Demonoid
Posts: 15 +0
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015 01
Ran by Demonoid (administrator) on NONAME-PC (27-09-2015 23:20:07)
Running from H:\Downloads
Loaded Profiles: Demonoid (Available Profiles: Demonoid)
Platform: Windows 7 Ultimate (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Dropbox, Inc.) C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Users\Demonoid\AppData\Local\Temp\5.3.0.1884\5.3.0.1884\Viber.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-20] (NVIDIA Corporation)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-05] (COMODO)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-06-30] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-09-27] (AVAST Software)
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22035560 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2015-03-20] (BitTorrent, Inc.)
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\Run: [Dropbox Update] => C:\Users\Demonoid\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\Run: [Viber] => C:\Users\Demonoid\AppData\Local\Temp\5.3.0.1884\5.3.0.1884\Viber.exe [51512528 2015-09-21] () <===== ATTENTION
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\system32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\Run: [tsiVideo] => C:\Windows\SysWOW64\rundll32.exe C:\Users\Demonoid\AppData\Local\Temp\mdi164.dll,dalmat <===== ATTENTION
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\MountPoints2: {153cd78b-103a-11e5-b7bb-d05099496f26} - D:\Lenovo_Suite.exe
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\MountPoints2: {76fbb827-4dbf-11e5-9f77-d05099496f26} - D:\Lenovo_Suite.exe
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\MountPoints2: {c63553b5-52db-11e4-bfcd-d050992e5fa1} - I:\LGAutoRun.exe
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-27] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2015-09-27]
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
Startup: C:\Users\Demonoid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-10-05]
ShortcutTarget: Dropbox.lnk -> C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2CFA938E-9A76-4C29-A7BC-C89F8A6E15BF}: [DhcpNameServer] 195.134.100.90 192.168.1.1
Tcpip\..\Interfaces\{FF59E871-227B-4AE1-97A6-8ED54A96D063}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/el-gr/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-27] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-27] (AVAST Software)
BHO-x32: yourprofitclub -> {97eda6ce-6ce9-4cc6-9e74-74930c276ab2} -> C:\Windows\SysWow64\c57f5c42.dll No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-12-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Demonoid\AppData\Roaming\Mozilla\Firefox\Profiles\04lbq59k.default
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @QVision/NetDVR_V3 -> C:\Program Files\QVision\V3\npnetdvrV3.dll [2012-12-05] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-27]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://granmafepa.blogspot.com/","hxxp://www.efepa.gr/","hxxp://www.search.ask.com/?tpid=ATU4-V7C&o=APN11391&pf=V7&trgb=CR&p2=%5EBAY%5Eaaa024%5EYY%5EGR&gct=hp&apn_ptnrs=%5EBAY&apn_dtid=%5Eaaa024%5EYY%5EGR&apn_dbr=cr_33.0.1750.154&apn_uid=D4B61B2E-D67B-4EC8-AE22-90C630308D4C&itbv=12.10.3.4594&doi=2014-03-23&psv=","hxxp://www.sweet-page.com/?type=hp&ts=1429035518&from=cor&uid=KINGSTONXSH103S3240G_50026B724508152A"
CHR NewTab: Default -> "chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR Profile: C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Διαφάνειες Google) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-05]
CHR Extension: (Έγγραφα Google) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-05]
CHR Extension: (Google Drive ) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-05]
CHR Extension: (Σβήνετε τα φώτα) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-10-06]
CHR Extension: (YouTube) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-05]
CHR Extension: (Αναζήτηση Google) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-05]
CHR Extension: (Υπολογιστικά φύλλα Google) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-05]
CHR Extension: (Έγγραφα Google εκτός σύνδεσης) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06]
CHR Extension: (AdBlock) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-06]
CHR Extension: (YouRepeat) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\idpjonelgkpmoamjkigojeifadlhlbna [2014-10-06]
CHR Extension: (Speed Dial 2) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2014-10-06]
CHR Extension: (Abstract Design) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\meaefhihbildlibbognaonkdhakohilk [2014-10-06]
CHR Extension: (Πληρωμές στο Chrome Web Store) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-05]
CHR Extension: (Gmail) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-27]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"BFE" => service could not be unlocked. <===== ATTENTION
U2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-27] (AVAST Software)
U3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4048280 2015-09-27] (Avast Software)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70848 2015-08-13] (Comodo Security Solutions, Inc.)
U2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-03] (COMODO)
U3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-05] (COMODO)
U2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-06-30] (Comodo Security Solutions, Inc.)
U2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
U2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
U2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] ()
U3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
U2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
U2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [84816 2014-01-27] (Asmedia Technology)
U2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-27] (AVAST Software)
U2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-27] (AVAST Software)
U1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-27] (AVAST Software)
U0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-27] (AVAST Software)
U1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-09-27] (AVAST Software)
U1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-09-27] (AVAST Software)
U2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-27] (AVAST Software)
U0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-27] (AVAST Software)
U1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21184 2015-08-05] (COMODO)
U1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [806032 2015-08-05] (COMODO)
U1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45856 2015-08-05] (COMODO)
U3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [488216 2014-02-04] (Intel Corporation)
U3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
U3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
U3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
U3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
U1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105096 2015-08-05] (COMODO)
U3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] ()
U3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
U0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [132656 2015-09-27] (AVAST Software)
U3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
U2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [274336 2015-09-27] (Avast Software)
U5 BFE; <===== ATTENTION: Locked Service
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-27 23:19 - 2015-09-27 23:20 - 00000000 ___HD C:\VTRoot
2015-09-27 23:19 - 2015-09-27 23:20 - 00000000 ____D C:\FRST
2015-09-27 23:19 - 2015-09-27 23:19 - 00003494 _____ C:\Windows\system32\Drivers\fvstore.dat
2015-09-27 23:17 - 2015-09-27 23:17 - 01049880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-09-27 23:17 - 2015-09-27 23:17 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-09-27 23:17 - 2015-09-27 23:17 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-09-27 23:17 - 2015-09-27 23:17 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-09-27 23:17 - 2015-09-27 23:17 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-09-27 23:17 - 2015-09-27 23:17 - 00132656 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-09-27 23:17 - 2015-09-27 23:17 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-09-27 23:17 - 2015-09-27 23:17 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-09-27 23:17 - 2015-09-27 23:17 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-09-27 23:17 - 2015-09-27 23:17 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-09-27 23:17 - 2015-09-27 23:17 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-09-27 23:17 - 2015-09-27 23:17 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-09-27 23:17 - 2015-09-27 23:17 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-09-27 23:17 - 2015-09-27 23:17 - 00000000 ____D C:\Windows\system32\vbox
2015-09-27 23:17 - 2015-09-27 23:17 - 00000000 ____D C:\Users\Demonoid\AppData\Roaming\AVAST Software
2015-09-27 23:17 - 2015-09-27 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-09-27 23:17 - 2015-09-27 23:17 - 00000000 ____D C:\Program Files\AVAST Software
2015-09-27 23:16 - 2015-09-27 23:16 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\pkmtldkx.sys
2015-09-27 23:16 - 2015-09-27 23:16 - 00000000 ____D C:\ProgramData\AVAST Software
2015-09-27 23:14 - 2015-09-27 23:14 - 00000000 ____D C:\Windows\system32\appmgmt
2015-09-27 23:14 - 2015-09-27 23:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo Security Solutions Inc
2015-09-27 23:05 - 2015-09-27 23:15 - 00159008 _____ C:\Windows\system32\Drivers\sfi.dat
2015-09-27 23:05 - 2015-09-27 23:05 - 00000000 ____D C:\Windows\System32\Tasks\COMODO
2015-09-27 23:03 - 2015-09-27 23:03 - 00000000 ____D C:\ProgramData\Shared Space
2015-09-27 23:02 - 2015-09-27 23:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-09-27 23:02 - 2015-09-27 23:14 - 00000000 ____D C:\Program Files\COMODO
2015-09-27 23:02 - 2015-09-27 23:02 - 00000000 ____D C:\Users\Demonoid\AppData\Local\Comodo
2015-09-27 23:01 - 2015-09-27 23:05 - 00000000 ____D C:\ProgramData\Comodo
2015-09-27 22:47 - 2015-09-27 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jodix
2015-09-27 22:47 - 2015-09-27 22:47 - 00000000 ____D C:\Program Files (x86)\Free WMA to MP3 Converter
2015-09-27 21:54 - 2015-09-27 21:54 - 00003182 _____ C:\Windows\System32\Tasks\{E4A114CA-CE79-44F5-A3AD-AE95CC27C436}
2015-09-27 21:54 - 2015-09-27 21:54 - 00003150 _____ C:\Windows\System32\Tasks\{2CEB6F29-6990-49DB-B939-6F866FC91F98}
2015-09-26 21:10 - 2015-09-26 21:10 - 00000000 ____D C:\Users\Demonoid\AppData\Local\Viber
2015-09-26 21:10 - 2015-09-26 21:10 - 00000000 ____D C:\Users\Demonoid\.ViberPC
2015-09-26 21:10 - 2015-09-26 21:10 - 00000000 ____D C:\Users\Demonoid\.QtWebEngineProcess
2015-09-11 20:35 - 2015-09-11 20:35 - 00000000 ____D C:\Users\Demonoid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-09-05 00:36 - 2015-09-05 00:36 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-09-04 05:22 - 2015-09-04 05:22 - 00000000 ____D C:\Users\Demonoid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-03 12:52 - 2015-09-03 12:52 - 00579408 _____ (COMODO) C:\Windows\system32\guard64.dll
2015-09-03 12:52 - 2015-09-03 12:52 - 00445472 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-27 23:20 - 2014-10-05 22:22 - 00000000 ____D C:\Users\Demonoid\AppData\Roaming\uTorrent
2015-09-27 23:18 - 2014-10-05 22:29 - 00000000 ____D C:\Windows\AutoKMS
2015-09-27 23:11 - 2014-10-05 22:29 - 00000000 ____D C:\Users\Demonoid\AppData\Roaming\Skype
2015-09-27 23:04 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\NDF
2015-09-27 23:03 - 2014-10-05 19:51 - 02061676 _____ C:\Windows\WindowsUpdate.log
2015-09-27 23:00 - 2014-10-05 20:16 - 00001184 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-27 22:40 - 2014-10-05 22:29 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS
2015-09-27 22:40 - 2014-10-05 22:29 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job
2015-09-27 22:40 - 2009-07-14 07:45 - 00013120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-27 22:40 - 2009-07-14 07:45 - 00013120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-27 22:36 - 2014-10-05 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-09-27 22:36 - 2014-10-05 22:36 - 00000000 ____D C:\ProgramData\Sony
2015-09-27 22:36 - 2014-10-05 22:36 - 00000000 ____D C:\Program Files (x86)\Sony
2015-09-27 22:35 - 2015-06-22 07:24 - 00000930 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1776458337-3485265842-733792251-1000UA.job
2015-09-27 21:45 - 2014-10-08 00:01 - 00000000 ____D C:\Users\Demonoid\AppData\Roaming\vlc
2015-09-27 17:46 - 2015-08-22 20:15 - 00000000 ____D C:\Users\Demonoid\AppData\Roaming\ViberPC
2015-09-27 14:00 - 2014-10-05 20:16 - 00001180 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-27 09:56 - 2009-07-14 07:51 - 00119598 _____ C:\Windows\setupact.log
2015-09-27 01:35 - 2015-06-22 07:24 - 00000878 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1776458337-3485265842-733792251-1000Core.job
2015-09-26 21:10 - 2014-10-05 19:49 - 00000000 ____D C:\Users\Demonoid
2015-09-26 18:53 - 2015-02-25 18:21 - 00000000 ____D C:\Users\Demonoid\AppData\Local\Popcorn-Time
2015-09-22 20:58 - 2014-10-05 20:49 - 00716828 _____ C:\Windows\system32\perfh019.dat
2015-09-22 20:58 - 2014-10-05 20:49 - 00150632 _____ C:\Windows\system32\perfc019.dat
2015-09-22 20:58 - 2014-10-05 20:47 - 00607346 _____ C:\Windows\system32\perfh008.dat
2015-09-22 20:58 - 2014-10-05 20:47 - 00111044 _____ C:\Windows\system32\perfc008.dat
2015-09-22 20:58 - 2009-07-14 08:13 - 02359084 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-22 20:56 - 2014-10-05 22:23 - 00000000 ____D C:\ProgramData\MCShield
2015-09-22 09:32 - 2014-12-11 22:34 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-09-22 09:32 - 2014-10-05 22:09 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-09-21 22:40 - 2015-06-05 01:40 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-21 22:40 - 2014-10-05 22:13 - 00000000 ____D C:\Users\Demonoid\AppData\Roaming\Dropbox
2015-09-21 22:40 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-17 13:55 - 2014-10-05 20:16 - 00004180 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-17 13:55 - 2014-10-05 20:16 - 00003928 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-17 13:46 - 2014-10-05 20:20 - 00021336 _____ C:\Windows\PFRO.log
2015-09-13 10:17 - 2009-07-14 10:45 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-09-13 06:19 - 2015-08-22 20:16 - 00000000 ____D C:\Users\Demonoid\AppData\Roaming\NVIDIA
2015-09-11 20:35 - 2015-02-25 18:21 - 00000000 ____D C:\Users\Demonoid\AppData\Local\Popcorn Time
2015-09-10 13:51 - 2014-10-05 20:16 - 00000000 ____D C:\Users\Demonoid\AppData\Local\Google
2015-09-10 03:03 - 2014-12-12 22:02 - 00000000 ____D C:\Windows\system32\MRT
2015-09-01 17:55 - 2015-08-22 20:15 - 00001000 _____ C:\Users\Demonoid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk
==================== Files in the root of some directories =======
2014-10-22 16:40 - 2013-11-18 13:45 - 23215192 ____R (PremiumSoft CyberTech Ltd.) C:\Program Files\Navicat_11.0.7_EN_Portable.exe
2014-10-16 02:24 - 2014-10-16 02:24 - 0001456 _____ () C:\Users\Demonoid\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-10-07 21:12 - 2014-10-07 21:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\Demonoid\AppData\Local\Temp\5.3.0.1884\5.3.0.1884\Viber.exe
Some files in TEMP:
====================
C:\Users\Demonoid\AppData\Local\Temp\arctic-loop.exe
C:\Users\Demonoid\AppData\Local\Temp\atcMedia9711434172662.exe
C:\Users\Demonoid\AppData\Local\Temp\ChangeIcon.exe
C:\Users\Demonoid\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprvaso2.dll
C:\Users\Demonoid\AppData\Local\Temp\mdi064.dll
C:\Users\Demonoid\AppData\Local\Temp\mdi164.dll
C:\Users\Demonoid\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Demonoid\AppData\Local\Temp\npp.6.7.5.Installer.exe
C:\Users\Demonoid\AppData\Local\Temp\update.exe
C:\Users\Demonoid\AppData\Local\Temp\vlc-2.2.1-win32.exe
C:\Users\Demonoid\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-21 00:19
==================== End of FRST.txt ============================
Ran by Demonoid (administrator) on NONAME-PC (27-09-2015 23:20:07)
Running from H:\Downloads
Loaded Profiles: Demonoid (Available Profiles: Demonoid)
Platform: Windows 7 Ultimate (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Dropbox, Inc.) C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Users\Demonoid\AppData\Local\Temp\5.3.0.1884\5.3.0.1884\Viber.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-20] (NVIDIA Corporation)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-05] (COMODO)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-06-30] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-09-27] (AVAST Software)
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22035560 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2015-03-20] (BitTorrent, Inc.)
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\Run: [Dropbox Update] => C:\Users\Demonoid\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\Run: [Viber] => C:\Users\Demonoid\AppData\Local\Temp\5.3.0.1884\5.3.0.1884\Viber.exe [51512528 2015-09-21] () <===== ATTENTION
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\system32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\Run: [tsiVideo] => C:\Windows\SysWOW64\rundll32.exe C:\Users\Demonoid\AppData\Local\Temp\mdi164.dll,dalmat <===== ATTENTION
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\MountPoints2: {153cd78b-103a-11e5-b7bb-d05099496f26} - D:\Lenovo_Suite.exe
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\MountPoints2: {76fbb827-4dbf-11e5-9f77-d05099496f26} - D:\Lenovo_Suite.exe
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\...\MountPoints2: {c63553b5-52db-11e4-bfcd-d050992e5fa1} - I:\LGAutoRun.exe
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-27] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2015-09-27]
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
Startup: C:\Users\Demonoid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-10-05]
ShortcutTarget: Dropbox.lnk -> C:\Users\Demonoid\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2CFA938E-9A76-4C29-A7BC-C89F8A6E15BF}: [DhcpNameServer] 195.134.100.90 192.168.1.1
Tcpip\..\Interfaces\{FF59E871-227B-4AE1-97A6-8ED54A96D063}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1776458337-3485265842-733792251-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/el-gr/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-27] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-27] (AVAST Software)
BHO-x32: yourprofitclub -> {97eda6ce-6ce9-4cc6-9e74-74930c276ab2} -> C:\Windows\SysWow64\c57f5c42.dll No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-12-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Demonoid\AppData\Roaming\Mozilla\Firefox\Profiles\04lbq59k.default
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @QVision/NetDVR_V3 -> C:\Program Files\QVision\V3\npnetdvrV3.dll [2012-12-05] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-27]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://granmafepa.blogspot.com/","hxxp://www.efepa.gr/","hxxp://www.search.ask.com/?tpid=ATU4-V7C&o=APN11391&pf=V7&trgb=CR&p2=%5EBAY%5Eaaa024%5EYY%5EGR&gct=hp&apn_ptnrs=%5EBAY&apn_dtid=%5Eaaa024%5EYY%5EGR&apn_dbr=cr_33.0.1750.154&apn_uid=D4B61B2E-D67B-4EC8-AE22-90C630308D4C&itbv=12.10.3.4594&doi=2014-03-23&psv=","hxxp://www.sweet-page.com/?type=hp&ts=1429035518&from=cor&uid=KINGSTONXSH103S3240G_50026B724508152A"
CHR NewTab: Default -> "chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR Profile: C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Διαφάνειες Google) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-05]
CHR Extension: (Έγγραφα Google) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-05]
CHR Extension: (Google Drive ) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-05]
CHR Extension: (Σβήνετε τα φώτα) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-10-06]
CHR Extension: (YouTube) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-05]
CHR Extension: (Αναζήτηση Google) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-05]
CHR Extension: (Υπολογιστικά φύλλα Google) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-05]
CHR Extension: (Έγγραφα Google εκτός σύνδεσης) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06]
CHR Extension: (AdBlock) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-06]
CHR Extension: (YouRepeat) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\idpjonelgkpmoamjkigojeifadlhlbna [2014-10-06]
CHR Extension: (Speed Dial 2) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2014-10-06]
CHR Extension: (Abstract Design) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\meaefhihbildlibbognaonkdhakohilk [2014-10-06]
CHR Extension: (Πληρωμές στο Chrome Web Store) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-05]
CHR Extension: (Gmail) - C:\Users\Demonoid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-27]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"BFE" => service could not be unlocked. <===== ATTENTION
U2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-27] (AVAST Software)
U3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4048280 2015-09-27] (Avast Software)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70848 2015-08-13] (Comodo Security Solutions, Inc.)
U2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-03] (COMODO)
U3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-05] (COMODO)
U2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-06-30] (Comodo Security Solutions, Inc.)
U2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
U2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
U2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] ()
U3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
U2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
U2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [84816 2014-01-27] (Asmedia Technology)
U2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-27] (AVAST Software)
U2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-27] (AVAST Software)
U1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-27] (AVAST Software)
U0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-27] (AVAST Software)
U1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-09-27] (AVAST Software)
U1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-09-27] (AVAST Software)
U2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-27] (AVAST Software)
U0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-27] (AVAST Software)
U1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21184 2015-08-05] (COMODO)
U1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [806032 2015-08-05] (COMODO)
U1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45856 2015-08-05] (COMODO)
U3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [488216 2014-02-04] (Intel Corporation)
U3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
U3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
U3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
U3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
U1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105096 2015-08-05] (COMODO)
U3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] ()
U3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
U0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [132656 2015-09-27] (AVAST Software)
U3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
U2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [274336 2015-09-27] (Avast Software)
U5 BFE; <===== ATTENTION: Locked Service
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-27 23:19 - 2015-09-27 23:20 - 00000000 ___HD C:\VTRoot
2015-09-27 23:19 - 2015-09-27 23:20 - 00000000 ____D C:\FRST
2015-09-27 23:19 - 2015-09-27 23:19 - 00003494 _____ C:\Windows\system32\Drivers\fvstore.dat
2015-09-27 23:17 - 2015-09-27 23:17 - 01049880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-09-27 23:17 - 2015-09-27 23:17 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-09-27 23:17 - 2015-09-27 23:17 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-09-27 23:17 - 2015-09-27 23:17 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-09-27 23:17 - 2015-09-27 23:17 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-09-27 23:17 - 2015-09-27 23:17 - 00132656 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-09-27 23:17 - 2015-09-27 23:17 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-09-27 23:17 - 2015-09-27 23:17 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-09-27 23:17 - 2015-09-27 23:17 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-09-27 23:17 - 2015-09-27 23:17 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-09-27 23:17 - 2015-09-27 23:17 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-09-27 23:17 - 2015-09-27 23:17 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-09-27 23:17 - 2015-09-27 23:17 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-09-27 23:17 - 2015-09-27 23:17 - 00000000 ____D C:\Windows\system32\vbox
2015-09-27 23:17 - 2015-09-27 23:17 - 00000000 ____D C:\Users\Demonoid\AppData\Roaming\AVAST Software
2015-09-27 23:17 - 2015-09-27 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-09-27 23:17 - 2015-09-27 23:17 - 00000000 ____D C:\Program Files\AVAST Software
2015-09-27 23:16 - 2015-09-27 23:16 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\pkmtldkx.sys
2015-09-27 23:16 - 2015-09-27 23:16 - 00000000 ____D C:\ProgramData\AVAST Software
2015-09-27 23:14 - 2015-09-27 23:14 - 00000000 ____D C:\Windows\system32\appmgmt
2015-09-27 23:14 - 2015-09-27 23:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo Security Solutions Inc
2015-09-27 23:05 - 2015-09-27 23:15 - 00159008 _____ C:\Windows\system32\Drivers\sfi.dat
2015-09-27 23:05 - 2015-09-27 23:05 - 00000000 ____D C:\Windows\System32\Tasks\COMODO
2015-09-27 23:03 - 2015-09-27 23:03 - 00000000 ____D C:\ProgramData\Shared Space
2015-09-27 23:02 - 2015-09-27 23:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-09-27 23:02 - 2015-09-27 23:14 - 00000000 ____D C:\Program Files\COMODO
2015-09-27 23:02 - 2015-09-27 23:02 - 00000000 ____D C:\Users\Demonoid\AppData\Local\Comodo
2015-09-27 23:01 - 2015-09-27 23:05 - 00000000 ____D C:\ProgramData\Comodo
2015-09-27 22:47 - 2015-09-27 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jodix
2015-09-27 22:47 - 2015-09-27 22:47 - 00000000 ____D C:\Program Files (x86)\Free WMA to MP3 Converter
2015-09-27 21:54 - 2015-09-27 21:54 - 00003182 _____ C:\Windows\System32\Tasks\{E4A114CA-CE79-44F5-A3AD-AE95CC27C436}
2015-09-27 21:54 - 2015-09-27 21:54 - 00003150 _____ C:\Windows\System32\Tasks\{2CEB6F29-6990-49DB-B939-6F866FC91F98}
2015-09-26 21:10 - 2015-09-26 21:10 - 00000000 ____D C:\Users\Demonoid\AppData\Local\Viber
2015-09-26 21:10 - 2015-09-26 21:10 - 00000000 ____D C:\Users\Demonoid\.ViberPC
2015-09-26 21:10 - 2015-09-26 21:10 - 00000000 ____D C:\Users\Demonoid\.QtWebEngineProcess
2015-09-11 20:35 - 2015-09-11 20:35 - 00000000 ____D C:\Users\Demonoid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-09-05 00:36 - 2015-09-05 00:36 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-09-04 05:22 - 2015-09-04 05:22 - 00000000 ____D C:\Users\Demonoid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-03 12:52 - 2015-09-03 12:52 - 00579408 _____ (COMODO) C:\Windows\system32\guard64.dll
2015-09-03 12:52 - 2015-09-03 12:52 - 00445472 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-27 23:20 - 2014-10-05 22:22 - 00000000 ____D C:\Users\Demonoid\AppData\Roaming\uTorrent
2015-09-27 23:18 - 2014-10-05 22:29 - 00000000 ____D C:\Windows\AutoKMS
2015-09-27 23:11 - 2014-10-05 22:29 - 00000000 ____D C:\Users\Demonoid\AppData\Roaming\Skype
2015-09-27 23:04 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\NDF
2015-09-27 23:03 - 2014-10-05 19:51 - 02061676 _____ C:\Windows\WindowsUpdate.log
2015-09-27 23:00 - 2014-10-05 20:16 - 00001184 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-27 22:40 - 2014-10-05 22:29 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS
2015-09-27 22:40 - 2014-10-05 22:29 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job
2015-09-27 22:40 - 2009-07-14 07:45 - 00013120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-27 22:40 - 2009-07-14 07:45 - 00013120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-27 22:36 - 2014-10-05 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-09-27 22:36 - 2014-10-05 22:36 - 00000000 ____D C:\ProgramData\Sony
2015-09-27 22:36 - 2014-10-05 22:36 - 00000000 ____D C:\Program Files (x86)\Sony
2015-09-27 22:35 - 2015-06-22 07:24 - 00000930 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1776458337-3485265842-733792251-1000UA.job
2015-09-27 21:45 - 2014-10-08 00:01 - 00000000 ____D C:\Users\Demonoid\AppData\Roaming\vlc
2015-09-27 17:46 - 2015-08-22 20:15 - 00000000 ____D C:\Users\Demonoid\AppData\Roaming\ViberPC
2015-09-27 14:00 - 2014-10-05 20:16 - 00001180 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-27 09:56 - 2009-07-14 07:51 - 00119598 _____ C:\Windows\setupact.log
2015-09-27 01:35 - 2015-06-22 07:24 - 00000878 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1776458337-3485265842-733792251-1000Core.job
2015-09-26 21:10 - 2014-10-05 19:49 - 00000000 ____D C:\Users\Demonoid
2015-09-26 18:53 - 2015-02-25 18:21 - 00000000 ____D C:\Users\Demonoid\AppData\Local\Popcorn-Time
2015-09-22 20:58 - 2014-10-05 20:49 - 00716828 _____ C:\Windows\system32\perfh019.dat
2015-09-22 20:58 - 2014-10-05 20:49 - 00150632 _____ C:\Windows\system32\perfc019.dat
2015-09-22 20:58 - 2014-10-05 20:47 - 00607346 _____ C:\Windows\system32\perfh008.dat
2015-09-22 20:58 - 2014-10-05 20:47 - 00111044 _____ C:\Windows\system32\perfc008.dat
2015-09-22 20:58 - 2009-07-14 08:13 - 02359084 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-22 20:56 - 2014-10-05 22:23 - 00000000 ____D C:\ProgramData\MCShield
2015-09-22 09:32 - 2014-12-11 22:34 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-09-22 09:32 - 2014-10-05 22:09 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-09-21 22:40 - 2015-06-05 01:40 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-21 22:40 - 2014-10-05 22:13 - 00000000 ____D C:\Users\Demonoid\AppData\Roaming\Dropbox
2015-09-21 22:40 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-17 13:55 - 2014-10-05 20:16 - 00004180 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-17 13:55 - 2014-10-05 20:16 - 00003928 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-17 13:46 - 2014-10-05 20:20 - 00021336 _____ C:\Windows\PFRO.log
2015-09-13 10:17 - 2009-07-14 10:45 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-09-13 06:19 - 2015-08-22 20:16 - 00000000 ____D C:\Users\Demonoid\AppData\Roaming\NVIDIA
2015-09-11 20:35 - 2015-02-25 18:21 - 00000000 ____D C:\Users\Demonoid\AppData\Local\Popcorn Time
2015-09-10 13:51 - 2014-10-05 20:16 - 00000000 ____D C:\Users\Demonoid\AppData\Local\Google
2015-09-10 03:03 - 2014-12-12 22:02 - 00000000 ____D C:\Windows\system32\MRT
2015-09-01 17:55 - 2015-08-22 20:15 - 00001000 _____ C:\Users\Demonoid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk
==================== Files in the root of some directories =======
2014-10-22 16:40 - 2013-11-18 13:45 - 23215192 ____R (PremiumSoft CyberTech Ltd.) C:\Program Files\Navicat_11.0.7_EN_Portable.exe
2014-10-16 02:24 - 2014-10-16 02:24 - 0001456 _____ () C:\Users\Demonoid\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-10-07 21:12 - 2014-10-07 21:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\Demonoid\AppData\Local\Temp\5.3.0.1884\5.3.0.1884\Viber.exe
Some files in TEMP:
====================
C:\Users\Demonoid\AppData\Local\Temp\arctic-loop.exe
C:\Users\Demonoid\AppData\Local\Temp\atcMedia9711434172662.exe
C:\Users\Demonoid\AppData\Local\Temp\ChangeIcon.exe
C:\Users\Demonoid\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprvaso2.dll
C:\Users\Demonoid\AppData\Local\Temp\mdi064.dll
C:\Users\Demonoid\AppData\Local\Temp\mdi164.dll
C:\Users\Demonoid\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Demonoid\AppData\Local\Temp\npp.6.7.5.Installer.exe
C:\Users\Demonoid\AppData\Local\Temp\update.exe
C:\Users\Demonoid\AppData\Local\Temp\vlc-2.2.1-win32.exe
C:\Users\Demonoid\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-21 00:19
==================== End of FRST.txt ============================