Jump to content

Can't get rid of svchost.exe (Trojan/bitcoinMiner)


Recommended Posts

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin

Link to post
Share on other sites

Hello Kevin,

Thanks for the reply. I just finished the scan, I'm not clicking on the "Fix" button, right?



Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013
Ran by Panagiwtis (administrator) on PANAGIWTIS-PC on 07-10-2013 18:49:16
Running from C:\Users\Panagiwtis\Desktop\FRST
Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
() C:\Program Files\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Yuna Software) C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Nalpeiron Ltd.) C:\Windows\system32\nlssrv32.exe
() C:\Windows\system32\PnkBstrA.exe
(Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avid Technology, Inc.) C:\Windows\System32\M-AudioTaskBarIcon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Windows\CmUCReye.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dropbox, Inc.) C:\Users\Panagiwtis\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
() C:\Users\PANAGI~1\AppData\Local\Temp\svchost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Cmiboot] - C:\Windows\cmiboot.exe [65536 2007-02-12] ()
HKLM\...\Run: [switchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [M-Audio Taskbar Icon] - C:\Windows\system32\M-AudioTaskBarIcon.exe [644104 2010-12-07] (Avid Technology, Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-03] (Realtek Semiconductor)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1313640 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [3076144 2011-08-09] (ESET)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1387288 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [Adobe] - C:\Users\Panagiwtis\AppData\Roaming\Adobe\color.vbe [83540 2013-03-28] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [AlcoholAutomount] - C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [33120 2010-08-20] (Alcohol Soft Development Team)
MountPoints2: F - F:\Autorun.exe
MountPoints2: G - G:\Autorun.exe
MountPoints2: L - L:\setup.exe
MountPoints2: M - M:\setup.exe
MountPoints2: O - O:\setup\rsrc\Autorun.exe
AppInit_DLLs: acaptuser32.dll [ 2013-05-08] (Adobe Systems Incorporated)
Startup: C:\Users\Panagiwtis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Panagiwtis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/en/index.php?rvs=google
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://gr.msn.com/?mkt=el-gr&ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA8339FAAC0BBCB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = el
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/en/index.php?rvs=google
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/en/index.php?rvs=google
URLSearchHook: Sendspace Bar Toolbar - {5570f0a0-580c-4c69-808f-8b2aaa2aa93c} - C:\Program Files\Sendspace_Bar\prxtbSend.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2795644
SearchScopes: HKLM - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2795644
SearchScopes: HKLM - {CBF13E85-08E1-452D-AA67-9C251630E22B} URL = http://downloads.phpnuke.org/en/index.php?rvs=google
SearchScopes: HKCU - DefaultScope {CBF13E85-08E1-452D-AA67-9C251630E22B} URL = http://downloads.phpnuke.org/en/index.php?rvs=google
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2795644
SearchScopes: HKCU - {CBF13E85-08E1-452D-AA67-9C251630E22B} URL = http://downloads.phpnuke.org/en/index.php?rvs=google
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
BHO: Sendspace Bar Toolbar - {5570f0a0-580c-4c69-808f-8b2aaa2aa93c} - C:\Program Files\Sendspace_Bar\prxtbSend.dll (Conduit Ltd.)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Sendspace Bar Toolbar - {5570f0a0-580c-4c69-808f-8b2aaa2aa93c} - C:\Program Files\Sendspace_Bar\prxtbSend.dll (Conduit Ltd.)
Toolbar: HKLM - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.170.0.1 195.170.2.2

FireFox:
========
FF ProfilePath: C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Panagiwtis\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Panagiwtis\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Panagiwtis\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Panagiwtis\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Panagiwtis\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF Extension: ActiveGS - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\activegs@freetoolsassociation.com
FF Extension: English - Greek Spelling dictionary - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\el-en@dictionaries.addons.mozilla.org
FF Extension: No Name - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\foxmarks@kei.com
FF Extension: DOM-granskaren (DOM Inspector) - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\inspector@mozilla.org
FF Extension: Reader - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\{20068ab2-1901-4140-9f3c-81207d4dacc4}
FF Extension: Open In Illustrator - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\{28f69445-e742-4840-82dd-b658813c4747}
FF Extension: Password Exporter - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
FF Extension: DownloadHelper - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Open With Photoshop - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\{f3f219f9-cbce-467e-b8fe-6e076d29665c}
FF Extension: autorefresh - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\autorefresh@plugin.xpi
FF Extension: bookmarkfaviconchanger - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\bookmarkfaviconchanger@sonthakit.xpi
FF Extension: client - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\client@anonymox.net.xpi
FF Extension: extension - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\extension@4chan.org.xpi
FF Extension: google - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\google@hitachi.com.xpi
FF Extension: inspectthis - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\inspectthis@mackay.dyndns.info.xpi
FF Extension: youtubeit_aechiara - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\youtubeit_aechiara@gmail.com.xpi
FF Extension: No Name - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
FF Extension: No Name - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}.xpi
FF Extension: No Name - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: No Name - C:\Users\Panagiwtis\AppData\Roaming\Mozilla\Firefox\Profiles\ifibeqr4.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Panagiwtis\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Panagiwtis\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Panagiwtis\AppData\Local\Google\Chrome\Application\30.0.1599.69\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Panagiwtis\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Extension: (New Tabs At End) - C:\Users\PANAGI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgogjfbkjgjhonhikkkflpkgpcpfljoa\2.0.1_0
CHR Extension: (YouTube) - C:\Users\PANAGI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\PANAGI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0
CHR Extension: (Google Search) - C:\Users\PANAGI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Search by Image (by Google)) - C:\Users\PANAGI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.5.0_0
CHR Extension: (Speed Dial) - C:\Users\PANAGI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.5.3_0
CHR Extension: (Pop-up History) - C:\Users\PANAGI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibbfkdncimehcofgjmgblfbjecdndkli\0.2.1_0
CHR Extension: (Unseen (formerly FB unseen)) - C:\Users\PANAGI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcedcpmfdpjijiamkaeaefgfagnnpei\0.1.8.3_0
CHR Extension: (9GAG Mini) - C:\Users\PANAGI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmkmihphgjhmeabggdcokmkjhbnmdml\0.75_0
CHR Extension: (Papercuts) - C:\Users\PANAGI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjodbaafiacnpklaepiaplhbbiomipmc\3.0.6_0
CHR Extension: (Skype Click to Call) - C:\Users\PANAGI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\PANAGI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Neat Bookmarks) - C:\Users\PANAGI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnancliccjabjjmipbpjkfbijifaainp\0.9.10_0
CHR Extension: (Facebook Super Select All) - C:\Users\PANAGI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnaoebelpbmmcdoboinnphhoakdnaah\1.4.2_0
CHR Extension: (Auto-Reload) - C:\Users\PANAGI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofojbjgaaddibdfpmmjeonahgbacejid\8.0.5_0
CHR Extension: (Soundcloud Infinite Download) - C:\Users\PANAGI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\opdommdbfahdoflmobpheimffhbgkfjl\1.2_0
CHR Extension: (Gmail) - C:\Users\PANAGI~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [ojkljipanbocbngapmmpflnkgmnohjhm] - C:\Users\PANAGI~1\AppData\Local\Temp\tbch.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Panagiwtis\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [974944 2011-08-09] (ESET)
R2 KinoniSvc; C:\Program Files\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [525312 2013-02-26] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsgPlusService; C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [124832 2012-01-22] (Yuna Software)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2013-06-07] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [254552 2012-09-11] ()
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-24] (StarWind Software)
S3 TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1184312 2012-06-26] (GlavSoft LLC.)

==================== Drivers (Whitelisted) ====================

R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.)
S3 bcd3000; C:\Windows\System32\DRIVERS\bcd3000.sys [47208 2010-08-05] (Behringer)
S3 bcd3000wdm; C:\Windows\System32\DRIVERS\bcd3000wdm.sys [27240 2010-08-05] (Behringer)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R3 CMISTOR; C:\Windows\System32\DRIVERS\cmiucr.SYS [95616 2007-09-10] (C-Media Corporation)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [163424 2011-08-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [118104 2011-08-04] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [147480 2011-08-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [33656 2011-08-04] (ESET)
S3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [32584 2010-04-28] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [50624 2011-08-04] (ESET)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
R3 kinonivd; C:\Windows\System32\DRIVERS\kinonivd.sys [2782080 2013-02-26] (Windows ® Win 7 DDK provider)
R3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [18432 2013-02-26] (Windows ® Win 7 DDK provider)
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [30360 2011-09-02] (Logitech, Inc.)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [158600 2010-12-07] (Avid Technology, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2013-03-28] (MotioninJoy)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [436792 2013-02-22] ()
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [27136 2009-09-16] (Tunngle.net)
U3 aejuboxv; C:\Windows\System32\Drivers\aejuboxv.sys [0 ] (Advanced Micro Devices)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-07 18:49 - 2013-10-07 18:49 - 00000000 ____D C:\FRST
2013-10-07 18:47 - 2013-10-07 18:48 - 00000000 ____D C:\Users\Panagiwtis\Desktop\FRST
2013-10-07 05:07 - 2013-10-07 05:07 - 00000000 ____D C:\Users\Panagiwtis\Desktop\Malware
2013-10-07 05:05 - 2013-10-07 05:06 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Panagiwtis\Downloads\mbar-1.07.0.1005.exe
2013-10-07 02:44 - 2013-10-07 02:44 - 00000000 ____D C:\Program Files\CCleaner
2013-10-07 02:41 - 2013-10-07 02:42 - 04369632 _____ (Piriform Ltd) C:\Users\Panagiwtis\Downloads\ccsetup406.exe
2013-10-07 02:36 - 2013-10-07 02:36 - 00000000 _____ C:\Users\Panagiwtis\Downloads\speedupmypc.exe
2013-10-07 02:35 - 2013-10-07 02:36 - 01338717 _____ (Uniblue Systems Ltd                                         ) C:\Users\Panagiwtis\Downloads\speedupmypc.exe.part
2013-10-06 22:12 - 2013-10-06 22:12 - 00131072 _____ C:\Windows\Minidump\100613-87313-01.dmp
2013-10-06 22:09 - 2013-10-06 22:09 - 00000000 _____ C:\Windows\Minidump\100613-81931-01.dmp
2013-10-06 21:37 - 2013-10-06 21:37 - 00000000 _____ C:\Windows\Minidump\100613-82805-01.dmp
2013-10-06 21:33 - 2013-10-06 21:33 - 00000000 _____ C:\Windows\Minidump\100613-81838-01.dmp
2013-10-06 21:05 - 2013-10-06 21:05 - 01458872 _____ (                                                            ) C:\Users\Panagiwtis\Downloads\cpu-z_1.66-setup-en.exe
2013-10-06 21:05 - 2013-10-06 21:05 - 00000000 ____D C:\Program Files\CPUID
2013-10-06 20:32 - 2013-10-06 20:32 - 00684088 _____ C:\Windows\Minidump\100613-28267-01.dmp
2013-10-06 19:55 - 2013-07-31 13:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-06 19:55 - 2013-07-31 13:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-06 19:55 - 2013-07-31 13:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-06 19:55 - 2013-07-31 12:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-06 19:55 - 2013-07-31 12:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-10-06 19:55 - 2013-07-31 12:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-06 19:55 - 2013-07-31 12:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-06 19:55 - 2013-07-31 12:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-06 19:55 - 2013-07-31 12:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-06 19:55 - 2013-07-31 12:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-10-06 19:55 - 2013-07-31 12:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-10-06 19:55 - 2013-07-31 12:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-06 19:55 - 2013-07-31 12:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-06 19:55 - 2013-07-31 12:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-06 19:55 - 2013-07-31 12:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-06 19:55 - 2013-07-31 12:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-06 19:35 - 2013-10-06 19:44 - 00000000 ____D C:\Windows\system32\MRT
2013-10-06 19:35 - 2013-10-06 19:35 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-10-06 19:32 - 2013-10-06 19:32 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-06 19:28 - 2013-10-06 19:28 - 00000000 ____D C:\Program Files\ATI
2013-10-06 19:27 - 2013-07-09 07:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-10-06 19:27 - 2013-07-09 07:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-10-06 19:27 - 2013-07-09 07:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-10-06 19:27 - 2013-07-09 07:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-10-06 19:26 - 2013-07-09 07:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-10-06 19:26 - 2013-04-26 02:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-10-06 19:26 - 2013-04-12 16:45 - 01211752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-10-06 19:25 - 2013-01-24 07:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-10-06 19:19 - 2013-07-09 08:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-10-06 19:19 - 2013-07-09 08:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-06 19:19 - 2013-07-09 07:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-06 19:19 - 2013-03-19 07:48 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-10-06 19:19 - 2013-03-19 05:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-10-06 19:18 - 2013-04-10 02:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-10-06 19:16 - 2013-07-25 11:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-10-06 19:16 - 2013-05-13 06:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-10-06 19:16 - 2013-05-13 06:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-10-06 19:15 - 2013-02-27 08:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-10-06 19:15 - 2013-02-27 07:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-10-06 19:15 - 2013-02-27 07:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-10-06 19:14 - 2013-07-26 04:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-10-06 19:14 - 2013-07-26 04:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-10-06 19:13 - 2013-08-02 04:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-10-06 19:13 - 2013-08-02 04:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-10-06 19:13 - 2013-08-02 04:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 04:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 03:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-10-06 19:13 - 2013-08-02 03:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 03:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 03:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-10-06 19:13 - 2013-08-02 03:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-10-06 19:13 - 2013-07-19 04:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-10-06 19:13 - 2013-07-06 08:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-06 19:13 - 2013-05-10 06:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-10-06 19:13 - 2013-04-10 08:18 - 00728424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-06 19:13 - 2013-04-10 08:18 - 00218984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-10-06 19:12 - 2013-08-08 04:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-06 19:12 - 2013-08-05 04:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-10-06 19:12 - 2013-06-15 06:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-10-06 19:12 - 2013-06-04 07:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-10-06 19:12 - 2013-04-26 07:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-10-06 19:12 - 2013-04-17 10:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-10-06 19:12 - 2013-03-19 07:53 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-10-06 19:12 - 2013-03-19 06:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-10-06 19:09 - 2013-10-06 19:16 - 156677600 _____ (Advanced Micro Devices, Inc.) C:\Users\Panagiwtis\Downloads\13-9_win7_win8_32_dd_ccc_whql.exe
2013-10-06 18:09 - 2013-10-06 18:09 - 00682280 _____ C:\Windows\Minidump\100613-31512-01.dmp
2013-10-06 07:20 - 2013-10-06 07:20 - 00000000 ____D C:\Users\Panagiwtis\Documents\ActiveGSLocalData
2013-10-06 04:56 - 2013-10-06 04:56 - 00139256 _____ C:\Windows\Minidump\100613-24944-01.dmp
2013-10-06 04:24 - 2013-10-06 04:24 - 00684472 _____ C:\Windows\Minidump\100613-27658-01.dmp
2013-10-06 04:22 - 2013-10-06 04:22 - 00000000 _____ C:\Windows\Minidump\100613-23914-01.dmp
2013-10-05 00:10 - 2013-10-05 00:10 - 72099396 _____ C:\Users\Panagiwtis\Desktop\Phase Difference - Utopia (Original Mix) [M].wav
2013-10-04 23:53 - 2013-10-04 23:53 - 00469887 _____ C:\Users\Panagiwtis\Desktop\Phase Difference - Utopia (Original Mix) [premast].wav.asd
2013-10-04 23:45 - 2013-10-04 23:45 - 72103544 _____ C:\Users\Panagiwtis\Desktop\Phase Difference - Utopia (Original Mix) [premast].wav
2013-10-02 22:18 - 2013-10-02 22:18 - 00000000 ____D C:\Users\Panagiwtis\AppData\Local\HP
2013-10-02 22:15 - 2013-10-02 22:18 - 00000000 ____D C:\Users\Panagiwtis\AppData\Roaming\HP
2013-10-02 22:15 - 2013-10-02 22:15 - 00000000 ____D C:\ProgramData\WEBREG
2013-10-02 22:11 - 2013-10-02 22:11 - 00000000 ____D C:\ProgramData\HP Product Assistant
2013-10-02 22:10 - 2013-10-02 22:10 - 00001339 _____ C:\Users\Public\Desktop\Κέντρο λειτουργιών HP.lnk
2013-10-02 22:08 - 2013-10-02 22:08 - 00000000 ____D C:\Program Files\Common Files\HP
2013-10-02 22:08 - 2013-10-02 22:08 - 00000000 ____D C:\Program Files\Common Files\Hewlett-Packard
2013-10-02 22:02 - 2013-10-02 22:15 - 00001255 _____ C:\ProgramData\hpzinstall.log
2013-10-02 22:02 - 2013-10-02 22:12 - 00000000 ____D C:\Program Files\HP
2013-10-02 22:01 - 2013-10-02 22:17 - 00000000 ____D C:\ProgramData\HP
2013-10-02 22:01 - 2013-10-02 22:15 - 00245954 _____ C:\Windows\hpoins19.dat
2013-10-02 22:01 - 2009-10-20 07:30 - 00013898 ____N C:\Windows\hpomdl19.dat
2013-10-02 22:01 - 2009-07-08 13:51 - 00452408 _____ (Hewlett-Packard) C:\Windows\system32\hpzids01.dll
2013-10-02 21:47 - 2013-10-02 21:59 - 380301136 _____ C:\Users\Panagiwtis\Downloads\HP Driver & Software.exe
2013-10-02 21:45 - 2013-10-02 21:47 - 85407063 _____ C:\Users\Panagiwtis\Downloads\AIO_CDB_NonNet_Full_Win_WW_130_141.exe
2013-09-30 23:32 - 2013-09-30 23:33 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-28 09:42 - 2013-09-28 09:43 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-09-28 09:42 - 2013-09-28 09:43 - 00000000 ____D C:\Program Files\iTunes
2013-09-28 09:42 - 2013-09-28 09:42 - 00000000 ____D C:\Program Files\iPod
2013-09-13 20:32 - 2013-09-19 00:19 - 00000000 ____D C:\ProgramData\Tunngle
2013-09-13 20:31 - 2013-09-13 20:32 - 04068392 _____ (Tunngle.net GmbH                                            ) C:\Users\Panagiwtis\Downloads\Tunngle_Setup_v4.5.1.3.exe
2013-09-13 18:45 - 2013-09-16 22:40 - 00000000 ____D C:\Left 4 Dead 2
2013-09-13 18:45 - 2013-09-13 18:51 - 00000000 ____D C:\Program Files\Left 4 Dead 2

==================== One Month Modified Files and Folders =======

2013-10-07 18:49 - 2013-10-07 18:49 - 00000000 ____D C:\FRST
2013-10-07 18:48 - 2013-10-07 18:47 - 00000000 ____D C:\Users\Panagiwtis\Desktop\FRST
2013-10-07 18:47 - 2011-07-26 16:52 - 00000000 ___RD C:\Users\Panagiwtis\Dropbox
2013-10-07 18:47 - 2011-07-26 16:46 - 00000000 ____D C:\Users\Panagiwtis\AppData\Roaming\Dropbox
2013-10-07 18:45 - 2013-03-29 14:47 - 00000480 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2013-10-07 18:45 - 2011-02-07 17:14 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-07 18:44 - 2011-01-24 14:52 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2013-10-07 18:44 - 2009-07-14 07:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-07 18:44 - 2009-07-14 07:39 - 00232530 _____ C:\Windows\setupact.log
2013-10-07 18:43 - 2011-01-25 00:08 - 01445772 _____ C:\Windows\WindowsUpdate.log
2013-10-07 18:41 - 2013-03-29 14:49 - 00000454 _____ C:\Windows\Tasks\ParetoLogic Registration3.job
2013-10-07 18:41 - 2013-02-13 20:52 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-07 18:41 - 2011-10-20 01:17 - 00000948 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2792358065-3367782600-3991861757-1000UA.job
2013-10-07 18:41 - 2011-02-07 17:14 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-07 18:41 - 2011-01-24 15:21 - 00001214 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2792358065-3367782600-3991861757-1000UA.job
2013-10-07 18:41 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-07 10:04 - 2009-07-14 07:34 - 00020720 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-07 10:04 - 2009-07-14 07:34 - 00020720 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-07 09:56 - 2011-01-24 19:38 - 00060450 _____ C:\Windows\PFRO.log
2013-10-07 09:56 - 2009-07-14 07:52 - 00000000 ____D C:\Windows\addins
2013-10-07 05:07 - 2013-10-07 05:07 - 00000000 ____D C:\Users\Panagiwtis\Desktop\Malware
2013-10-07 05:06 - 2013-10-07 05:05 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Panagiwtis\Downloads\mbar-1.07.0.1005.exe
2013-10-07 04:51 - 2011-10-20 01:17 - 00000926 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2792358065-3367782600-3991861757-1000Core.job
2013-10-07 03:09 - 2011-09-04 17:37 - 00007605 _____ C:\Users\Panagiwtis\AppData\Local\resmon.resmoncfg
2013-10-07 03:06 - 2011-01-24 15:27 - 00000000 ____D C:\Users\Panagiwtis\AppData\Roaming\Skype
2013-10-07 02:44 - 2013-10-07 02:44 - 00000000 ____D C:\Program Files\CCleaner
2013-10-07 02:42 - 2013-10-07 02:41 - 04369632 _____ (Piriform Ltd) C:\Users\Panagiwtis\Downloads\ccsetup406.exe
2013-10-07 02:36 - 2013-10-07 02:36 - 00000000 _____ C:\Users\Panagiwtis\Downloads\speedupmypc.exe
2013-10-07 02:36 - 2013-10-07 02:35 - 01338717 _____ (Uniblue Systems Ltd                                         ) C:\Users\Panagiwtis\Downloads\speedupmypc.exe.part
2013-10-07 02:18 - 2013-08-21 15:02 - 00000000 ____D C:\Users\Panagiwtis\AppData\Local\PMB Files
2013-10-07 02:18 - 2013-08-21 15:02 - 00000000 ____D C:\ProgramData\PMB Files
2013-10-06 23:42 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\Registration
2013-10-06 22:12 - 2013-10-06 22:12 - 00131072 _____ C:\Windows\Minidump\100613-87313-01.dmp
2013-10-06 22:12 - 2011-01-25 00:05 - 273979299 _____ C:\Windows\MEMORY.DMP
2013-10-06 22:12 - 2011-01-25 00:05 - 00000000 ____D C:\Windows\Minidump
2013-10-06 22:09 - 2013-10-06 22:09 - 00000000 _____ C:\Windows\Minidump\100613-81931-01.dmp
2013-10-06 21:37 - 2013-10-06 21:37 - 00000000 _____ C:\Windows\Minidump\100613-82805-01.dmp
2013-10-06 21:33 - 2013-10-06 21:33 - 00000000 _____ C:\Windows\Minidump\100613-81838-01.dmp
2013-10-06 21:05 - 2013-10-06 21:05 - 01458872 _____ (                                                            ) C:\Users\Panagiwtis\Downloads\cpu-z_1.66-setup-en.exe
2013-10-06 21:05 - 2013-10-06 21:05 - 00000000 ____D C:\Program Files\CPUID
2013-10-06 21:01 - 2011-07-10 21:34 - 00000000 ____D C:\Windows\system32\directx
2013-10-06 20:59 - 2012-06-04 16:43 - 00292184 _____ (Microsoft Corporation) C:\Users\Panagiwtis\Downloads\dxwebsetup.exe
2013-10-06 20:46 - 2012-03-29 16:07 - 00000000 ____D C:\ProgramData\AMD
2013-10-06 20:32 - 2013-10-06 20:32 - 00684088 _____ C:\Windows\Minidump\100613-28267-01.dmp
2013-10-06 20:14 - 2009-07-14 07:33 - 07814528 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-06 20:13 - 2013-04-02 12:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-06 20:10 - 2009-07-14 10:50 - 00000000 ____D C:\Program Files\Windows Journal
2013-10-06 20:10 - 2009-07-14 07:52 - 00000000 ____D C:\Program Files\Windows Defender
2013-10-06 20:05 - 2011-01-24 14:41 - 00343820 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-06 20:03 - 2011-01-24 16:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-06 19:44 - 2013-10-06 19:35 - 00000000 ____D C:\Windows\system32\MRT
2013-10-06 19:35 - 2013-10-06 19:35 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-10-06 19:32 - 2013-10-06 19:32 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-06 19:28 - 2013-10-06 19:28 - 00000000 ____D C:\Program Files\ATI
2013-10-06 19:16 - 2013-10-06 19:09 - 156677600 _____ (Advanced Micro Devices, Inc.) C:\Users\Panagiwtis\Downloads\13-9_win7_win8_32_dd_ccc_whql.exe
2013-10-06 18:55 - 2009-07-14 07:52 - 00000000 ____D C:\Windows\Offline Web Pages
2013-10-06 18:22 - 2012-03-29 17:01 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-06 18:09 - 2013-10-06 18:09 - 00682280 _____ C:\Windows\Minidump\100613-31512-01.dmp
2013-10-06 07:20 - 2013-10-06 07:20 - 00000000 ____D C:\Users\Panagiwtis\Documents\ActiveGSLocalData
2013-10-06 05:14 - 2013-03-29 15:04 - 00001030 _____ C:\0.bak
2013-10-06 05:14 - 2011-07-26 16:47 - 00000000 ____D C:\Users\Panagiwtis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-10-06 04:56 - 2013-10-06 04:56 - 00139256 _____ C:\Windows\Minidump\100613-24944-01.dmp
2013-10-06 04:24 - 2013-10-06 04:24 - 00684472 _____ C:\Windows\Minidump\100613-27658-01.dmp
2013-10-06 04:22 - 2013-10-06 04:22 - 00000000 _____ C:\Windows\Minidump\100613-23914-01.dmp
2013-10-05 21:33 - 2011-01-24 15:21 - 00001162 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2792358065-3367782600-3991861757-1000Core.job
2013-10-05 05:43 - 2011-01-29 23:28 - 00000000 ____D C:\Users\Panagiwtis\AppData\Roaming\uTorrent
2013-10-05 00:10 - 2013-10-05 00:10 - 72099396 _____ C:\Users\Panagiwtis\Desktop\Phase Difference - Utopia (Original Mix) [M].wav
2013-10-04 23:53 - 2013-10-04 23:53 - 00469887 _____ C:\Users\Panagiwtis\Desktop\Phase Difference - Utopia (Original Mix) [premast].wav.asd
2013-10-04 23:45 - 2013-10-04 23:45 - 72103544 _____ C:\Users\Panagiwtis\Desktop\Phase Difference - Utopia (Original Mix) [premast].wav
2013-10-04 07:55 - 2013-02-19 12:41 - 00000132 _____ C:\Users\Panagiwtis\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-10-02 22:18 - 2013-10-02 22:18 - 00000000 ____D C:\Users\Panagiwtis\AppData\Local\HP
2013-10-02 22:18 - 2013-10-02 22:15 - 00000000 ____D C:\Users\Panagiwtis\AppData\Roaming\HP
2013-10-02 22:17 - 2013-10-02 22:01 - 00000000 ____D C:\ProgramData\HP
2013-10-02 22:16 - 2011-05-11 01:08 - 00217584 _____ C:\Users\Panagiwtis\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-02 22:15 - 2013-10-02 22:15 - 00000000 ____D C:\ProgramData\WEBREG
2013-10-02 22:15 - 2013-10-02 22:02 - 00001255 _____ C:\ProgramData\hpzinstall.log
2013-10-02 22:15 - 2013-10-02 22:01 - 00245954 _____ C:\Windows\hpoins19.dat
2013-10-02 22:15 - 2009-07-14 05:04 - 00000513 _____ C:\Windows\win.ini
2013-10-02 22:12 - 2013-10-02 22:02 - 00000000 ____D C:\Program Files\HP
2013-10-02 22:11 - 2013-10-02 22:11 - 00000000 ____D C:\ProgramData\HP Product Assistant
2013-10-02 22:10 - 2013-10-02 22:10 - 00001339 _____ C:\Users\Public\Desktop\Κέντρο λειτουργιών HP.lnk
2013-10-02 22:08 - 2013-10-02 22:08 - 00000000 ____D C:\Program Files\Common Files\HP
2013-10-02 22:08 - 2013-10-02 22:08 - 00000000 ____D C:\Program Files\Common Files\Hewlett-Packard
2013-10-02 22:08 - 2009-07-14 07:52 - 00000000 ____D C:\Windows\twain_32
2013-10-02 21:59 - 2013-10-02 21:47 - 380301136 _____ C:\Users\Panagiwtis\Downloads\HP Driver & Software.exe
2013-10-02 21:47 - 2013-10-02 21:45 - 85407063 _____ C:\Users\Panagiwtis\Downloads\AIO_CDB_NonNet_Full_Win_WW_130_141.exe
2013-10-01 15:08 - 2012-05-04 22:25 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-01 04:11 - 2011-01-24 15:23 - 00000000 ____D C:\Users\Panagiwtis\AppData\Local\Mozilla
2013-10-01 02:29 - 2011-08-02 14:44 - 00000000 ____D C:\Users\Panagiwtis\AppData\Roaming\Apple Computer
2013-09-30 23:33 - 2013-09-30 23:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-29 17:45 - 2011-08-02 14:44 - 00000000 ____D C:\Users\Panagiwtis\AppData\Local\Apple Computer
2013-09-28 14:39 - 2011-01-24 15:23 - 00000000 ____D C:\Users\Panagiwtis\AppData\Roaming\Mozilla
2013-09-28 09:43 - 2013-09-28 09:42 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-09-28 09:43 - 2013-09-28 09:42 - 00000000 ____D C:\Program Files\iTunes
2013-09-28 09:42 - 2013-09-28 09:42 - 00000000 ____D C:\Program Files\iPod
2013-09-28 09:42 - 2011-01-30 05:53 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-21 15:58 - 2012-03-29 14:35 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-21 15:58 - 2011-05-17 15:10 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-19 00:19 - 2013-09-13 20:32 - 00000000 ____D C:\ProgramData\Tunngle
2013-09-19 00:19 - 2012-05-28 23:29 - 00000000 ____D C:\Users\Panagiwtis\AppData\Roaming\Tunngle
2013-09-18 23:29 - 2013-06-07 21:31 - 00022328 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2013-09-18 23:28 - 2013-06-07 21:31 - 00103736 _____ C:\Windows\system32\PnkBstrB.exe
2013-09-18 21:55 - 2011-01-24 22:53 - 00000000 ____D C:\Users\Panagiwtis\AppData\Local\Windows Live
2013-09-16 22:40 - 2013-09-13 18:45 - 00000000 ____D C:\Left 4 Dead 2
2013-09-15 19:21 - 2013-03-29 14:47 - 00000428 _____ C:\Windows\Tasks\ParetoLogic Update Version3.job
2013-09-14 17:41 - 2012-05-28 23:42 - 00000000 _____ C:\Windows\system32\Access.dat
2013-09-14 16:17 - 2012-10-28 22:25 - 00000000 ___RD C:\Users\Panagiwtis\Desktop\Games
2013-09-13 20:32 - 2013-09-13 20:31 - 04068392 _____ (Tunngle.net GmbH                                            ) C:\Users\Panagiwtis\Downloads\Tunngle_Setup_v4.5.1.3.exe
2013-09-13 20:32 - 2012-05-28 23:28 - 00000000 ____D C:\Program Files\Tunngle
2013-09-13 18:51 - 2013-09-13 18:45 - 00000000 ____D C:\Program Files\Left 4 Dead 2
2013-09-11 22:51 - 2013-06-07 17:18 - 00000000 ____D C:\Users\Panagiwtis\AppData\Roaming\ViberPC
2013-09-11 22:50 - 2013-06-07 17:16 - 00000000 ____D C:\Users\Panagiwtis\AppData\Local\Viber
2013-09-07 14:46 - 2011-01-24 16:59 - 00000000 ____D C:\Users\Panagiwtis\Facebook

Some content of TEMP:
====================
C:\Users\Panagiwtis\AppData\Local\Temp\libcurl-4.dll
C:\Users\Panagiwtis\AppData\Local\Temp\libeay32.dll
C:\Users\Panagiwtis\AppData\Local\Temp\libidn-11.dll
C:\Users\Panagiwtis\AppData\Local\Temp\libusb-1.0.dll
C:\Users\Panagiwtis\AppData\Local\Temp\pthreadGC2.dll
C:\Users\Panagiwtis\AppData\Local\Temp\ssleay32.dll
C:\Users\Panagiwtis\AppData\Local\Temp\svchost.exe
C:\Users\Panagiwtis\AppData\Local\Temp\zlib1.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-01 19:37

==================== End Of Log ============================

 

Addition.txt

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST/FRST64 and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Next,

 

Download CKScanner from here: http://downloads.malwareremoval.com/CKScanner.exe

Important - Save it to your desktop.

Doubleclick CKScanner.exe (Right click and "Run as administrator" in Vista/Win7/8).
Give permission if necessary, and click Search For Files.
After a very short time, when the cursor hourglass disappears, click Save List To File.
A message box will verify the file saved. Please run the program once only.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

fixlist.txt

Link to post
Share on other sites

Ok... I just tried something that I thought it was crazy. I went to my AppData\Local\Temp detected the svchost.exe and just renamed it to "svchost" (deleted the .exe) & my precesses just went back to normal, plus I was able to delete the file that I wasn't able before because it was running. I will reboot now & see if it appears again in the folder.

Link to post
Share on other sites

Leave FRST for now, run the following:

 

1.Download Malwarebytes Anti-Rootkit from this link:

 

 http://www.malwarebytes.org/products/mbar/

 

2. Unzip the File to a convenient location. (Recommend the Desktop)

3. Open the folder where the contents were unzipped to run mbar.exe

 

Image1.png

 

4. Double-click on the mbar.exe file, you may receive a User Account Control prompt asking if you are sure you wish to allow the program to run. Please allow the program to run and MBAR will now start to install any necessary drivers that are required for the program to operate correctly. If a rootkit is interfering with the installation of the drivers you will see a message that states that the DDA driver was not installed and that you should reboot your computer to install it. You will see this image:

 

mbarwm.png

 

5. If you receive this message, please click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer. Once the computer is rebooted and you login, MBAR will automatically start and you will now be at the start screen. (If no Rootkit warning you will go from step 4 to 6.)

 

6. The following image opens, select Next.

 

Image2.png

 

7. The following image opens, select Update

 

Image3.png

 

8. When the update completes select Next.

 

Image4.png

 

9. In the following window ensure "Targets" are ticked. Then select "Scan"

 

Image5.png

 

10. If an infection is found select the "Cleanup Button" to remove threats, Reboot if prompted. Wait while the system shuts down and the cleanup process is performed.

 

MBAntiRKcleanA.png

 

11. Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click "Cleanup Button" once more and repeat the process.

12. If no threats were found you will see the following image, Select Exit:

 

Image6.png

 

13. Verify that your system is now running normally, making sure that the following items are functional:

 


  •      
  • Internet access
         
  • Windows Update
         
  • Windows Firewall

 

14.  If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included within Malwarebytes Anti-Rootkit folder.

 

15. Select "Y" from your Keyboard, tap Enter.

 

16. The fix will be applied, select any key to Exit.

 

17. Let me know how your system now responds. Copy and paste the two following logs from the mbar folder:

 

System - log

Mbar - log   Date and time of scan will also be shown

 

Thanks,

 

Kevin...

Link to post
Share on other sites

So i figured out why FRST kept crashing. The process svchost.exe was running so I renamed the svchost.exe in the temp folders to svchost so the process stopped running, then renamed the svchost.exe to svchost in the fixlist you sent me & finished with the fix task.

here's the ckfiles.txt contents

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\program files\adobe\adobe photoshop cs5\keygen.exe
c:\program files\adobe\adobe premiere pro cs3\keygen.exe
c:\program files\adobe\adobe premiere pro cs3\plug-ins\en_us\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cs3\plug-ins\en_us\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cs3\plug-ins\en_us\vstplugins\decrackler6.dll
c:\program files\adobe\adobe premiere pro cs4\plug-ins\en_us\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cs4\plug-ins\en_us\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cs4\plug-ins\en_us\vstplugins\decrackler6.dll
c:\program files\common files\native instruments\massive\sounds\massive factory\crackle carl.nmsv
c:\program files\common files\native instruments\massive\sounds\massive factory\digitoy crackle.nmsv
c:\program files\common files\native instruments\shared content\sounds\fm7\beam cracker bass.ksd
c:\program files\common files\native instruments\shared content\sounds\fm7\cracklephone.ksd
c:\program files\common files\native instruments\shared content\sounds\massive\crackle carl.ksd
c:\program files\common files\native instruments\shared content\sounds\massive\digitoy crackle.ksd
c:\program files\corel\coreldraw graphics suite x5\custom data\bumpmap\cracks.cpt
c:\program files\fxpansion\cypher\presets\patchen\dr cracker.cypher
c:\program files\fxpansion\fusor\devices\presets\bitcrusher\cracked 2 bit hp.fxpreset
c:\program files\fxpansion\strobe\presets\patchen\ba clackity crackity.strobe
c:\program files\image-line\drumaxx\drum patches\sound fx\crack.dmpatch
c:\program files\image-line\fl studio 10\data\presets\sawer\ambient\mc cracked.sawer
c:\program files\image-line\fl studio 10\data\presets\toxic biohazard\basses\crack.tbio
c:\program files\image-line\fl studio 8\data\patches\user\drums\multimoog\maxv - fm crack.aiff
c:\program files\image-line\fl studio 8\data\patches\user\vassilakis\sor kick free revolution vol.2\sor kfr2 clicks\sor_kfr2_clk127_cracklepop.wav.asd
c:\program files\image-line\fl studio 8\data\patches\user\vassilakis\sor kick free revolution vol.2\sor kfr2 rough\sor_kfr2_rgh127_cracked.wav.asd
c:\program files\image-line\fl studio 8\data\patches\user\vassilakis\sor kick free revolution vol.2\sor kfr2 rough\sor_kfr2_rgh127_cracked2.wav.asd
c:\program files\image-line\fl studio 8\data\patches\user\vassilakis\sor kick free revolution vol.2\sor kfr2 tonal\sor_kfr2_ton127_cracked.wav.asd
c:\program files\image-line\fl studio 8\data\patches\user\vassilakis\sor kick free revolution vol.2\sor kfr2 tonal\sor_kfr2_ton127_cracked2.wav.asd
c:\program files\image-line\fl studio 8\data\patches\user\vassilakis\sor kick free revolution vol.2\sor kfr2 tribal\sor_kfr2_trb127_crackedvibe.wav.asd
c:\program files\image-line\fl studio 8\data\patches\user\vengeance packs\sounds\vengeance minimal house vol 2 wav-magnetrixx\vmh2 bonus sounds\vmh2 crackle loop 1.wav.asd
c:\program files\image-line\fl studio 8\data\patches\user\vengeance packs\sounds\vengeance minimal house vol 2 wav-magnetrixx\vmh2 bonus sounds\vmh2 crackle loop 2.wav.asd
c:\program files\image-line\hardcore\presets\i cracked my tube!.hdprg
c:\program files\image-line\shared\data\drumaxx\drum patches\sound fx\crack.dmpatch
c:\program files\valve\counter-strike source\cstrike\materials\concrete\prodwllecracked.vmt
c:\program files\valve\counter-strike source\cstrike\materials\concrete\prodwllecracked.vtf
c:\program files\valve\counter-strike source\cstrike\materials wallhack\concrete\prodwllecracked.vmt
c:\program files\valve\counter-strike source\cstrike\materials wallhack\concrete\prodwllecracked.vtf
c:\program files\valve\counter-strike source\hl2\materials\glass\glasswindow018a_cracked.vmt
c:\program files\valve\counter-strike source\hl2\materials\glass\glasswindow018a_cracked.vtf
c:\program files\vstplugins\vember audio\surgedata\patches_3rdparty\inigo_kennedy_02\ik_crackles.fxp
c:\program files\vstplugins\vember audio\surgedata\patches_factory\fx\crackling.fxp
c:\program files\waves\plug-ins\documents\x-crackle.pdf.lnk
c:\program files\waves\plug-ins\x-crackle.bundle\desktop.ini
c:\program files\waves\plug-ins\x-crackle.bundle\x-crackle.ico
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources.tar
c:\program files\waves\plug-ins\x-crackle.bundle\contents\linux32\xlgn
c:\program files\waves\plug-ins\x-crackle.bundle\contents\linux32\xlmc
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\x-crackle.pdf
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\adut\1
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\agrc\1
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\1228
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\1229
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\1230
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\1231
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\128
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\129
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\130
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\131
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\132
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\133
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\134
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\135
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\136
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\137
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\138
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\139
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\140
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\141
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\142
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\143
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\144
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\53
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\dae_\1
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\dmrk\1
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\dsh_\1
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\mrkc\1
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\mvs3\1000
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\mxss\1
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\nrkc\1
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10128
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10129
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10130
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10131
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10140
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10156
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10157
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10158
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10159
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10160
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10161
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10162
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10164
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10200
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\128
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\129
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\130
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\131
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\14600
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\14601
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\400
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\401
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\402
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\403
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\404
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\405
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\406
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\407
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\408
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\409
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\410
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\411
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\412
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\413
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\414
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\415
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\416
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\417
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\418
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\png_\419
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\test\1
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\vst2\1
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\ws56\5200
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\ws56\5201
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\ws56\5210
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\ws56\5211
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\xalg\1001
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\xcli\1000
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\xcli\1001
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\xdae\1000
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\xgui\1000
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\xinf\1000
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\xpgt\3950
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\xpll\1001
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\xprm\1000
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\xpst\1000
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\xsig\1
c:\program files\waves\plug-ins\x-crackle.bundle\contents\resources\xwic\1100
c:\program files\waves\plug-ins\x-crackle.bundle\contents\win32\genericmulticoreprocessor.dll
c:\program files\waves\plug-ins\x-crackle.bundle\contents\win32\genericwinprocess.dll
c:\program files\waves\plug-ins\x-crackle.bundle\contents\win32\x-crackle.dll
c:\program files\waves\plug-ins\x-crackle.bundle\contents\win64\genericmulticoreprocessor.dll
c:\program files\waves\plug-ins\x-crackle.bundle\contents\win64\genericwinprocess.dll
c:\program files\waves\plug-ins\x-crackle.bundle\contents\win64\x-crackle.dll
c:\users\panagiwtis\documents\ableton\library\presets\audio effects\vinyl distortion\crack.adv
c:\users\panagiwtis\documents\ableton\library\presets\instruments\instrument rack\guitars and plucked\synthetic\lead-cracker.adg
c:\users\panagiwtis\documents\native instruments\shared content\sounds\massive\n.i. massive 2k10\fe-3 hardsync\fe-3 ba crack.ksd
c:\users\panagiwtis\documents\native instruments\shared content\sounds\massive\n.i. massive 2k10\ni massive bank by cyberworm\crack pad.ksd
c:\users\panagiwtis\documents\native instruments\shared content\sounds\massive\ni massive bank by cyberworm\crack pad.ksd
c:\users\panagiwtis\downloads\games\sc4 upload\crack\sc4.exe
c:\users\panagiwtis\downloads\games\sc4 upload\crack\simcity.4.nfo
c:\users\panagiwtis\downloads\music & stuff\celemony melodyne studio edition v3.1.2.0 incl keygen\a-cm312.r00
c:\users\panagiwtis\downloads\music & stuff\celemony melodyne studio edition v3.1.2.0 incl keygen\a-cm312.r01
c:\users\panagiwtis\downloads\music & stuff\celemony melodyne studio edition v3.1.2.0 incl keygen\a-cm312.r02
c:\users\panagiwtis\downloads\music & stuff\celemony melodyne studio edition v3.1.2.0 incl keygen\a-cm312.r03
c:\users\panagiwtis\downloads\music & stuff\celemony melodyne studio edition v3.1.2.0 incl keygen\a-cm312.r04
c:\users\panagiwtis\downloads\music & stuff\celemony melodyne studio edition v3.1.2.0 incl keygen\a-cm312.r05
c:\users\panagiwtis\downloads\music & stuff\celemony melodyne studio edition v3.1.2.0 incl keygen\a-cm312.r06
c:\users\panagiwtis\downloads\music & stuff\celemony melodyne studio edition v3.1.2.0 incl keygen\a-cm312.r07
c:\users\panagiwtis\downloads\music & stuff\celemony melodyne studio edition v3.1.2.0 incl keygen\a-cm312.rar
c:\users\panagiwtis\downloads\music & stuff\celemony melodyne studio edition v3.1.2.0 incl keygen\air.nfo
c:\users\panagiwtis\downloads\music & stuff\celemony melodyne studio edition v3.1.2.0 incl keygen\ccd.txt
c:\users\panagiwtis\downloads\music & stuff\celemony melodyne studio edition v3.1.2.0 incl keygen\celemony_melodyne_v3.0.1.5_studio_edition_incl_keygen_repackh2o.zip
c:\users\panagiwtis\downloads\music & stuff\celemony melodyne studio edition v3.1.2.0 incl keygen\file_id.diz
c:\users\panagiwtis\downloads\music & stuff\celemony melodyne studio edition v3.1.2.0 incl keygen\setup.exe
c:\users\panagiwtis\downloads\music & stuff\celemony melodyne studio edition v3.1.2.0 incl keygen\torrent downloaded from demonoid.com.txt
c:\users\panagiwtis\downloads\music & stuff\ni massive bank by cyberworm\crack pad.ksd
c:\users\panagiwtis\downloads\programs\sorenson.squeeze.v6.0.0.73.incl.keymaker-core\keygen.exe
c:\users\panagiwtis\downloads\programs\wm.capture.v3.1.happy.new.year-te\crack\wmcap.exe
c:\users\panagiwtis\dropbox\public\eset.smart.security.5.&.eset.nod32.antivirus.5.incl.crack(32.and.64.bit).rar
c:\users\panagiwtis\photoshop\brushes\2010 selective\mega pack\ps brushes mega pack 2\crack_3_by_narcissus.abr
hosts 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
hosts 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
hosts 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
hosts 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
hosts 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
hosts 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
hosts 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
hosts 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net crl.verisign.net ood.opsource.net
hosts 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net crl.verisign.net ood.opsource.net
hosts 127.0.0.1                activate.adobe.com
hosts 127.0.0.1                practivate.adobe.com
hosts 127.0.0.1                ereg.adobe.com
hosts 127.0.0.1                activate.wip3.adobe.com
hosts 127.0.0.1                wip3.adobe.com
hosts 127.0.0.1                3dns-3.adobe.com
hosts 127.0.0.1                3dns-2.adobe.com
hosts 127.0.0.1                adobe-dns.adobe.com
hosts 127.0.0.1                adobe-dns-2.adobe.com
hosts 127.0.0.1                adobe-dns-3.adobe.com
hosts 127.0.0.1                ereg.wip3.adobe.com
hosts 127.0.0.1                activate-sea.adobe.com
hosts 127.0.0.1                wwis-dubc1-vip60.adobe.com
hosts 127.0.0.1                activate-sjc0.adobe.com
hosts 127.0.0.1                               adobe.activate.com
hosts 127.0.0.1   reg.sorensonmedia.com127.0.0.1 practivate.adobe.com
hosts 127.0.0.1 ereg.adobe.com
hosts 127.0.0.1 activate.wip3.adobe.com
hosts 127.0.0.1 wip3.adobe.com
hosts 127.0.0.1 3dns-3.adobe.com
hosts 127.0.0.1 3dns-2.adobe.com
hosts 127.0.0.1 adobe-dns.adobe.com
hosts 127.0.0.1 adobe-dns-2.adobe.com
hosts 127.0.0.1 adobe-dns-3.adobe.com
hosts 127.0.0.1 ereg.wip3.adobe.com
hosts 127.0.0.1 activate-sea.adobe.com
hosts 127.0.0.1 wwis-dubc1-vip60.adobe.com
hosts 127.0.0.1 activate-sjc0.adobe.com
hosts 127.0.0.1 hl2rcv.adobe.com
scanner sequence 3.ZZ.11.WVAPEZ
 ----- EOF -----
 

Link to post
Share on other sites

mbam-log

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.10.06.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Panagiwtis :: PANAGIWTIS-PC [administrator]

7/10/2013 10:50:00 μμ
mbam-log-2013-10-07 (22-50-00).txt

Scan type: Custom scan (C:\Users\Panagiwtis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\79SLSL0O|C:\Users\Panagiwtis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I5ARB3C5|C:\Users\Panagiwtis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U71ZSJ41|C:\Users\Panagiwtis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UH9B03WH|C:\Users\Panagiwtis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini|C:\Users\Panagiwtis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat|)
Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P
Objects scanned: 6
Time elapsed: 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.