02/11 14:02:15 | 000,226,880 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tcpip6.sys
[2008/04/13 21:00:05 | 000,019,072 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tdi.sys
[2008/04/14 18:31:38 | 000,012,040 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tdpipe.sys
[2008/04/14 18:31:39 | 000,021,896 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tdtcp.sys
[2008/04/14 18:31:38 | 000,040,840 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\termdd.sys
[2001/11/27 15:00:00 | 000,051,712 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tosdvd.sys
[2001/11/27 15:00:00 | 000,021,376 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tsbvcap.sys
[2008/04/13 20:56:01 | 000,012,288 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tunmp.sys
[2008/04/13 20:36:40 | 000,044,672 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\uagp35.sys
[2008/04/13 20:32:36 | 000,066,048 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\udfs.sys
[2008/04/13 20:39:46 | 000,384,768 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\update.sys
[2013/02/12 02:32:23 | 000,012,928 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usb8023.sys
[2013/02/12 02:32:23 | 000,012,928 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usb8023x.sys
[2012/12/13 12:50:38 | 000,045,056 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbaapl.sys
[2008/04/13 20:45:40 | 000,025,600 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbcamd.sys
[2008/04/13 20:45:41 | 000,025,728 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbcamd2.sys
[2013/08/09 02:55:07 | 000,032,384 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbccgp.sys
[2013/08/09 02:55:06 | 000,005,376 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbd.sys
[2009/03/18 13:02:23 | 000,030,336 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbehci.sys
[2008/04/13 20:45:37 | 000,059,520 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbhub.sys
[2008/04/13 20:45:43 | 000,015,872 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbintel.sys
[2013/08/09 02:55:08 | 000,144,128 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbport.sys
[2008/04/13 20:47:37 | 000,025,856 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbprint.sys
[2013/07/03 03:59:02 | 000,014,976 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbscan.sys
[2008/04/13 20:45:38 | 000,026,368 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbstor.sys
[2008/04/13 20:45:35 | 000,020,608 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbuhci.sys
[2013/07/17 02:58:17 | 000,123,008 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbvideo.sys
[2001/11/27 15:00:00 | 000,058,112 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\vdmindvd.sys
[2008/04/13 20:44:40 | 000,020,992 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\vga.sys
[2008/04/13 20:36:40 | 000,042,240 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\viaagp.sys
[2008/04/13 20:44:40 | 000,081,664 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\videoprt.sys
[2008/04/14 17:47:31 | 000,053,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\volsnap.sys
[2008/04/13 20:43:55 | 000,014,208 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wacompen.sys
[2004/08/03 22:29:40 | 000,011,807 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wadv07nt.sys
[2004/08/03 22:29:40 | 000,011,295 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wadv08nt.sys
[2004/08/03 22:29:42 | 000,011,871 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wadv09nt.sys
[2004/08/03 22:29:42 | 000,011,935 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wadv11nt.sys
[2008/04/13 20:57:21 | 000,034,560 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wanarp.sys
[2004/08/03 22:29:46 | 000,022,271 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\watv06nt.sys
[2004/08/03 22:29:46 | 000,025,471 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\watv10nt.sys
[2008/03/27 15:27:46 | 000,503,008 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wdf01000.sys
[2008/03/27 15:27:48 | 000,035,040 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wdfldr.sys
[2008/04/13 21:17:18 | 000,083,072 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wdmaud.sys
[2006/11/02 06:00:08 | 000,039,368 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\winusb.sys
[2001/11/27 15:00:00 | 000,004,352 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wmilib.sys
[2006/10/18 19:00:00 | 000,038,528 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wpdusb.sys
[2001/11/27 15:00:00 | 000,012,032 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
[2008/04/13 20:46:24 | 000,019,200 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wstcodec.sys
[2006/09/28 17:55:50 | 000,077,568 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\WudfPf.sys
[2006/09/28 18:00:34 | 000,082,944 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\WudfRd.sys

< End of report >

EXTRAS:

OTL Extras logfile created on: 26/1/2015 5:13:11 μμ - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000408 | Country: Ελλάδα | Language: ELL | Date Format: d/M/yyyy

1,97 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 67,07% Memory free
3,82 Gb Paging File | 3,34 Gb Available in Paging File | 87,51% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 83,54 Gb Free Space | 56,05% Space Free | Partition Type: NTFS

Computer Name: DESKTOP | User Name: Vagelis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\TeamViewer\Version9\TeamViewer.exe" = C:\Program Files\TeamViewer\Version9\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\DOCUME~1\Vagelis\LOCALS~1\Temp\B04.tmp" = C:\DOCUME~1\Vagelis\LOCALS~1\Temp\B04.tmp:*:Enabled:B04
"C:\DOCUME~1\Vagelis\LOCALS~1\Temp\B24.tmp" = C:\DOCUME~1\Vagelis\LOCALS~1\Temp\B24.tmp:*:Enabled:B24 -- (EFD Software)
"\??\C:\WINDOWS\system32\winlogon.exe" = \??\C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A5825FD-0FB7-4e45-9037-858D463F2943}" = BPDSoftware
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java™ 6 Update 25
"{2951A232-69BA-4925-BB9A-CEEB72B18B4F}" = BPDSoftware_Ini
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{350C9408-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{398E8625-6F3A-4C54-B54C-28F0ABB89774}" = BPD_HPSU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{572F2A62-70CD-4429-8758-6D4D6DC696E1}" = 4500_Help
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6697D99E-E550-4498-B793-4A8DD8A1821F}" = ProductContext
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel® PRO Network Connections 12.1.12.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90110408-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC6E2D54-D21C-4350-7911-77D83EAF1032}" = Nero 7 Demo
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C197BC08-3D82-4651-8886-E68C21578A38}" = iTunes
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CD0773D5-C18E-495c-B39B-21A96415EDD5}" = HP Officejet J4500 Series
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}" = DocMgr
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = BudgetIII Web camera
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{FDEC11CC-4BD6-4a8c-A398-3CCD8E43EACA}" = J4500
"{FE9C13F6-6BBD-47D3-B939-F7E061BC4930}" = ESET NOD32 Antivirus
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CMS" = CMS
"CSCLIB" = Canon Camera Support Core Library
"EOS Utility" = Canon Utilities EOS Utility
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"HECI" = Διασύνδεση μηχανισμού διαχείρισης Intel®
"HP Document Manager" = HP Document Manager 1.0
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware έκδοση 2.0.4.1028
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 34.0.5 (x86 el)" = Mozilla Firefox 34.0.5 (x86 el)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NetSurveillance" = NetSurveillance
"PhotoStitch" = Canon Utilities PhotoStitch
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"TeamViewer 9" = TeamViewer 9
"uTorrent" = µTorrent
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"winusb0100" = Microsoft WinUsb 1.0
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 17/12/2014 11:28:18 πμ | Computer Name = DESKTOP | Source = EventSystem | ID = 4609
Description = Το σύστημα συμβάντων COM+ εντόπισε έναν εσφαλμένο κωδικό επιστροφής
 κατά την εσωτερική του επεξεργασία.  Το HRESULT ήταν 80070005 από τη γραμμή 44
του d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Επικοινωνήστε με
 τις υπηρεσίες υποστήριξης προϊόντων της Microsoft για να αναφέρετε αυτό το σφάλμ

Error - 17/12/2014 11:55:43 πμ | Computer Name = DESKTOP | Source = EventSystem | ID = 4609
Description = Το σύστημα συμβάντων COM+ εντόπισε έναν εσφαλμένο κωδικό επιστροφής
 κατά την εσωτερική του επεξεργασία.  Το HRESULT ήταν 800706BA από τη γραμμή 44
του d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Επικοινωνήστε με
 τις υπηρεσίες υποστήριξης προϊόντων της Microsoft για να αναφέρετε αυτό το σφάλμ

Error - 17/12/2014 11:56:44 πμ | Computer Name = DESKTOP | Source = EventSystem | ID = 4609
Description = Το σύστημα συμβάντων COM+ εντόπισε έναν εσφαλμένο κωδικό επιστροφής
 κατά την εσωτερική του επεξεργασία.  Το HRESULT ήταν 80070005 από τη γραμμή 44
του d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Επικοινωνήστε με
 τις υπηρεσίες υποστήριξης προϊόντων της Microsoft για να αναφέρετε αυτό το σφάλμ

Error - 24/12/2014 5:53:20 πμ | Computer Name = DESKTOP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 24/12/2014 5:53:20 πμ | Computer Name = DESKTOP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 21469

Error - 24/12/2014 5:53:20 πμ | Computer Name = DESKTOP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 21469

Error - 18/1/2015 6:08:27 πμ | Computer Name = DESKTOP | Source = MsiInstaller | ID = 11706
Description = Product: SmartWebPrinting -- Error 1706. An installation package for
 the product SmartWebPrinting cannot be found. Try the installation again using
a valid copy of the installation package 'SmartWebPrinting.msi'.

Error - 18/1/2015 6:09:37 πμ | Computer Name = DESKTOP | Source = MsiInstaller | ID = 11706
Description = Product: SmartWebPrinting -- Error 1706. An installation package for
 the product SmartWebPrinting cannot be found. Try the installation again using
a valid copy of the installation package 'SmartWebPrinting.msi'.

Error - 18/1/2015 6:09:44 πμ | Computer Name = DESKTOP | Source = MsiInstaller | ID = 11706
Description = Product: SmartWebPrinting -- Error 1706. An installation package for
 the product SmartWebPrinting cannot be found. Try the installation again using
a valid copy of the installation package 'SmartWebPrinting.msi'.

Error - 25/1/2015 1:05:23 μμ | Computer Name = DESKTOP | Source = MsiInstaller | ID = 11706
Description = Product: SmartWebPrinting -- Error 1706. An installation package for
 the product SmartWebPrinting cannot be found. Try the installation again using
a valid copy of the installation package 'SmartWebPrinting.msi'.

[ System Events ]
Error - 26/1/2015 3:30:01 πμ | Computer Name = DESKTOP | Source = Service Control Manager | ID = 7026
Description = Απέτυχε η φόρτωση των ακόλουθων προγραμμάτων οδήγησης της εκκίνησης
 του υπολογιστή ή της εκκίνησης του συστήματος:   ehdrv  epfwtdir

Error - 26/1/2015 3:30:01 πμ | Computer Name = DESKTOP | Source = Service Control Manager | ID = 7000
Description = Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας eamon εξαιτίας του ακόλουθου
 σφάλματος:   %%31

Error - 26/1/2015 3:30:01 πμ | Computer Name = DESKTOP | Source = Service Control Manager | ID = 7000
Description = Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας ehdrv εξαιτίας του ακόλουθου
 σφάλματος:   %%31

Error - 26/1/2015 3:46:15 πμ | Computer Name = DESKTOP | Source = Service Control Manager | ID = 7022
Description = Η υπηρεσία Υπηρεσία HP CUE DeviceDiscovery έκλεισε ενώ ξεκινούσε.

Error - 26/1/2015 3:46:15 πμ | Computer Name = DESKTOP | Source = Service Control Manager | ID = 7026
Description = Απέτυχε η φόρτωση των ακόλουθων προγραμμάτων οδήγησης της εκκίνησης
 του υπολογιστή ή της εκκίνησης του συστήματος:   ehdrv  epfwtdir

Error - 26/1/2015 3:46:15 πμ | Computer Name = DESKTOP | Source = Service Control Manager | ID = 7000
Description = Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας eamon εξαιτίας του ακόλουθου
 σφάλματος:   %%31

Error - 26/1/2015 3:46:15 πμ | Computer Name = DESKTOP | Source = Service Control Manager | ID = 7000
Description = Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας ehdrv εξαιτίας του ακόλουθου
 σφάλματος:   %%31

Error - 26/1/2015 10:37:57 πμ | Computer Name = DESKTOP | Source = Schannel | ID = 36876
Description = Η επικύρωση του πιστοποιητικού που λήφθηκε από τον απομακρυσμένο διακομιστή
 δεν έγινε σωστά. Ο  κωδικός σφάλματος είναι 0x80092013. Η αίτηση για σύνδεση SSL
απέτυχε. Τα συνημμένα δεδομένα περιέχουν  το πιστοποιητικό διακομιστή.

Error - 26/1/2015 11:08:45 πμ | Computer Name = DESKTOP | Source = Service Control Manager | ID = 7000
Description = Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας eamon εξαιτίας του ακόλουθου
 σφάλματος:   %%31

Error - 26/1/2015 11:08:45 πμ | Computer Name = DESKTOP | Source = Service Control Manager | ID = 7000
Description = Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας ehdrv εξαιτίας του ακόλουθου
 σφάλματος:   %%31


< End of report >

 

combofix:

 

It's impossible to run combofix. The desktop is completely disabled without touching the mouse!

Reboot, restore the desktop but no combofix.txt.

What can I do about that?
 


  • 0

#6
RKinner
Posted 26 January 2015 - 01:42 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

It looks like we have a Necurs Rootkit at the bottom of this infection which is why combofix won't run.  This probably cannot be removed from Windows as it protects itself from anti-virus programs.  That being said McAfee claims they can remove it with rootkit remover so let's try it first:

 

http://www.mcafee.co...kitremover.aspx

 

If that doesn't work we have to boot from a CD or a USB drive.    Let's try an AVG Rescue disk.  Instructions are here:

 

http://www.geekstogo...ystem-tutorial/


  • 0

#7
MariannaC
Posted 26 January 2015 - 01:56 PM

MariannaC

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

[ TimeStamp: 20150126 215032 ]Rootkit Remover v0.8.9.174 [Jun  2 2014 - 14:10:00]
McAfee Labs.

Windows build 5.1.2600 x86 Service Pack 3
Checking for updates ...


Scanning for user-mode threats ...
WARNING: Unable to load kernel-mode driver
Please ensure to run this tool as administrator.

Scanning for kernel-mode threats ...
    Scan Result --> No trojan or viruses found!
Scan Finished


  • 0

#8
RKinner
Posted 26 January 2015 - 02:03 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Didn't work.  I'm not surprised.  Never thought much of McAfee.  You can also try aswMBR.  It has some funny tricks that might work.

 

 
Download aswMBR.exe  to your desktop.
Double click aswMBR.exe 
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and  click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply
 
 
If that doesn't work then we will need to try the CD method.

  • 0

#9
MariannaC
Posted 26 January 2015 - 03:11 PM

MariannaC

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2015-01-26 22:17:56
-----------------------------
22:17:56.703    OS Version: Windows 5.1.2600 Service Pack 3
22:17:56.703    Number of processors: 2 586 0xF0D
22:17:56.703    ComputerName: DESKTOP  UserName: Vagelis
22:17:57.453    Initialze error C0000001 - driver not loaded
22:18:30.125    AVAST engine defs: 15012601
22:19:36.984    Service scanning
22:19:39.968    Service f599a5569ba58b6 C:\WINDOWS\System32\Drivers\f599a5569ba58b6.sys **HIDDEN**
22:19:39.984    Service f599a5569ba58b6 C:\WINDOWS\System32\Drivers\f599a5569ba58b6.sys **INFECTED** Win32:Malware-gen
22:19:40.000    Service f599a5569ba58b6 C:\WINDOWS\System32\Drivers\f599a5569ba58b6.sys **LOCKED**
22:19:50.343    Modules scanning
22:19:51.218    AVAST engine scan C:\WINDOWS
22:20:05.687    AVAST engine scan C:\WINDOWS\system32
22:21:06.765    File: C:\WINDOWS\system32\rundll32.exe.tmp  **INFECTED** Win32:Malware-gen
22:22:35.843    AVAST engine scan C:\WINDOWS\system32\drivers
22:22:38.406    File: C:\WINDOWS\system32\drivers\f599a5569ba58b6.sys  **INFECTED** Win32:Malware-gen
22:22:46.093    AVAST engine scan C:\Documents and Settings\Vagelis
22:30:44.562    File: C:\Documents and Settings\Vagelis\Local Settings\Temp\B24.tmp  **INFECTED** Win32:Malware-gen
22:30:44.609    File: C:\Documents and Settings\Vagelis\Local Settings\Temp\B25.tmp  **INFECTED** Win32:Malware-gen
22:48:16.609    AVAST engine scan C:\Documents and Settings\All Users
22:48:57.468    Scan finished successfully
22:50:07.718    The log file has been saved successfully to "C:\Documents and Settings\Vagelis\Επιφάνεια εργασίας\aswMBR.txt"


  • 0

#10
RKinner
Posted 26 January 2015 - 03:55 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

It found some that I couldn't see but apparently it can't fix it.

 

I think we are going to have to go the CD route.  If you don't have a blank CD you can try a USB drive but I expect your PC is too old to boot from a USB.


  • 0

#11
MariannaC
Posted 27 January 2015 - 12:21 AM

MariannaC

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Ok, I'll follow your instructions tonight. Thank you!


  • 0

#12
MariannaC
Posted 27 January 2015 - 12:30 PM

MariannaC

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Unfortunately the rescue cd couldn't fix anything.

After the final reboot, it seems worse than it was. It didn't even rename the infected files.

(All the files have renamed extensions *.efzzupf)


  • 0

#13
RKinner
Posted 27 January 2015 - 12:52 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

(All the files have renamed extensions *.efzzupf)  These are not infected.  They are encrypted which makes them unusable.  There is nothing we can do about the encrypted files.  They are lost forever.

 

Did you run the update before running the scan?

 

 

The avg disk has an option for Utilites.  If you select that then File Manager (Midnight Commander) it should allow you to navigate into the C:\windows\system32\Drivers folder.  

 

We are looking for something like this:  f599a5569ba58b6.sys

 

It may change its name slightly but will probably have the same number of characters.  We want to delete this and the other files that aswMBR found:

 

C:\WINDOWS\system32\rundll32.exe.tmp 

C:\Documents and Settings\Vagelis\Local Settings\Temp\B24.tmp  
 

 

Then go into the registry editor in Utilities and search for the service associated with the file we deleted.  Normally it will be:

 

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\f599a5569ba58b6

 

We want to delete each entry we find.

 

There may also be several others in locations like:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\f599a5569ba58b6


  • 0

#14
MariannaC
Posted 29 January 2015 - 03:17 AM

MariannaC

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Ok. My friend's pc is now clean... everything is back to normal. The files though, are lost indeed. 

Thank you for everything.

I'm truly grateful!

:spoton:

Have a nice day.

Marianna


  • 0

#15
RKinner
Posted 29 January 2015 - 07:03 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Will Combofix run now?  If you are calling the thing clean then we need to cleanup:  (Note Crytoprevent in bold)

 

We need to clean up System Restore.  
 
Copy the following:
 
 
:Commands
[CLEARALLRESTOREPOINTS]
[Reboot]
 
 Run OTL.   In the Custom Scans/Fixes box at the bottom, paste in the copied text (Ctrl + v) and then hit Run Fix.
 
You can uninstall or delete any tools we had you download and their logs. 
 
If we ran Combofix:
To uninstall combofix, copy the next line:
 
"%userprofile%\Desktop\combofix.exe" /Uninstall
 
Start, Run, cmd, OK then right click, Paste, then hit Enter.
 
 
 
OTL has a cleanup tab so if you run it again and select cleanup it will remove itself and its backup files.
 
To hide hidden files again (If you do not run OTL cleanup):
 
XP
 
# Close all programs so that you are at your desktop.
# Double-click on the My Computer icon.
# Select the Tools menu and click Folder Options.
# After the new window appears select the View tab.
# Uncheck the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the 'Hide protected operating system files (recommended)' option. 
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and exit My Computer.
 
Special note on Java.  Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 7 update 45 or better.  These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE.  Get the latest version from Java.com.  They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download.  Just uncheck the garbage before the download (or install) starts.  If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.  If that is the case then you should go in to Control panels, Java, Security and set the slider to the highest level.
 
Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat. 
 
Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program.  There is an exploit out there now that can use it to get on your PC.  For Adobe Reader:  Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript.  OK Close program.  It's the same for Foxit reader except you uncheck Enable Javascript Actions. 
 
To help keep your programs up-to-date you should download and run the UpdateChecker:
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it.    You can right click on the updatechecker icon (looks like a downward green arrowhead) and select Settings and tell it no betas.  If you don't use MSN Messenger I would not upgdate it.  MS installs a bunch of stuff when you do.  You can tell the program to not show you that update.)
If you use Firefox or Chrome then get the AdBlock Plus Add-on.  Adblock Plus is now available for IE too:
adblockplus.org/?
 
If Firefox or Chrome is slow loading make sure it only has the current Java add-on.  Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox .  Click on Optimize.  When it finishes click on Exit.
 
Be warned:  If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum.  If you must use P2P then submit any files you get to http://virustotal.com before you open them.
 
Due to a recent rise in the number of Crytolocker infections I am now recommending you install:
 
CryptoPrevent
 
 
The free version does not update on its own so you should check for updated versions once in a while.
 
 
 
If you have a router, log on to it today and change the default password!  If using a Wireless router you really should be using encryption on the link.  Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business.  See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important.  If you don't know how, visit the router maker's website.  They all have detailed step by step instructions or a wizard you can download.
 
 
XP does not automatically run defrag so it needs to be done manually every couple of months or it will slow down.  http://support.microsoft.com/kb/314848
 
 
XP has been out a long time so most XP computers are starting to get clogged with dust.  This makes them overheat which will also slow them down.  To clean a desktop, shut it down but leave it plugged in.  Remove the lid or open it up and use a vacuum cleaner hose and a small brush to clean the air vents in the front and back and the fins of the heatsink and of the fans - including the fan of the power supply.  You may need to unscrew the four screws that hold the fan to the heatsink and lift the fan off to really clean the heatsink.  Start it up while the lid is off and watch the fan (after screwing it back down again if you removed it).  It should start up right away and be at full speed in no time (it may stop running shortly after starting - this is normal).  A fan that is slow starting or which makes noise is worn out and needs to be replaced.  Cleaning a laptop is unfortunately major surgery for most brands.  Make sure the vents are clear and that it is run on a hard surface.  Never on a bed or your lap as that blocks the air vents.  Propping up the back with a book without blocking the air vents will make it run a bit cooler.  If you think it might be running hot you can get speedfan
 
Download, save and Install it then run it.
 
It will tell you your temps (if the PC is new enough).  If they seem hot (over 50) then check Automatic Fan Speed.
Leave it running and see if the temps drop.  If temps are over 80, the CPU will slow down to protect itself.  Disassembling a laptop to clean it isn't that hard.  There are usually YouTube videos for most brands that show you how to do it if you search for them.  Most times you just need some small screwdrivers and maybe a long nose pliers.  The hardest part is reassembling it and getting all of the screws in the right places so takes notes or lots of pictures.  If you take it apart then you should also pull the heatsink and clean it and replace the old thermal pads with Arctic Silver Thermal compound.  Amazon has a kit of cleaner and compound http://www.amazon.co...n/dp/B001FVI91U which I have used.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: boaxxe, trojan, spyware_password

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP