Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

steam pop-ups ads


  • Please log in to reply

#1
artzi

artzi

    Member

  • Member
  • PipPip
  • 18 posts

Hi guys.I recently had a malware virus that popup ads on my chrome browser.Malwarebytes found it and cleared it (i think) and i dont have any problem on the browser.but in steam when i click on store for example i'll get a pop-up ad in steam browser.malwarebytes,avast and an online scan i did can't find anything.The virus must be from a patch on a lineage2 server cause this started after i installed it but it maybe a conciendence.

 

here are the frst texts

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by Kostas (2016-02-11 10:30:11)
Running from C:\Users\Kostas\Desktop
Windows 10 Home (X64) (2015-12-01 17:10:07)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3276398008-1084424527-4265519014-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3276398008-1084424527-4265519014-1004 - Limited - Enabled)
Guest (S-1-5-21-3276398008-1084424527-4265519014-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3276398008-1084424527-4265519014-1002 - Limited - Enabled)
Kostas (S-1-5-21-3276398008-1084424527-4265519014-1000 - Administrator - Enabled) => C:\Users\Kostas
Προεπιλεγμένος λογαριασμός (S-1-5-21-3276398008-1084424527-4265519014-503 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3276398008-1084424527-4265519014-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Firewatch (HKLM-x32\...\Firewatch_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Kingsoft Office 2013 (9.1.0.4550) (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4550 - Kingsoft Corp.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware έκδοση 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Εικονικός ήχος Miracast 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.06 - NVIDIA Corporation)
NVIDIA Λογισμικό σύστημα PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Πρόγραμμα οδήγησης 3D Vision 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA Πρόγραμμα οδήγησης γραφικών 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA Πρόγραμμα οδήγησης ελεγκτή 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Πρόγραμμα οδήγησης ήχου HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.3.0 - Razer Inc.)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.18 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.28549 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
WinRAR 5.30 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.2 - win.rar GmbH)
XCOM 2 v.1.0.0.30310 (HKLM-x32\...\XCOM 2_is1) (Version:  - )
Ενημερώσεις NVIDIA 2.9.1.22 (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Πίνακας Ελέγχου NVIDIA 361.75 (Version: 361.75 - NVIDIA Corporation) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3276398008-1084424527-4265519014-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Kostas\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {03E553DF-5C3F-4E90-846C-36DB9E16FF5D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {0442DC5C-47A9-47EC-8C69-E54C158B7CCB} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {07483289-6527-42FA-907B-E1C3FAD00DC0} - System32\Tasks\MSIAfterburner => E:\Programs\MSI Afterburner\MSIAfterburner.exe
Task: {0D385B4E-F0EC-482F-8A73-61BE5D55E66F} - \DNSNEWVILLE -> No File <==== ATTENTION
Task: {0E61A40E-B294-48E3-B53D-C54AFEC42C58} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {0F845EC0-EE91-472C-A20E-D35E7CBD434B} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {14CA8F6E-BDF3-4F1A-9484-A49E4663046C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {26DB042F-3F11-4921-BD7F-FA986B777138} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {27DC4E1F-A7CF-41EC-9410-053B15A592F2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {3A120FA1-A475-4B45-ADE2-57583A371627} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {3D5B00DC-709D-460F-BDC9-4168BB2137AB} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {4A972EDE-5D9E-4501-84D6-F3B19481376D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {4F03BCE6-E665-40B1-AE5B-37CCE289B039} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {58C34167-4221-4652-91C7-16322BB8598D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {5BDE5E54-6383-461F-AEC9-964C54F0A933} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {615AB36E-73C2-4F2A-82F2-83514EDC9F58} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6A5F5A6F-A772-43F8-994F-6EDDA7590488} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6CA8CBF4-99F6-44AC-8577-DAE4380A05BC} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {6D4A3887-1F56-4142-8051-66FC96780459} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7879A1D9-8AA7-464D-B10A-FBFCF29BEABC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {79482489-C46E-40E5-9011-E1582D527BD0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {8670FFCA-09CA-4777-9886-26133784AFC2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {86FEFD80-DDD0-4029-AEF1-31B3E1D071B7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {8A2E6935-A154-4EDF-81A6-5CE1DAEC58EA} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {8A35C0C9-A9FA-4E38-A4AE-0E5B60766FE5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {8BB2B76A-7EE3-41F9-A9EC-AF401A3E9D77} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {8C1EF7A8-AF3D-48B2-81A6-E69E8095EEA2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {916D40D1-B301-46F6-BF51-44C733FA0369} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {97C39CE9-FC5A-43D6-B71E-38FEE0C40CC7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {99554927-045E-442C-95FA-986CE8FBC0AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)
Task: {A459FD5A-F58B-4334-844F-A0617DB34F3D} - System32\Tasks\{5DF25E3C-C5D0-42AA-A827-8C0CBE1FD6C0} => pcalua.exe -a C:\Users\Kostas\Desktop\AI_Suite_II_V10220_P8H67-M_PRO_XPVistaWin7\FANXpert\AppSetup\AsusFanCtrlSvc\Setup.exe -d C:\Users\Kostas\Desktop\AI_Suite_II_V10220_P8H67-M_PRO_XPVistaWin7\FANXpert\AppSetup\AsusFanCtrlSvc
Task: {AC9AA06E-72F8-42AF-ACB5-279B41CEC32D} - System32\Tasks\ASUS\ASUS AI Suite II Execute => E:\Programs\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: {AD3C2FB3-3DF9-4E98-BE57-1AF519CE9A46} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B2C08A31-8E81-422B-A138-2DA0622C44CE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {B42F79C1-8F7D-4FA7-AF58-E93DBA043FC7} - System32\Tasks\WpsUpdateTask_Kostas => E:\Programs\Kingsoft Office\wtoolex\wpsupdate.exe [2016-01-04] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {B9315953-8AB1-47E2-84C2-4D43EC7A08E4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {B9BE78C6-01F4-4682-BEEA-6CC302F81682} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {C10C5D0E-BA02-4934-8639-0057DDC51B9A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C36E488D-66FC-4A9A-B5F9-B0D30FD2902C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-11] (Microsoft Corporation)
Task: {CC84B2E3-678C-44A1-9068-C5100B52E3C8} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {D5C94B99-CBCD-4FF7-AF44-EB9F67C61EB0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E0DC8A90-828F-4DCA-A7B8-2DF920491E72} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {E0FB0AA6-C641-4C41-B6CE-40976CBE8D0F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-11] (AVAST Software)
Task: {ECB8300B-F8B2-4A3E-A7D7-F695311BC2E1} - System32\Tasks\WpsNotifyTask_Kostas => E:\Programs\Kingsoft Office\wtoolex\wpsnotify.exe [2014-03-30] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {EDE4935F-562D-422D-9091-7D4128215BEA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {F14A4554-E99F-4F94-B4EF-368A842BD1C8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {FC612F9E-F51E-45F6-AD19-0F61C13A814C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Kostas.job => E:\Programs\Kingsoft Office\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Kostas.job => E:\Programs\Kingsoft Office\wtoolex\wpsupdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-01 18:59 - 2016-01-23 03:01 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-21 18:55 - 2016-01-12 06:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-12-04 12:45 - 2015-11-22 12:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-04 12:45 - 2015-11-22 12:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 08:58 - 2016-01-22 09:05 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-17 22:46 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-17 22:46 - 2015-12-07 06:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-12 22:34 - 2016-01-05 03:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 22:34 - 2016-01-05 03:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 09:31 - 2016-01-16 07:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 09:32 - 2016-01-16 07:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-11 00:21 - 2016-02-11 00:21 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-02-11 00:21 - 2016-02-11 00:21 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-02-11 04:33 - 2016-02-11 04:33 - 02820096 _____ () C:\Program Files\AVAST Software\Avast\defs\16021003\algo.dll
2016-02-11 00:21 - 2016-02-11 00:21 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-01-22 08:58 - 2016-01-22 09:05 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 08:58 - 2016-01-22 09:05 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-11-02 11:28 - 2016-01-12 06:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-02-11 09:49 - 2016-02-11 09:49 - 00619840 _____ () C:\Users\Kostas\AppData\Local\Temp\0Kraken71ChromaDevProps.dll
2016-02-11 00:38 - 2016-02-09 13:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll
2016-02-11 00:38 - 2016-02-09 13:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll
2015-08-05 20:27 - 2015-12-15 07:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-08-05 20:27 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-08-05 20:27 - 2016-02-04 23:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll
2015-08-05 20:27 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-08-05 20:27 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-08-05 20:27 - 2015-09-24 02:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-08-05 20:27 - 2015-09-24 02:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-08-05 20:27 - 2015-09-24 02:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-08-05 20:27 - 2015-09-24 02:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-08-05 20:27 - 2015-09-24 02:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-08-05 20:27 - 2016-02-04 23:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-08-05 20:27 - 2015-12-30 03:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2016-01-06 03:11 - 2016-01-06 03:11 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-02-11 00:21 - 2016-02-11 00:21 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-08-05 20:27 - 2016-01-06 03:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-08-05 20:27 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3276398008-1084424527-4265519014-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kostas\AppData\Local\Microsoft\Windows\Themes\Aero Lite (2)\DesktopBackground\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: asHmComSvc => 2
MSCONFIG\Services: AsSysCtrlService => 2
MSCONFIG\Services: AsusFanControlService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: Razer Game Scanner Service => 2
MSCONFIG\Services: SandraAgentSrv => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\startupfolder: C:^Users^Kostas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: NCUpdateHelper => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe
MSCONFIG\startupreg: Spotify => "C:\Users\Kostas\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Kostas\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: Unified Remote v2 => E:\SIMS4\The Sims 4\Driver\RemoteServer.exe
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "RaidCall"
HKU\S-1-5-21-3276398008-1084424527-4265519014-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3276398008-1084424527-4265519014-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3276398008-1084424527-4265519014-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3276398008-1084424527-4265519014-1000\...\StartupApproved\Run: => "Spotify Web Helper"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{E3BBD8EE-BB91-44B1-A8CB-D6B2094D61DA}] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{16A63B4A-67C3-46EB-8A4F-4B0C6F49B78B}] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{84D018CE-CA14-4382-9497-C302FA78D195}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{17899416-F21C-4966-9CA7-7795540E078A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{11632B96-1964-4B4D-A12C-5A960AF71B24}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{2212AB21-845D-4F5A-BF99-B80AC78E4D6B}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{CFE54DDC-77EF-4965-BD7C-56FE5695F318}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4054BFAB-9C56-451B-B4C8-2722F60C18C6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A15D3DEE-A964-4756-B244-EFF998909FFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{53DEE1E2-8BE1-4B54-8E25-A51C6CB073A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A3269D8A-C818-45A9-AF48-6A6745CCC63A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1410C5C9-ACD5-42F7-90D4-B7661FD5622C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{098144EB-647D-47D9-B5FA-115F3C573C79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [UDP Query User{7BE04BA5-F078-423F-8E69-640BA667260E}E:\programs\hearthstone\hearthstone.exe] => (Allow) E:\programs\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{0D100C05-B78B-466C-9605-FF28D62DBBD7}E:\programs\hearthstone\hearthstone.exe] => (Allow) E:\programs\hearthstone\hearthstone.exe
FirewallRules: [{94AC08E2-79AF-4BF2-B88D-F0C850B378DE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B596DE03-F046-4A60-BEFB-27A2CAAADBB2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B4F82F18-A67B-48FB-AACF-331E95DD64DC}] => (Allow) C:\Users\Kostas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B779F4F1-C19A-4ACC-8BB0-D44795424218}] => (Allow) C:\Users\Kostas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EF5CFEE5-51C3-40C4-8A93-23E991A11C2D}] => (Allow) C:\Users\Kostas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EA75F6D8-2DE0-432D-A896-9C78A2B7291D}] => (Allow) C:\Users\Kostas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{659C1AC5-0FFA-48AA-B2BC-0BDB2B1D092F}] => (Allow) C:\Users\Kostas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{44D0D681-5774-487E-9B93-727D9CCD5263}] => (Allow) C:\Users\Kostas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C06312C5-E6F7-442D-BD66-02A8A2795BF3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D1E93778-F650-48DF-B631-DD80FE279EA4}] => (Allow) LPort=48777
FirewallRules: [{C209F9E3-4457-458A-B6FD-466B44EE8312}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BF6294F7-5A22-449D-A2B1-8192F23F094E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{247A8BAD-0E66-4470-AF46-E9071181DFD3}] => (Allow) E:\Programs\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{70F2E4C2-C17F-4622-BB9D-F4FFC3E7542F}] => (Allow) E:\Programs\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{5F2433AA-1367-40B2-BCB8-43AED7215979}] => (Allow) E:\Programs\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{680C1A52-025E-4E31-9ACC-58098F76B121}] => (Allow) E:\Programs\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [TCP Query User{24FB45B4-7C86-4A91-BB2B-48210897DBF6}E:\programs\steam\steamapps\common\war thunder\aces.exe] => (Allow) E:\programs\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{B9FA245A-4633-4E47-BE6D-34AB4AB835DE}E:\programs\steam\steamapps\common\war thunder\aces.exe] => (Allow) E:\programs\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{048AFCB7-F306-472E-A98B-3909CEF35590}] => (Allow) E:\Programs\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{7F449D16-68BC-4911-B600-D491E726E14B}] => (Allow) E:\Programs\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{200CC580-6830-4A67-B49E-395B322D8D20}] => (Allow) E:\Programs\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{549CACB6-F98C-4411-A544-4C21CA7A24A7}] => (Allow) E:\Programs\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{A408553F-672C-4CC1-ACA3-D1DC30185799}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{8EAD3289-AE1F-421C-9181-3BB60560F06E}E:\games\firewatch\firewatch.exe] => (Allow) E:\games\firewatch\firewatch.exe
FirewallRules: [UDP Query User{D37E367F-0532-4930-AC90-AFDFD72016FE}E:\games\firewatch\firewatch.exe] => (Allow) E:\games\firewatch\firewatch.exe
 
==================== Restore Points =========================
 
06-02-2016 20:51:18 Removed Lineage II
09-02-2016 21:56:29 Installed Lineage II
10-02-2016 23:58:46 Removed Lineage II
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/11/2016 09:49:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KOSTAS-PC)
Description: Η ενεργοποίηση της εφαρμογής Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp απέτυχε με σφάλμα: -2144927148. Ανατρέξτε στο αρχείο καταγραφής Microsoft-Windows-TWinUI/Operational για πρόσθετες πληροφορίες.
 
Error: (02/11/2016 08:44:51 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
 
System errors:
=============
Error: (02/11/2016 09:49:35 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Η υπηρεσία NetTcpActivator εξαρτάται από την υπηρεσία NetTcpPortSharing της οποίας η εκκίνηση απέτυχε εξαιτίας του ακόλουθου σφάλματος: 
%%1058
 
Error: (02/11/2016 09:48:43 AM) (Source: DCOM) (EventID: 10010) (User: KOSTAS-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 
Error: (02/11/2016 09:48:43 AM) (Source: DCOM) (EventID: 10010) (User: KOSTAS-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 
Error: (02/11/2016 09:48:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Η υπηρεσία Πρόσβαση δεδομένων χρήστη_33377 τερματίστηκε απροσδόκητα.  Αυτό έχει συμβεί 1 φορές.  Θα εκτελεστεί η ακόλουθη διορθωτική κίνηση σε 10000 χιλιοστά του δευτερολέπτου: Επανεκκίνηση της υπηρεσίας.
 
Error: (02/11/2016 09:48:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Η υπηρεσία Αποθήκευση δεδομένων χρήστη_33377 τερματίστηκε απροσδόκητα.  Αυτό έχει συμβεί 1 φορές.  Θα εκτελεστεί η ακόλουθη διορθωτική κίνηση σε 10000 χιλιοστά του δευτερολέπτου: Επανεκκίνηση της υπηρεσίας.
 
Error: (02/11/2016 09:48:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Η υπηρεσία Δεδομένα επαφών_33377 τερματίστηκε απροσδόκητα.  Αυτό έχει συμβεί 1 φορές.  Θα εκτελεστεί η ακόλουθη διορθωτική κίνηση σε 10000 χιλιοστά του δευτερολέπτου: Επανεκκίνηση της υπηρεσίας.
 
Error: (02/11/2016 09:48:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Η υπηρεσία Κεντρικός υπολογιστής συγχρονισμού_33377 τερματίστηκε απροσδόκητα.  Αυτό έχει συμβεί 1 φορές.  Θα εκτελεστεί η ακόλουθη διορθωτική κίνηση σε 10000 χιλιοστά του δευτερολέπτου: Επανεκκίνηση της υπηρεσίας.
 
Error: (02/11/2016 02:44:04 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: KOSTAS-PC)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-3276398008-1084424527-4265519014-1000-0-ntuser.dat
 
Error: (02/11/2016 02:43:51 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: KOSTAS-PC)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-3276398008-1084424527-4265519014-1000-0-ntuser.dat
 
Error: (02/11/2016 02:32:34 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: KOSTAS-PC)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-3276398008-1084424527-4265519014-1000-0-ntuser.dat
 
 
CodeIntegrity:
===================================
  Date: 2016-02-11 00:09:17.809
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-29 08:53:41.115
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-14 10:08:27.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-07 17:52:57.144
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-31 09:53:29.139
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-18 18:46:05.567
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-10 09:56:38.270
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-09 16:33:53.478
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-09 09:12:50.573
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-07 09:17:29.858
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2500 CPU @ 3.30GHz
Percentage of memory in use: 33%
Total physical RAM: 8173.23 MB
Available physical RAM: 5454.01 MB
Total Virtual: 16365.23 MB
Available Virtual: 13219.98 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:223.03 GB) (Free:160.57 GB) NTFS
Drive e: (Νέος τόμος) (Fixed) (Total:465.76 GB) (Free:311.2 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D9447762)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 0437BAE5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
 
==================== End of Addition.txt ============================
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by Kostas (administrator) on KOSTAS-PC (11-02-2016 10:29:47)
Running from C:\Users\Kostas\Desktop
Loaded Profiles: Kostas (Available Profiles: Kostas & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: Ελληνικά (Ελλάδας)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTeK Computer Inc.) E:\Programs\AI Suite II\AsRoutineController.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(BitTorrent Inc.) C:\Users\Kostas\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(BitTorrent Inc.) C:\Users\Kostas\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe
(BitTorrent Inc.) C:\Users\Kostas\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8712960 2015-11-03] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [594240 2016-01-13] (Razer Inc.)
HKLM-x32\...\Run: [Kraken71ChromaHelper] => C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe [1600320 2015-08-13] (Razer Inc)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-11] (AVAST Software)
HKU\S-1-5-21-3276398008-1084424527-4265519014-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-3276398008-1084424527-4265519014-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-3276398008-1084424527-4265519014-1000\...\Run: [uTorrent] => C:\Users\Kostas\AppData\Roaming\uTorrent\uTorrent.exe [1822048 2015-10-08] (BitTorrent Inc.)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-11] (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c59d694c-1f81-4e2f-8080-cc68cffc221d}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-11] (AVAST Software)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-11] (AVAST Software)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-21] (Oracle Corporation)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1451839970767
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-08-05] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-08-05] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-21] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-11]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.gr/"
CHR Profile: C:\Users\Kostas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Διαφάνειες Google) - C:\Users\Kostas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Έγγραφα Google) - C:\Users\Kostas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive ) - C:\Users\Kostas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Kostas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Kostas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-05]
CHR Extension: (Image Downloader) - C:\Users\Kostas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2015-12-06]
CHR Extension: (Αναζήτηση Google) - C:\Users\Kostas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Υπολογιστικά φύλλα Google) - C:\Users\Kostas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Mail Notifier for Yahoo Mail) - C:\Users\Kostas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnhmippbeflealeehddeghoiaopopkaa [2015-11-19]
CHR Extension: (Έγγραφα Google εκτός σύνδεσης) - C:\Users\Kostas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (Πληρωμές στο Chrome Web Store) - C:\Users\Kostas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-23]
CHR Extension: (Gmail) - C:\Users\Kostas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-11]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-04] ()
S4 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.17\aaHMSvc.exe [947328 2011-12-09] (ASUSTeK Computer Inc.)
S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
S4 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.17\AsusFanControlService.exe [1464752 2011-12-09] (ASUSTeK Computer Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-11] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
S4 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [File not signed]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [57856 2016-01-11] (Razer Inc.) [File not signed]
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-05] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4254720 2015-07-29] (A-Volute) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-25] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-02-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-02-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-11] (AVAST Software)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-06-02] (REALiX™)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-11] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [889584 2015-11-03] (Realtek                                            )
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-09-23] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [130880 2015-12-15] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\system32\drivers\RzSurroundVAD.sys [40640 2015-07-29] (Windows ® Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-02-11 10:29 - 2016-02-11 10:29 - 02370560 _____ (Farbar) C:\Users\Kostas\Desktop\FRST64.exe
2016-02-11 10:29 - 2016-02-11 10:29 - 00016427 _____ C:\Users\Kostas\Desktop\FRST.txt
2016-02-11 10:29 - 2016-02-11 10:29 - 00000000 ____D C:\FRST
2016-02-11 09:51 - 2016-02-11 09:51 - 00000000 ____D C:\Users\Kostas\AppData\Local\ActiveSync
2016-02-11 09:50 - 2016-02-11 09:50 - 00000000 ____D C:\Users\Kostas\AppData\Local\CEF
2016-02-11 09:49 - 2016-02-11 09:49 - 00211208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-11 09:49 - 2016-02-11 09:49 - 00000000 ____D C:\Users\Kostas\AppData\LocalLow\uTorrent
2016-02-11 09:49 - 2016-02-11 09:49 - 00000000 ____D C:\Users\Kostas\AppData\Local\VirtualStore
2016-02-11 09:42 - 2016-02-11 09:48 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-02-11 09:42 - 2016-02-11 09:42 - 00000959 _____ C:\Users\Kostas\Desktop\XCOM 2.lnk
2016-02-11 09:09 - 2016-02-11 09:09 - 00000697 _____ C:\Users\Kostas\Desktop\Firewatch.lnk
2016-02-11 09:09 - 2016-02-11 09:09 - 00000000 ____D C:\Users\Kostas\AppData\Roaming\Steam
2016-02-11 09:09 - 2016-02-11 09:09 - 00000000 ____D C:\Users\Kostas\AppData\LocalLow\CampoSanto
2016-02-11 09:03 - 2016-02-11 09:04 - 00000000 ____D C:\Users\Kostas\AppData\Roaming\Battle.net
2016-02-11 02:21 - 2016-02-11 02:21 - 00000000 ____D C:\Users\Kostas\AppData\Roaming\Macromedia
2016-02-11 01:21 - 2016-02-11 01:21 - 00000000 ____D C:\Users\Kostas\AppData\Roaming\kingsoft
2016-02-11 00:47 - 2016-02-11 00:47 - 00000000 ____D C:\Users\Kostas\AppData\Roaming\Adobe
2016-02-11 00:23 - 2016-02-11 00:21 - 00398152 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-02-11 00:22 - 2016-02-11 00:22 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-02-11 00:22 - 2016-02-11 00:22 - 00000000 ____D C:\Users\Kostas\AppData\Roaming\AVAST Software
2016-02-11 00:21 - 2016-02-11 00:23 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-02-11 00:21 - 2016-02-11 00:21 - 01065720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-02-11 00:21 - 2016-02-11 00:21 - 00463744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-02-11 00:21 - 2016-02-11 00:21 - 00287016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-02-11 00:21 - 2016-02-11 00:21 - 00165344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-02-11 00:21 - 2016-02-11 00:21 - 00107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-02-11 00:21 - 2016-02-11 00:21 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-02-11 00:21 - 2016-02-11 00:21 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-02-11 00:21 - 2016-02-11 00:21 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-02-11 00:21 - 2016-02-11 00:21 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-02-11 00:20 - 2016-02-11 00:20 - 00000000 ____D C:\Program Files\AVAST Software
2016-02-10 11:15 - 2016-01-29 08:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-10 11:15 - 2016-01-29 08:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-10 11:15 - 2016-01-27 08:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-10 11:15 - 2016-01-27 08:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-10 11:15 - 2016-01-27 08:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 11:15 - 2016-01-27 08:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-10 11:15 - 2016-01-27 08:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-10 11:15 - 2016-01-27 07:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-10 11:15 - 2016-01-27 07:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-10 11:15 - 2016-01-27 07:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 11:15 - 2016-01-27 07:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 11:15 - 2016-01-27 07:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-10 11:15 - 2016-01-27 07:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-10 11:15 - 2016-01-27 07:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-10 11:15 - 2016-01-27 07:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-10 11:15 - 2016-01-27 07:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 11:15 - 2016-01-27 07:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 11:15 - 2016-01-27 07:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-10 11:15 - 2016-01-27 07:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-10 11:15 - 2016-01-27 07:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 11:15 - 2016-01-27 07:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-10 11:15 - 2016-01-27 07:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-10 11:15 - 2016-01-27 07:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-10 11:15 - 2016-01-27 07:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-10 11:15 - 2016-01-27 07:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 11:15 - 2016-01-27 07:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-10 11:15 - 2016-01-27 07:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-10 11:15 - 2016-01-27 07:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-10 11:15 - 2016-01-27 07:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 11:15 - 2016-01-27 07:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-10 11:15 - 2016-01-27 07:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 11:15 - 2016-01-27 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 11:15 - 2016-01-27 07:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 11:15 - 2016-01-27 07:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-10 11:15 - 2016-01-27 07:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-10 11:15 - 2016-01-27 07:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-10 11:15 - 2016-01-27 07:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-10 11:15 - 2016-01-27 07:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-10 11:15 - 2016-01-27 07:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-10 11:15 - 2016-01-27 07:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 11:15 - 2016-01-27 07:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-10 11:15 - 2016-01-27 07:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 11:15 - 2016-01-27 07:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 11:15 - 2016-01-27 06:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-10 11:15 - 2016-01-27 06:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-10 11:15 - 2016-01-27 06:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-10 11:15 - 2016-01-27 06:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-10 11:15 - 2016-01-27 06:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-10 11:15 - 2016-01-27 06:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-10 11:15 - 2016-01-27 06:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 11:15 - 2016-01-27 06:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-10 11:15 - 2016-01-27 06:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-10 11:15 - 2016-01-27 06:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 11:15 - 2016-01-27 06:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-10 11:15 - 2016-01-27 06:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-10 11:15 - 2016-01-27 06:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 11:15 - 2016-01-27 06:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 11:15 - 2016-01-27 06:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-10 11:15 - 2016-01-27 06:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-10 11:15 - 2016-01-27 06:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-10 11:15 - 2016-01-27 06:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-10 11:15 - 2016-01-27 06:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-10 11:15 - 2016-01-27 06:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-10 11:15 - 2016-01-27 06:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-10 11:15 - 2016-01-27 06:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-07 09:53 - 2016-02-07 09:53 - 00000028 _RSHO C:\Users\Kostas\AppData\Roaming\c54da0d4db72e7476d261013371d583ed5cee3ac.sys
2016-02-07 09:53 - 2016-02-07 09:53 - 00000028 _RSHO C:\Users\Kostas\AppData\Roaming\be046e943fe726861c04b0318e13b2f274b1ec06.sys
2016-02-05 17:30 - 2016-02-05 17:30 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-05 17:30 - 2016-02-05 17:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-05 17:30 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-05 17:30 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-02-05 17:30 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-02-05 15:58 - 2016-02-05 15:58 - 00000000 _____ C:\WINDOWS\system32\dir
2016-02-05 15:41 - 2016-02-05 15:41 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-02-04 11:38 - 2016-02-04 15:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCsoft
2016-02-03 21:45 - 2016-02-03 21:45 - 00000000 ____D C:\Users\Kostas\Documents\My Cheat Tables
2016-02-03 10:18 - 2016-02-05 17:40 - 00000000 ____D C:\ProgramData\khogai
2016-02-02 13:15 - 2016-02-02 13:20 - 00000026 _____ C:\WINDOWS\propresser.bat
2016-02-02 13:12 - 2016-02-02 13:13 - 00000021 _____ C:\Users\Kostas\AppData\Local\Autosofted License.txt
2016-02-02 13:08 - 2016-02-02 13:08 - 00000000 ____D C:\Users\Kostas\Documents\AutomaticSolution Software
2016-01-28 19:42 - 2016-01-28 19:42 - 00000000 ____D C:\Users\Kostas\Documents\League of Legends
2016-01-28 09:32 - 2016-01-16 08:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 09:32 - 2016-01-16 08:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 09:32 - 2016-01-16 07:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 09:32 - 2016-01-16 07:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-28 09:32 - 2016-01-16 07:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-28 09:32 - 2016-01-16 07:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-28 09:32 - 2016-01-16 07:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-28 09:31 - 2016-01-16 08:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-28 09:31 - 2016-01-16 08:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-28 09:31 - 2016-01-16 08:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-28 09:31 - 2016-01-16 08:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-28 09:31 - 2016-01-16 08:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 09:31 - 2016-01-16 08:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-28 09:31 - 2016-01-16 08:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-28 09:31 - 2016-01-16 08:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-28 09:31 - 2016-01-16 08:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 09:31 - 2016-01-16 08:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-28 09:31 - 2016-01-16 08:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-28 09:31 - 2016-01-16 08:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-28 09:31 - 2016-01-16 08:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-28 09:31 - 2016-01-16 08:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-28 09:31 - 2016-01-16 08:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-28 09:31 - 2016-01-16 08:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-28 09:31 - 2016-01-16 08:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-28 09:31 - 2016-01-16 08:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-28 09:31 - 2016-01-16 08:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-28 09:31 - 2016-01-16 08:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-28 09:31 - 2016-01-16 07:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-28 09:31 - 2016-01-16 07:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-28 09:31 - 2016-01-16 07:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-28 09:31 - 2016-01-16 07:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-28 09:31 - 2016-01-16 07:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 09:31 - 2016-01-16 07:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 09:31 - 2016-01-16 07:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-28 09:31 - 2016-01-16 07:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 09:31 - 2016-01-16 07:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-28 09:31 - 2016-01-16 07:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-28 09:31 - 2016-01-16 07:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-28 09:31 - 2016-01-16 07:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-28 09:31 - 2016-01-16 07:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 09:31 - 2016-01-16 07:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-28 09:31 - 2016-01-16 07:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-28 09:31 - 2016-01-16 07:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-28 09:31 - 2016-01-16 07:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 09:31 - 2016-01-16 07:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-28 09:31 - 2016-01-16 07:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 09:31 - 2016-01-16 07:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 09:31 - 2016-01-16 07:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-28 09:31 - 2016-01-16 07:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 09:31 - 2016-01-16 07:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-28 09:31 - 2016-01-16 07:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-28 09:31 - 2016-01-16 07:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 09:31 - 2016-01-16 07:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-28 09:31 - 2016-01-16 07:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-28 09:31 - 2016-01-16 07:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 09:31 - 2016-01-16 07:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-28 09:31 - 2016-01-16 07:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 09:31 - 2016-01-16 07:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-28 09:31 - 2016-01-16 07:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-28 09:31 - 2016-01-16 07:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 09:31 - 2016-01-16 07:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-28 09:31 - 2016-01-16 07:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 09:31 - 2016-01-16 07:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-28 09:31 - 2016-01-16 07:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-28 09:31 - 2016-01-16 07:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-28 09:31 - 2016-01-16 07:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 09:31 - 2016-01-16 07:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 09:31 - 2016-01-16 07:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-28 09:31 - 2016-01-16 07:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-28 09:31 - 2016-01-16 07:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-28 09:31 - 2016-01-16 07:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-28 09:31 - 2016-01-16 07:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-28 09:31 - 2016-01-16 07:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-28 09:31 - 2016-01-16 07:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 09:31 - 2016-01-16 07:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-28 09:31 - 2016-01-16 07:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-28 09:31 - 2016-01-16 07:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 09:31 - 2016-01-16 07:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-28 09:31 - 2016-01-16 07:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-28 09:31 - 2016-01-16 07:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-28 09:31 - 2016-01-16 07:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-28 09:31 - 2016-01-16 07:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 09:31 - 2016-01-16 07:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-28 09:31 - 2016-01-16 07:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 09:31 - 2016-01-16 07:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-28 09:31 - 2016-01-16 07:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 09:31 - 2016-01-16 07:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-28 09:31 - 2016-01-16 07:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 09:31 - 2016-01-16 07:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-28 09:31 - 2016-01-16 07:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-28 09:31 - 2016-01-16 07:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-28 09:31 - 2016-01-16 07:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-28 09:31 - 2016-01-16 07:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-28 09:31 - 2016-01-16 07:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-28 09:31 - 2016-01-16 07:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 09:31 - 2016-01-16 07:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-28 09:31 - 2016-01-16 07:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-28 09:31 - 2016-01-16 07:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-28 09:31 - 2016-01-16 07:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-28 09:31 - 2016-01-16 07:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-28 09:31 - 2016-01-16 07:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 09:31 - 2016-01-16 07:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-28 09:31 - 2016-01-16 07:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-28 09:31 - 2016-01-16 07:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-28 09:31 - 2016-01-16 07:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-28 09:31 - 2016-01-16 07:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-28 09:31 - 2016-01-16 07:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-28 09:31 - 2016-01-16 07:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-27 22:57 - 2016-01-23 02:47 - 00110016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-01-27 22:55 - 2016-01-23 05:31 - 42983992 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 37615040 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 31115712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 24941112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 21202488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 20741880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 17632544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 17224664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 17116616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 02543160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 02187712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436175.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436175.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00948672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00882232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00786872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00784640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00745408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00689600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00630592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00601752 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00541184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00445912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00423360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00385080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00378784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00377792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00316960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-01-27 22:55 - 2016-01-23 05:31 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-01-27 22:51 - 2015-12-18 08:10 - 00099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-01-27 22:51 - 2015-12-18 08:10 - 00090768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-01-21 19:51 - 2016-01-21 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-01-19 19:32 - 2016-01-19 19:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-19 19:32 - 2016-01-19 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-16 12:01 - 2016-01-16 12:01 - 00000000 ____D C:\Users\Kostas\Documents\WB Games
2016-01-14 19:23 - 2016-01-21 19:43 - 00000000 ____D C:\Users\Kostas\AppData\Local\PAYDAY 2
2016-01-14 16:48 - 2016-01-14 16:48 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-01-14 16:48 - 2016-01-14 16:48 - 00000000 _SHDL C:\Users\DefaultAppPool\Τα έγγραφά μου
2016-01-14 16:48 - 2016-01-14 16:48 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Τα βίντεό μου
2016-01-14 16:48 - 2016-01-14 16:48 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Οι εικόνες μου
2016-01-14 16:48 - 2016-01-14 16:48 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Η μουσική μου
2016-01-14 16:48 - 2016-01-14 16:48 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Προγράμματα
2016-01-14 16:48 - 2016-01-14 16:48 - 00000000 ____D C:\Users\DefaultAppPool
2016-01-14 16:48 - 2015-12-01 19:05 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2016-01-14 16:48 - 2015-12-01 19:05 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2016-01-14 16:39 - 2016-01-14 16:39 - 00000000 _____ C:\Users\Kostas\Desktop\2103544035.txt
2016-01-12 22:34 - 2016-01-05 04:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-12 22:34 - 2016-01-05 04:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-12 22:34 - 2016-01-05 04:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 22:34 - 2016-01-05 04:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-12 22:34 - 2016-01-05 04:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-12 22:34 - 2016-01-05 04:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-12 22:34 - 2016-01-05 04:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 22:34 - 2016-01-05 04:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 22:34 - 2016-01-05 04:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 22:34 - 2016-01-05 04:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 22:34 - 2016-01-05 04:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-12 22:34 - 2016-01-05 04:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-12 22:34 - 2016-01-05 04:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 22:34 - 2016-01-05 04:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 22:34 - 2016-01-05 04:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 22:34 - 2016-01-05 04:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-12 22:34 - 2016-01-05 04:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 22:34 - 2016-01-05 04:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-12 22:34 - 2016-01-05 04:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 22:34 - 2016-01-05 04:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-12 22:34 - 2016-01-05 04:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 22:34 - 2016-01-05 04:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-12 22:34 - 2016-01-05 04:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 22:34 - 2016-01-05 04:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 22:34 - 2016-01-05 04:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 22:34 - 2016-01-05 04:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 22:34 - 2016-01-05 04:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 22:34 - 2016-01-05 03:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-12 22:34 - 2016-01-05 03:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-12 22:34 - 2016-01-05 03:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-12 22:34 - 2016-01-05 03:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-12 22:34 - 2016-01-05 03:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-12 22:34 - 2016-01-05 03:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 22:34 - 2016-01-05 03:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-12 22:34 - 2016-01-05 03:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-12 22:34 - 2016-01-05 03:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-12 22:34 - 2016-01-05 03:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-12 22:34 - 2016-01-05 03:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-12 22:34 - 2016-01-05 03:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 22:34 - 2016-01-05 03:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-12 22:34 - 2016-01-05 03:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-12 22:34 - 2016-01-05 03:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 22:34 - 2016-01-05 03:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 22:34 - 2016-01-05 03:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-12 22:34 - 2016-01-05 03:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-12 22:34 - 2016-01-05 03:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 22:34 - 2016-01-05 03:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 22:34 - 2016-01-05 03:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 22:34 - 2016-01-05 03:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-12 22:34 - 2016-01-05 03:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-12 22:34 - 2016-01-05 03:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-12 22:34 - 2016-01-05 03:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-12 22:34 - 2016-01-05 03:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-12 22:34 - 2016-01-05 03:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-12 22:34 - 2016-01-05 03:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 22:34 - 2016-01-05 03:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-12 22:34 - 2016-01-05 03:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 22:34 - 2016-01-05 03:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-12 22:34 - 2016-01-05 03:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-12 22:34 - 2016-01-05 03:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 22:34 - 2016-01-05 03:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-12 22:34 - 2016-01-05 03:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 22:34 - 2016-01-05 03:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 22:34 - 2016-01-05 03:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 22:34 - 2016-01-05 03:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-12 22:34 - 2016-01-05 03:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-02-11 10:30 - 2014-11-14 07:59 - 00000000 ____D C:\Users\Kostas\AppData\Roaming\uTorrent
2016-02-11 10:29 - 2015-10-10 09:12 - 00000000 _____ C:\WINDOWS\system32\RzSurroundVADAudioDeviceManager_log.txt
2016-02-11 10:29 - 2015-08-05 20:03 - 00001212 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-11 10:23 - 2014-12-06 21:32 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-11 10:21 - 2015-09-03 15:49 - 00000356 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Kostas.job
2016-02-11 10:21 - 2015-09-03 15:49 - 00000356 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Kostas.job
2016-02-11 09:55 - 2015-12-01 19:00 - 01830932 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-11 09:55 - 2015-10-30 20:30 - 00678022 _____ C:\WINDOWS\system32\perfh008.dat
2016-02-11 09:55 - 2015-10-30 20:30 - 00140416 _____ C:\WINDOWS\system32\perfc008.dat
2016-02-11 09:55 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-11 09:49 - 2015-12-01 19:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-11 09:49 - 2015-12-01 18:59 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-11 09:49 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-02-11 09:49 - 2015-08-05 20:11 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-11 09:49 - 2015-08-05 20:03 - 00001208 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-11 09:49 - 2014-11-15 09:05 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-11 09:48 - 2015-12-01 19:03 - 00000000 ____D C:\Users\Kostas
2016-02-11 09:05 - 2015-03-23 20:45 - 00000000 ____D C:\Users\Kostas\AppData\Local\Battle.net
2016-02-11 08:45 - 2014-11-10 23:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-11 08:43 - 2014-11-10 23:26 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-11 06:49 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-11 06:49 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-11 04:12 - 2015-08-05 19:56 - 00004192 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3AB6E5A9-1162-4200-B4BC-3867671687EB}
2016-02-11 03:09 - 2015-10-08 12:52 - 00335401 _____ C:\Users\Kostas\AppData\Local\census.cache
2016-02-11 03:08 - 2015-10-08 12:52 - 00000000 _____ C:\Users\Kostas\AppData\Local\ars.cache
2016-02-11 00:38 - 2015-08-05 20:04 - 00002278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-11 00:20 - 2014-11-10 23:27 - 00000000 ____D C:\ProgramData\AVAST Software
2016-02-11 00:09 - 2015-08-05 16:46 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-11 00:07 - 2015-10-30 20:33 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 23:59 - 2014-11-10 23:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-02-10 15:52 - 2015-12-13 16:02 - 00000657 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2016-02-10 13:12 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-10 09:03 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\TAPI
2016-02-07 09:54 - 2014-11-18 21:51 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-03 21:01 - 2015-10-30 09:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 21:01 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-03 01:24 - 2015-08-05 20:03 - 00004270 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-03 01:24 - 2015-08-05 20:03 - 00004038 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-01 22:08 - 2015-10-10 12:29 - 00000000 ____D C:\Users\Kostas\AppData\Local\Spotify
2016-01-30 18:35 - 2014-11-10 23:39 - 00000000 ____D C:\ProgramData\Skype
2016-01-29 10:38 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-01-29 00:07 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-29 00:07 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-29 00:07 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-29 00:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-29 00:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-29 00:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-29 00:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-27 22:57 - 2015-12-01 18:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-01-27 22:57 - 2015-11-02 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-01-27 22:56 - 2015-12-01 18:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-01-27 22:52 - 2015-11-02 11:33 - 00000000 ____D C:\Users\Kostas\AppData\Local\NVIDIA
2016-01-25 19:34 - 2015-11-10 10:54 - 12474312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-01-23 05:31 - 2015-12-02 16:06 - 17174032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-01-23 05:31 - 2015-11-10 10:54 - 19778944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-01-23 05:31 - 2015-11-10 10:54 - 14114944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-01-23 05:31 - 2015-11-10 10:54 - 03648552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-01-23 05:31 - 2015-11-10 10:54 - 03230824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-01-23 05:31 - 2015-11-10 10:54 - 00035832 _____ C:\WINDOWS\system32\nvinfo.pb
2016-01-23 03:01 - 2015-12-21 18:58 - 00530368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-01-23 03:01 - 2015-12-21 18:58 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-01-23 03:01 - 2015-12-01 18:59 - 06366656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-01-23 03:01 - 2015-12-01 18:59 - 02992064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-01-23 03:01 - 2015-12-01 18:59 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-01-23 03:01 - 2015-12-01 18:59 - 01263040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-01-23 03:01 - 2015-12-01 18:59 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-01-23 03:01 - 2015-12-01 18:59 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-01-22 04:06 - 2015-12-01 18:59 - 06125650 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-01-19 19:32 - 2014-11-10 23:39 - 00000000 ____D C:\Users\Kostas\AppData\Local\Skype
2016-01-15 15:17 - 2015-10-08 11:48 - 00002702 _____ C:\Users\Kostas\Desktop\µTorrent.lnk
2016-01-14 16:26 - 2015-07-19 08:31 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 16:26 - 2015-07-19 08:31 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-13 17:54 - 2015-11-18 11:12 - 00000000 ____D C:\Users\Kostas\Documents\My Games
2016-01-12 06:41 - 2015-11-02 11:29 - 01542600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-01-12 06:41 - 2015-11-02 11:29 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-01-12 06:40 - 2015-12-02 16:01 - 00112032 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-01-12 06:40 - 2015-11-02 11:29 - 01860120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-01-12 06:40 - 2015-11-02 11:29 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
 
==================== Files in the root of some directories =======
 
2016-02-07 09:53 - 2016-02-07 09:53 - 0000028 _RSHO () C:\Users\Kostas\AppData\Roaming\be046e943fe726861c04b0318e13b2f274b1ec06.sys
2016-02-07 09:53 - 2016-02-07 09:53 - 0000028 _RSHO () C:\Users\Kostas\AppData\Roaming\c54da0d4db72e7476d261013371d583ed5cee3ac.sys
2015-10-08 12:52 - 2016-02-11 03:08 - 0000000 _____ () C:\Users\Kostas\AppData\Local\ars.cache
2016-02-02 13:12 - 2016-02-02 13:13 - 0000021 _____ () C:\Users\Kostas\AppData\Local\Autosofted License.txt
2015-10-08 12:52 - 2016-02-11 03:09 - 0335401 _____ () C:\Users\Kostas\AppData\Local\census.cache
2015-10-08 12:43 - 2015-10-08 12:43 - 0000036 _____ () C:\Users\Kostas\AppData\Local\housecall.guid.cache
2015-01-07 10:43 - 2015-06-02 23:31 - 0007602 _____ () C:\Users\Kostas\AppData\Local\Resmon.ResmonCfg
2015-12-01 19:00 - 2015-12-01 19:00 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Kostas\AppData\Local\Temp\0Kraken71ChromaDevProps.dll
C:\Users\Kostas\AppData\Local\Temp\sqlite3.dll
C:\Users\Kostas\AppData\Local\Temp\_isC10E.exe
 
 
Some zero byte size files/folders:
==========================
C:\Windows\System32\RMActivate_ssp_isv.exe
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-02-04 19:28
 
==================== End of FRST.txt ============================

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,010 posts
  • MVP
Do you know what day  the problem started? 
 
Download aswMBR.exe  to your desktop.
Right click the aswMBR.exe and Run As Administrator
Yes to virtual prompt
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply
 
If it crashes then try it again but say No to the virtual business and uncheck trace disk IO calls
 
 
Can you attach the following file (or right click on it and Edit and then copy and paste the text into a reply)
 
C:\Windows\propresser.bat
 
It's a hidden file so you may need to go into Control Panel, click Folder Options.
    After the new window appears select the View tab.
    Put a checkmark in the checkbox labeled Display the contents of system folders.
    Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
    Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
    Remove the checkmark from the checkbox labeled Hide protected operating system files.
    Press the Apply button and then the OK button

  • 0

#3
artzi

artzi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

i am not really sure i think it must be 5-6 days

 

 

aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2016-02-11 20:14:37
-----------------------------
20:14:37.656    OS Version: Windows x64 6.2.9200 
20:14:37.657    Number of processors: 4 586 0x2A07
20:14:37.657    ComputerName: KOSTAS-PC  UserName: Kostas
20:14:38.052    Initialize success
20:14:38.055    VM: initialized successfully
20:14:38.057    VM: Intel CPU BiosDisabled 
20:14:39.568    AVAST engine defs: 16021100
20:14:49.203    Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
20:14:49.205    Disk 0 Vendor: WDC_WD5000AZRX-00L4HB0 01.01A01 Size: 476940MB BusType: 3
20:14:49.207    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-4
20:14:49.209    Disk 1 Vendor: Corsair_Force_LS_SSD S8FM07.2 Size: 228936MB BusType: 3
20:14:49.217    Disk 1 MBR read successfully
20:14:49.219    Disk 1 MBR scan
20:14:49.221    Disk 1 Windows 7 default MBR code
20:14:49.223    Disk 1 Partition 1 80 (A) 07      HPFS/NTFS NTFS          100 MB offset 2048
20:14:49.226    Disk 1 Partition 2 00     07      HPFS/NTFS NTFS       228384 MB offset 206848
20:14:49.229    Disk 1 Partition 3 00     27 Hidden NTFS WinRE NTFS          450 MB offset 467937280
20:14:49.237    Disk 1 scanning C:\WINDOWS\system32\drivers
20:14:52.313    Service scanning
20:14:59.628    Modules scanning
20:14:59.632    Disk 1 trace - called modules:
20:14:59.638    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys hal.dll PCIIDEX.SYS atapi.sys 
20:14:59.641    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xffffe00122ee7060]
20:14:59.644    3 CLASSPNP.SYS[fffff801f9bd7d95] -> nt!IofCallDriver -> [0xffffe001223eb4e0]
20:14:59.651    5 ACPI.sys[fffff801f8e41361] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-4[0xffffe00122d23060]
20:15:00.052    AVAST engine scan C:\WINDOWS
20:15:00.580    AVAST engine scan C:\WINDOWS\system32
20:15:47.973    AVAST engine scan C:\WINDOWS\system32\drivers
20:15:52.079    AVAST engine scan C:\Users\Kostas
20:16:21.620    AVAST engine scan C:\ProgramData
20:16:39.978    Disk 1 statistics 4112009/0/0 @ 40.69 MB/s
20:16:39.984    Scan finished successfully
20:16:54.560    Disk 1 MBR has been saved successfully to "C:\Users\Kostas\Desktop\MBR.dat"
20:16:54.564    The log file has been saved successfully to "C:\Users\Kostas\Desktop\aswMBR.txt"
 
 

Attached Files


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,010 posts
  • MVP
Download the attached fixlist.txt to the same location as FRST
 
 
Run FRST and press Fix
A fix log will be generated please post that .
 
The propresser,bat file is part of  this thing: http://mydonot.blogs...skeyhelper.html I assume it's something you know about.  If not delete it.
 

 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  

    Please download MiniToolBox, save it to your desktop and run it.
     
    Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer Errors
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
     
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
     
    Is it still doing it?
     
     

     


    • 0

    #5
    artzi

    artzi

      Member

    • Topic Starter
    • Member
    • PipPip
    • 18 posts

    i deleted the propresser.bat file..minitoolbox only gave me an MTB.txt not result.txt

     

    It is still doing it

    Attached Files


    • 0

    #6
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,010 posts
    • MVP
    Get Process Explorer
     
    Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
     
    View, Select Column, check Verified Signer, OK
    Options, Verify Image Signatures
     
     
    Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
     
    Wait a full minute then:
     
    File, Save As, Save.  Open the file Procexp.txt (name will change based on whatever is the top item)on your desktop and copy and paste the text to a reply.
    Close the file but leave Process Explorer running
     
    Then bring up Steam and get your ads.  Make a second Process Explorer ad as soon as you see the ad.  

    • 0

    #7
    artzi

    artzi

      Member

    • Topic Starter
    • Member
    • PipPip
    • 18 posts

    For some reason it doesn't pop up now.last ad i saw and i told you it still pop-ups malwarebytes said it blocked it..the site that was going to pop-up was something like smartnewtab,newtab dont know.maybe malwarebytes cleaned it?or it only blocks it from showing


    Edited by artzi, 11 February 2016 - 05:25 PM.

    • 0

    #8
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,010 posts
    • MVP

    If you see it again, try and get the full URL.  That may help identify the malware.


    • 0






    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP