Internet lags, is it a virus?

**Vladimir** · **Vladimir** on 11th April 2010, 7:37 pm

My Internet lags, can you help me to see to it if it is a virus causing the problem?

**Belahzur** · **Belahzur** on 11th April 2010, 10:42 pm

Download OTL by OldTimer to your Desktop.

Close all windows and double click OTL.exe
Click Run Scan and let the program run uninterrupted
It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
You may need to use two posts to get it all.

**Vladimir** · **Vladimir** on 13th April 2010, 1:18 am

I used a malware program and removed one trojan, I think that it is fixed, but to make sure I will be back shortly when I will have a lil bit more time.

Thanks

**Vladimir** · **Vladimir** on 13th April 2010, 3:51 pm

OTL logfile created on: 13/4/2010 6:44:34 μμ - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\User\Επιφάνεια εργασίας
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000408 | Country: Ελλάδα | Language: ELL | Date Format: d/M/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 80,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 48,65 Gb Free Space | 32,64% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 121,07 Gb Free Space | 81,23% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 642,26 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HP11546321382
Current User Name: User
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/04/13 18:43:44 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Επιφάνεια εργασίας\OTL.exe
PRC - [2010/04/04 23:37:17 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/03/30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2009/10/30 14:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009/06/05 16:22:08 | 000,574,720 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2010\ApVxdWin.exe
PRC - [2009/06/01 13:26:26 | 000,173,312 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2010\PsCtrlS.exe
PRC - [2009/05/28 12:12:04 | 000,196,864 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2010\AVENGINE.EXE
PRC - [2009/05/28 12:11:40 | 000,290,048 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2010\PAVSRV51.EXE
PRC - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/04/28 09:21:38 | 000,169,216 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2010\PavFnSvr.exe
PRC - [2009/04/23 12:31:16 | 000,107,776 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2010\WebProxy.exe
PRC - [2009/04/21 09:12:52 | 000,111,872 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2010\PavBckPT.exe
PRC - [2009/04/17 10:17:24 | 000,157,440 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2010\TPSrv.exe
PRC - [2009/04/08 10:56:24 | 000,226,560 | ---- | M] (Panda Security International) -- c:\Program Files\Panda Security\Panda Global Protection 2010\FIREWALL\PSHost.exe
PRC - [2009/02/23 20:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files\MagicDisc\MagicDisc.exe
PRC - [2008/07/02 16:16:16 | 000,397,312 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
PRC - [2008/06/27 13:23:00 | 000,091,392 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2010\SrvLoad.exe
PRC - [2008/06/25 15:43:08 | 000,028,928 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2010\psksvc.exe
PRC - [2008/06/19 12:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2010\PsImSvc.exe
PRC - [2008/04/14 19:30:35 | 001,038,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/04 17:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Common Files\Panda Security\PavShld\PavPrSrv.exe
PRC - [2007/12/21 22:52:56 | 000,405,504 | ---- | M] (www.tortoisesvn.org) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2007/08/07 11:59:50 | 000,540,184 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
PRC - [2007/08/07 11:59:48 | 000,331,288 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsty.exe
PRC - [2007/03/28 01:07:42 | 000,593,920 | R--- | M] () -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
PRC - [2007/02/28 10:55:18 | 000,880,640 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2007/02/09 17:03:38 | 000,983,040 | R--- | M] (Teleca AB) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2006/10/06 20:35:21 | 000,049,152 | ---- | M] (infolearn) -- C:\WINDOWS\system32\infolearnasrv.exe
PRC - [2006/09/10 22:56:24 | 000,218,032 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2006/07/22 01:46:54 | 000,167,936 | ---- | M] (FarStone Technology Inc.) -- C:\Program Files\FarStone\GameDrive\GDP\gdtask.exe
PRC - [2005/11/16 11:00:00 | 000,122,880 | ---- | M] (WinZip Computing LP) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2003/09/01 14:42:50 | 000,176,128 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
PRC - [2003/08/29 02:22:30 | 000,131,072 | ---- | M] (InterVideo Inc.) -- C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
PRC - [2003/06/25 12:24:48 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe
PRC - [2003/05/21 19:37:08 | 000,229,437 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

========== Modules (SafeList) ==========

MOD - [2010/04/13 18:43:44 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Επιφάνεια εργασίας\OTL.exe
MOD - [2009/03/30 18:22:58 | 000,518,400 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\PavSHook.dll
MOD - [2009/03/18 19:18:48 | 000,095,488 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Global Protection 2010\PavOEpl.dll
MOD - [2008/01/26 23:33:02 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dll
MOD - [2008/01/26 23:33:02 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll
MOD - [2007/02/08 10:53:40 | 000,107,568 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\SYSTOOLS.DLL

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (NPFMntor)
SRV - File not found [Auto | Stopped] -- -- (Automatic LiveUpdate Scheduler)
SRV - [2010/03/30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2009/08/05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/06/01 13:26:26 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Global Protection 2010\PsCtrls.exe -- (Panda Software Controller)
SRV - [2009/05/28 12:11:40 | 000,290,048 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Global Protection 2010\pavsrv51.exe -- (PAVSRV)
SRV - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/04/28 09:21:38 | 000,169,216 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Global Protection 2010\PavFnSvr.exe -- (PAVFNSVR)
SRV - [2009/04/17 10:17:24 | 000,157,440 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Global Protection 2010\TPSrv.exe -- (TPSrv)
SRV - [2009/04/08 10:56:24 | 000,226,560 | ---- | M] (Panda Security International) [Auto | Running] -- c:\program files\panda security\panda global protection 2010\firewall\PSHOST.EXE -- (PSHost)
SRV - [2008/07/02 14:09:36 | 000,060,160 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Global Protection 2010\GWMsrv.dll -- (Gwmsrv)
SRV - [2008/06/25 15:43:08 | 000,028,928 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Global Protection 2010\PskSvc.exe -- (PskSvcRetail)
SRV - [2008/06/19 12:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Global Protection 2010\PsImSvc.exe -- (PSIMSVC)
SRV - [2008/02/04 17:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe -- (PavPrSrv)
SRV - [2007/08/07 11:59:50 | 000,540,184 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2006/10/06 20:35:21 | 000,049,152 | ---- | M] (infolearn) [Auto | Running] -- C:\WINDOWS\system32\infolearnasrv.exe -- (INFOlearn_admin_srv)
SRV - [2006/07/12 07:17:14 | 000,118,784 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\FarStone\GameDrive\LiveUpdate.exe -- (LiveUpdate)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (PavTPK.sys)
DRV - File not found [Kernel | On_Demand | Running] -- -- (PavSRK.sys)
DRV - File not found [File_System | On_Demand | Running] -- -- (AvFlt)
DRV - [2010/04/13 17:06:56 | 000,013,880 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\COMFiltr.sys -- (ComFiltr)
DRV - [2009/12/01 15:30:14 | 000,078,848 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSHDRV85.sys -- (SSHDRV85)
DRV - [2009/10/28 14:23:55 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/10/27 16:26:24 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009/10/27 16:26:23 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009/09/27 17:12:22 | 007,655,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009/09/23 10:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/08/05 23:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/06/02 13:12:02 | 000,177,416 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PavProc.sys -- (PavProc)
DRV - [2009/02/24 19:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/07/11 14:58:26 | 000,158,848 | ---- | M] (Panda Security, S.L.) [TDI Layer] [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NETFLTDI.SYS -- (NETFLTDI)
DRV - [2008/07/07 10:40:49 | 000,056,108 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008/06/26 11:25:28 | 000,197,888 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\neti1634.sys -- (NETIMFLT01060034)
DRV - [2008/06/25 15:42:18 | 000,073,728 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPFLT.SYS -- (APPFLT)
DRV - [2008/06/19 17:24:30 | 000,028,544 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008/06/18 16:06:10 | 000,046,720 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\wnmflt.sys -- (WNMFLT)
DRV - [2008/06/18 16:06:04 | 000,193,792 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idsflt.sys -- (IDSFLT)
DRV - [2008/06/18 16:06:02 | 000,052,992 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dsaflt.sys -- (DSAFLT)
DRV - [2008/05/27 12:41:46 | 000,122,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdm.sys -- (s0017mdm)
DRV - [2008/05/27 12:41:46 | 000,117,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017unic.sys -- (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM)
DRV - [2008/05/27 12:41:46 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017obex.sys -- (s0017obex)
DRV - [2008/05/27 12:41:46 | 000,090,536 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017bus.sys -- (s0017bus) Sony Ericsson Device 0017 driver (WDM)
DRV - [2008/05/27 12:41:46 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV - [2008/05/27 12:41:44 | 000,115,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mgmt.sys -- (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/27 12:41:44 | 000,025,768 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017nd5.sys -- (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS)
DRV - [2008/05/16 13:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008/05/16 13:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008/05/16 13:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 13:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 13:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 13:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 13:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008/05/04 02:16:35 | 000,075,264 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSHDRV79.sys -- (SSHDRV79)
DRV - [2008/04/28 17:35:14 | 000,084,024 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\pavdrv51.sys -- (PAVDRV)
DRV - [2008/04/13 19:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/03/28 11:25:06 | 000,022,072 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fnetmon.sys -- (FNETMON)
DRV - [2008/03/04 15:59:42 | 000,041,144 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ShlDrv51.sys -- (ShldDrv)
DRV - [2008/01/14 23:12:59 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2007/06/14 19:41:58 | 004,429,312 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/06/05 18:48:58 | 005,761,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/04/12 11:19:42 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/09/18 14:59:08 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)
DRV - [2006/09/18 14:59:02 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex)
DRV - [2006/09/18 14:59:00 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)
DRV - [2006/09/18 14:58:58 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)
DRV - [2006/09/18 14:58:54 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm)
DRV - [2006/09/18 14:58:52 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl)
DRV - [2006/09/18 14:58:48 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM)
DRV - [2006/09/05 20:58:26 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58bus.sys -- (se58bus) Sony Ericsson Device 088 driver (WDM)
DRV - [2006/09/05 20:00:54 | 000,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58obex.sys -- (se58obex)
DRV - [2006/09/05 20:00:06 | 000,088,624 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58mgmt.sys -- (se58mgmt) Sony Ericsson Device 088 USB WMC Device Management Drivers (WDM)
DRV - [2006/09/05 19:59:18 | 000,097,088 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58mdm.sys -- (se58mdm)
DRV - [2006/09/05 19:59:14 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58mdfl.sys -- (se58mdfl)
DRV - [2006/09/05 19:57:54 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58nd5.sys -- (se58nd5) Sony Ericsson Device 088 USB Ethernet Emulation SEMC58 (NDIS)
DRV - [2006/09/05 19:57:48 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58unic.sys -- (se58unic) Sony Ericsson Device 088 USB Ethernet Emulation SEMC58 (WDM)
DRV - [2006/08/05 07:20:36 | 000,071,680 | ---- | M] (FarStone Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\fgxscsi.sys -- (FGXSCSI)
DRV - [2006/07/12 07:17:06 | 000,011,520 | ---- | M] (FarStone Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fgdxbus.sys -- (fgdxbus)
DRV - [2005/03/03 20:53:57 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005/02/23 18:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004/12/03 13:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004/08/04 03:29:50 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/04 03:29:48 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/04 03:29:46 | 000,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004/08/04 03:29:46 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/04 03:29:46 | 000,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004/08/04 03:29:44 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/04 03:29:44 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/04 03:29:42 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/04 03:29:42 | 000,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004/08/04 03:29:40 | 000,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004/08/04 03:29:40 | 000,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004/08/04 03:29:38 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/04 03:29:38 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/04 03:29:38 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/04 03:29:38 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2003/05/08 04:00:00 | 000,090,357 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P1130Vid.sys -- (P1130VID)
DRV - [2003/01/22 05:37:00 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002/05/09 03:44:42 | 000,105,472 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2002/04/04 08:32:06 | 000,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)
DRV - [2001/08/18 07:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/18 07:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/18 07:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/18 07:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/18 00:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 υπηρεσία εγκατάστασης προγράμματος οδήγησης συσκευής ήχου (WDM)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toggle.com/en/index.php?rvs=hompag&d=79919281
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "isoHunt Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1434207&SearchSource=3&q="
FF - prefs.js..browser.search.selectedEngine: "isoHunt Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.gr"
FF - prefs.js..extensions.enabledItems: staff@hide-my-ip.com:1.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..network.proxy.share_proxy_settings: true

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/07 14:42:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/04 23:37:23 | 000,000,000 | ---D | M]

[2009/03/06 00:53:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2009/03/06 00:53:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/04/13 02:01:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\cu6zhwsp.default\extensions
[2009/08/10 19:28:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\cu6zhwsp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/01/15 10:24:26 | 000,000,876 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\cu6zhwsp.default\searchplugins\conduit.xml
[2008/05/21 17:10:59 | 000,002,921 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\cu6zhwsp.default\searchplugins\daemon-search.xml
[2010/04/13 02:01:05 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/07 14:14:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\staff@hide-my-ip.com
[2007/08/30 00:47:44 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2008/04/17 02:09:28 | 000,249,856 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npff_gdm.dll
[2010/02/06 23:11:16 | 000,001,525 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/02/06 23:11:16 | 000,000,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/02/06 23:11:16 | 000,001,219 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-el.xml

O1 HOSTS File: ([2009/02/09 19:38:18 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APVXDWIN] C:\Program Files\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE (Panda Security, S.L.)
O4 - HKLM..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O4 - HKLM..\Run: [GameDrive] C:\Program Files\FarStone\GameDrive\GDP\GDTask.exe (FarStone Technology Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [SCANINICIO] C:\Program Files\Panda Security\Panda Global Protection 2010\Inicio.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
O4 - HKCU..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe File not found
O4 - HKCU..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Προγράμματα\Εκκίνηση\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Προγράμματα\Εκκίνηση\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing LP)
O4 - Startup: C:\Documents and Settings\User\Start Menu\Προγράμματα\Εκκίνηση\AntiSpy Protector.lnk = C:\Program Files\AntiSpyware Protector\AntiSpyProt.exe File not found
O4 - Startup: C:\Documents and Settings\User\Start Menu\Προγράμματα\Εκκίνηση\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download the ¤t page with Offline Explorer - C:\Program Files\Offline Explorer\Add_AllO.htm ()
O8 - Extra context menu item: Download using Offline &Explorer - C:\Program Files\Offline Explorer\Add_UrlO.htm ()
O9 - Extra Button: Προσθήκη στο ιστολόγιο - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Προσθήκη στο ιστολόγιο στο Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avldr: DllName - avldr.dll - C:\WINDOWS\System32\avldr.dll (Panda Security, S.L.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Τρέχουσα αρχική σελίδα) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/02/09 16:47:56 | 000,000,000 | ---- | M] () - C:\Autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2002/03/12 14:13:35 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger ) - F:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2002/03/12 14:13:36 | 000,000,044 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2002/03/12 14:13:36 | 000,000,991 | R--- | M] () - F:\autorun.ini -- [ CDFS ]
O33 - MountPoints2\{ec622361-bf6c-11dc-858c-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{ec622361-bf6c-11dc-858c-806d6172696f}\Shell\AutoRun\command - "" = F:\autorun.exe -- [2002/03/12 14:13:35 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger )
O33 - MountPoints2\{f9d52146-46b1-11de-863c-001d92227a93}\Shell - "" = AutoRun
O33 - MountPoints2\{f9d52146-46b1-11de-863c-001d92227a93}\Shell\AutoRun\command - "" = G:\start.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Documents and Settings\User\Επιφάνεια εργασίας\The lost book of Enki..
[2010/04/13 18:43:26 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Επιφάνεια εργασίας\OTL.exe
[2010/04/13 17:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\LogMeIn Hamachi
[2010/04/11 00:20:45 | 000,000,000 | ---D | C] -- C:\Program Files\TombRaiderAOD
[2010/04/11 00:15:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Επιφάνεια εργασίας\tr aod
[2010/04/09 23:48:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/04/09 23:48:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/04/09 23:48:12 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/04/09 23:48:12 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/04/09 23:48:12 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/04/07 14:14:24 | 000,266,552 | ---- | C] (My Privacy Tools, Inc.) -- C:\WINDOWS\System32\HMIPCore.dll
[2010/04/07 14:10:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Hide IP NG
[2010/03/30 18:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2010/03/29 18:44:57 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys
[2010/03/25 17:30:51 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2010/03/25 16:18:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\SmartFTP
[2010/03/25 16:18:39 | 000,000,000 | ---D | C] -- C:\Program Files\SmartFTP Client
[2010/03/25 16:18:23 | 000,000,000 | ---D | C] -- C:\Program Files\SmartFTP Client 4.0 Setup Files
[2009/07/22 17:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2008/09/16 01:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/02/02 11:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Symantec
[2008/01/26 19:27:09 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/01/12 12:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
[2008/01/10 23:41:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[20 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Documents and Settings\User\Επιφάνεια εργασίας\The lost book of Enki..
[2010/04/13 18:43:44 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Επιφάνεια εργασίας\OTL.exe
[2010/04/13 18:35:00 | 000,000,238 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/04/13 18:25:00 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
[2010/04/13 18:00:00 | 000,000,238 | -H-- | M] () -- C:\WINDOWS\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2010/04/13 17:22:48 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/04/13 17:07:04 | 000,447,324 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.rls.bck
[2010/04/13 17:07:04 | 000,447,324 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.rls
[2010/04/13 17:07:04 | 000,001,132 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG.bck
[2010/04/13 17:07:04 | 000,001,132 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG
[2010/04/13 17:07:04 | 000,000,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\IdsFlt.cfg.bck
[2010/04/13 17:07:04 | 000,000,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\IdsFlt.cfg
[2010/04/13 17:07:04 | 000,000,092 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetLoc.wlt.bck
[2010/04/13 17:07:04 | 000,000,092 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetLoc.wlt
[2010/04/13 17:07:04 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetFlt.cfg.bck
[2010/04/13 17:07:04 | 000,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetFlt.cfg
[2010/04/13 17:07:04 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\WnmFlt.cfg.bck
[2010/04/13 17:07:04 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\WnmFlt.cfg
[2010/04/13 17:07:04 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.cfg.bck
[2010/04/13 17:07:04 | 000,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.cfg
[2010/04/13 17:06:56 | 000,013,880 | ---- | M] () -- C:\WINDOWS\System32\drivers\COMFiltr.sys
[2010/04/13 17:05:35 | 000,000,136 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAdapt.cfg.bck
[2010/04/13 17:05:35 | 000,000,136 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAdapt.cfg
[2010/04/13 17:05:35 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAR.wlt.bck
[2010/04/13 17:05:35 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAR.wlt
[2010/04/13 17:05:23 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/04/13 17:04:51 | 000,002,736 | ---- | M] () -- C:\Documents and Settings\User\UpdateLog.GDZ
[2010/04/13 17:04:49 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/04/13 17:04:21 | 000,253,748 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/04/13 17:04:13 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/04/13 17:03:56 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/04/13 17:03:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/04/13 17:03:48 | 3219,312,640 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/13 17:02:20 | 010,485,760 | -H-- | M] () -- C:\Documents and Settings\User\NTUSER.DAT
[2010/04/13 04:29:07 | 003,710,062 | -H-- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\IconCache.db
[2010/04/12 21:26:08 | 000,008,627 | ---- | M] () -- C:\WINDOWS\System32\PAV_FOG.OPC
[2010/04/12 01:50:38 | 000,336,604 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT.bck
[2010/04/12 01:50:38 | 000,336,604 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT
[2010/04/06 14:11:23 | 001,175,872 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/04/06 14:11:23 | 000,554,772 | ---- | M] () -- C:\WINDOWS\System32\perfh008.dat
[2010/04/06 14:11:23 | 000,444,478 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/04/06 14:11:23 | 000,096,688 | ---- | M] () -- C:\WINDOWS\System32\perfc008.dat
[2010/04/06 14:11:23 | 000,072,354 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/31 19:31:44 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\User\ntuser.ini
[2010/03/25 17:30:56 | 000,001,715 | ---- | M] () -- C:\Documents and Settings\User\Επιφάνεια εργασίας\Play GTA Vice City.lnk
[20 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/25 17:41:38 | 000,001,715 | ---- | C] () -- C:\Documents and Settings\User\Επιφάνεια εργασίας\Play GTA Vice City.lnk
[2010/02/18 18:21:31 | 000,000,074 | ---- | C] () -- C:\WINDOWS\System32\config.ini
[2010/02/18 18:19:31 | 000,002,736 | ---- | C] () -- C:\Documents and Settings\User\UpdateLog.GDZ
[2010/02/12 15:51:55 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010/01/09 20:49:04 | 000,000,104 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2010/01/08 16:51:14 | 001,191,936 | ---- | C] () -- C:\WINDOWS\System32\VCPUD.DLL
[2009/12/01 15:30:14 | 000,078,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV85.sys
[2009/10/28 16:54:38 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV79.sys
[2009/10/15 23:19:16 | 000,013,880 | ---- | C] () -- C:\WINDOWS\System32\drivers\COMFiltr.sys
[2009/10/15 22:50:57 | 000,000,361 | ---- | C] () -- C:\WINDOWS\AvDetected.ini
[2009/09/25 19:12:03 | 000,611,640 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/08/07 19:51:34 | 000,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/04/14 20:59:34 | 000,000,820 | ---- | C] () -- C:\WINDOWS\SPIDERMAN.INI
[2009/03/02 14:14:00 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2009/03/02 14:11:05 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/03/02 14:04:47 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Qtw.ini
[2009/02/09 19:32:49 | 000,000,327 | ---- | C] () -- C:\Documents and Settings\User\catchme.log
[2009/02/09 15:06:31 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\User\ebValidationResults.txt
[2009/02/03 15:22:51 | 000,009,752 | ---- | C] () -- C:\Documents and Settings\User\Application Data\VMCP.SPF
[2009/01/28 16:29:22 | 000,000,178 | ---- | C] () -- C:\Documents and Settings\User\Application Data\sub.txt
[2008/10/09 16:11:38 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/07/27 10:01:50 | 000,185,344 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2008/07/02 01:28:49 | 000,000,174 | ---- | C] () -- C:\WINDOWS\game.ini
[2008/06/22 16:58:15 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2008/06/12 20:36:38 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/05/25 20:28:12 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008/05/21 17:03:10 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/04/12 07:41:20 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/04/12 07:30:20 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/03/20 13:24:42 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2008/03/07 13:39:12 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/03/07 13:39:12 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/03/07 13:39:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/03/07 13:39:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/03/07 13:39:12 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/03/07 13:39:12 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/02/08 18:17:21 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\User\intlname.ols
[2008/02/05 15:25:36 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2008/02/01 20:38:47 | 000,000,036 | ---- | C] () -- C:\WINDOWS\Level.ini
[2008/01/26 23:41:12 | 000,000,075 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/01/20 19:26:20 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2008/01/20 19:26:20 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2008/01/16 18:01:34 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/01/15 16:12:23 | 000,000,080 | RHS- | C] () -- C:\WINDOWS\System32\6689857412.dll
[2008/01/14 23:10:54 | 000,010,712 | ---- | C] () -- C:\WINDOWS\hpdj3600.ini
[2008/01/11 17:38:24 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008/01/11 17:38:24 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008/01/11 15:28:22 | 000,082,944 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/10 23:41:58 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4837.dll
[2008/01/10 23:32:20 | 000,000,995 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008/01/10 16:16:47 | 000,000,380 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/01/10 16:08:55 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\fusioncache.dat
[2008/01/10 16:08:53 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\User\ntuser.dat.LOG
[2008/01/10 16:08:53 | 000,000,278 | -HS- | C] () -- C:\Documents and Settings\User\ntuser.ini
[2008/01/10 16:08:52 | 010,485,760 | -H-- | C] () -- C:\Documents and Settings\User\NTUSER.DAT
[2008/01/10 14:11:59 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\ntuser.dat
[2008/01/10 14:11:59 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\ntuser.dat.LOG
[2008/01/10 13:57:08 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/02/05 20:05:26 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2006/07/12 07:17:28 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\VDExt800.dll
[2006/07/12 07:17:28 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\VDExt712.dll
[2006/07/12 07:17:24 | 000,006,398 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartCdx.sys
[2006/07/12 07:17:10 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\GDExt800.dll
[2006/07/12 07:17:10 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\GDExt712.dll
[2003/04/24 16:47:04 | 000,005,697 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE7F3C9
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51
< End of report >

**Vladimir** · **Vladimir** on 13th April 2010, 3:51 pm

OTL Extras logfile created on: 13/4/2010 6:44:34 μμ - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\User\Επιφάνεια εργασίας
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000408 | Country: Ελλάδα | Language: ELL | Date Format: d/M/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 80,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 48,65 Gb Free Space | 32,64% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 121,07 Gb Free Space | 81,23% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 642,26 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HP11546321382
Current User Name: User
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.js [@ = JSFile] -- C:\Program Files\Panda Security\Panda Global Protection 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.jse [@ = JSEFile] -- C:\Program Files\Panda Security\Panda Global Protection 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.vbe [@ = VBEFile] -- C:\Program Files\Panda Security\Panda Global Protection 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.vbs [@ = VBSFile] -- C:\Program Files\Panda Security\Panda Global Protection 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.wsf [@ = WSFFile] -- C:\Program Files\Panda Security\Panda Global Protection 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.wsh [@ = WSHFile] -- C:\Program Files\Panda Security\Panda Global Protection 2010\PAVSCRIP.EXE (Panda Security, S.L.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
jsfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAG~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
jsefile [open] -- C:\PROGRA~1\PANDAS~1\PANDAG~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- C:\PROGRA~1\PANDAS~1\PANDAG~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
vbsfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAG~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
wsffile [open] -- C:\PROGRA~1\PANDAS~1\PANDAG~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
wshfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAG~1\PAVSCRIP.EXE "%1" %* (Panda Security, S.L.)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- ()
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\TEST4U_EDU\TEST4U.exe" = C:\TEST4U_EDU\TEST4U.exe:LocalSubNet:Enabled:TEST4U -- (INFOlearn Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- ()
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- File not found
"C:\Documents and Settings\User\Επιφάνεια εργασίας\Guns 'N' Roses\uTorrent.exe" = C:\Documents and Settings\User\Επιφάνεια εργασίας\Guns 'N' Roses\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe" = C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.2 -- (Sony Creative Software Inc.)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" = C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club -- File not found
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe" = C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- File not found
"C:\Program Files\SmartFTP Client\SmartFTP.exe" = C:\Program Files\SmartFTP Client\SmartFTP.exe:*:Enabled:SmartFTP Client 4.0 -- (SmartSoft Ltd.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"(Street-Boy) All Cards Unlocker" = (Street-Boy) All Cards Unlocker
"{006A0A2F-B99E-424E-85B1-165FFE70D183}" = Windows Live Writer
"{00BE2030-4991-43DF-80ED-358431E39B7C}" = Windows Live Essentials
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}" = Medieval II Total War : Kingdoms : Crusades
"{02DFB3FD-CF52-4183-8BCA-2A127D4888F4}" = iTunes
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{14001B93-0C6F-4353-8A10-BE96EE174E17}" = Windows Live Toolbar
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Εργαλείο αποστολής του Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 19
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 4.005.00
"{31923B7D-713A-4044-B6F8-15B36BE4B60F}" = SmartFTP Client
"{350C9408-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3571656A-575D-4CED-809D-5547587121FF}" = Yu-Gi-Oh! Power of Chaos YUGI THE DESTINY
"{3D9E9EB7-B14F-4AE4-8C1F-1AD4CF3093BE}" = Microsoft .NET Framework 1.1 Greek Language Pack
"{4089999C-6CB7-4F9D-A2F6-DB158DBF91FB}" = Rome - Total War(TM)
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{51962132-EF73-4015-A69E-1538CDDFB835}" = Windows Live Mail
"{576E71DA-3000-48F6-9B21-B9A70D47DFCF}" = Star Wars JK II Jedi Outcast
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5A438E06-0BB3-4C5F-0085-B14F1F4077E6}" = FIFA 07
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{60F6070C-B776-45ED-A5EC-5F629B14FEFD}" = Panda Global Protection 2010
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{685A56F8-75B6-44AD-B3DA-FB0A3266B47C}" = Adobe Flash Player 9 ActiveX
"{75983B66-804C-40D1-BA13-64DAF652A6F1}" = Medieval II Total War : Kingdoms : Americas
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}" = Medieval II Total War : Kingdoms : Teutonic
"{7F34A21F-2DEB-4598-BB19-611D6BD24271}" = Managed DirectX (0901)
"{81A25967-DB85-4B48-A8A7-D25AC191DEE4}" = Panda Global Protection 2010
"{82DB1170-BB72-4A9C-B48B-07229C7BA8EA}" = Microsoft .NET Framework 2.0 Language Pack - ELL
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90110408-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91A5B6C0-EF4E-4830-AC7D-6761C0A9B292}" = hp deskjet 3600
"{93656878-FF8B-4935-99BB-F3F260037C57}" = Lara Croft Tomb Raider: The Angel Of Darkness
"{94F70511-C8A8-413C-AC8D-65313D8D3082}" = Windows Live Messenger
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD 4
"{9933F0EE-DFCD-4829-B979-3C56C367CB1A}" = InterVideo WinDVD Creator
"{9977BB98-D0E6-4850-A3BF-2BD8CFB9D794}" = Βοηθός εισόδου του Windows Live
"{9EB1504E-FD95-4BCD-8E93-B4039F59C469}" = Sony Ericsson Media Manager 1.2
"{9FEECBDA-8378-4874-AD65-D9E232BE2D11}" = Windows Live Sync
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com
"{B210130E-835C-4581-A695-CE10616B8B55}_is1" = Driver Sweeper 2.0.5
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = Video CD HP
"{B5B0EE08-3950-40F1-AEC1-14A2D4EC18DE}" = TortoiseSVN 1.4.6.11647 (32 bit)
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CA2084E3-C37C-41BB-805A-6163BCC587F1}" = ShaderMark v2.1
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7CB214-DB11-4B5D-A6AF-3B4ED47C68B7}" = Microsoft Game Studios Common Redistributables Pack 1
"{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}" = Medieval II Total War : Kingdoms : Britannia
"{D01653EF-9F9F-41D6-B879-654A6BF5892C}" = Βοηθός του digital locker
"{D5BB0907-4BB2-46A3-AA68-0173D111058D}" = GameDrive
"{D87B8C91-4659-4C3B-A894-A4D670AE95E2}" = Συλλογή φωτογραφιών του Windows Live
"{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4}" = Apple Mobile Device Support
"{E0828692-FD9D-459F-9312-C645C3CA6650}" = HP Photo and Imaging 2.0 - Deskjet Series
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EDFBF404-E856-4C72-8ACB-202908147532}" = Οικογενειακή ασφάλεια του Windows Live
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5223680-993A-11D4-86F6-0001031E5712}" = InterVideo Installer
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FE6397C1-CECA-4EC3-B064-42AED7676898}" = Sony Ericsson PC Suite
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2007
"ABC Amber ICL Converter" = ABC Amber ICL Converter
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Creative PC-CAM Center" = Creative PC-CAM Center
"Creative PD1130" = Creative WebCam NX Pro Driver (1.00.06.0512)
"Creative WebCam Monitor" = Creative WebCam Monitor
"Creative WebCam NX Pro User's Guide English" = Creative WebCam NX Pro User's Guide (English)
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"EasyPHP_is1" = EasyPHP 2.0b1
"EAX Unified" = EAX Unified
"GameSpotDownloadManager" = GameSpot Download Manager
"Guitar Pro 5_is1" = Guitar Pro 5.2
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"hp print screen utility" = hp print screen utility
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Indeo® software" = Indeo® Software
"indeoxp" = %DeviceDesc%
"InstallShield_{93656878-FF8B-4935-99BB-F3F260037C57}" = Lara Croft Tomb Raider: The Angel Of Darkness
"InterActual Player" = InterActual Player
"LogMeIn Hamachi" = LogMeIn Hamachi
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"MetaProducts Offline Explorer" = MetaProducts Offline Explorer
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - ELL" = Microsoft .NET Framework 2.0 Language Pack - ELL
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"PDF Complete" = PDF Complete
"PowerISO" = PowerISO
"Product Key Explorer_is1" = Product Key Explorer 2.2.1
"RealPlayer 6.0" = RealPlayer
"Resident Evil 4_is1" = Resident Evil 4 1.10
"Shockwave" = Shockwave
"SmartFTP Client 4.0 Setup Files" = SmartFTP Client 4.0 Setup Files (remove only)
"ST6UNST #1" = TEST4U EDU setup
"ST6UNST #2" = TEST4U EDU setup (c:\TEST4U_EDU\)
"SubDownloader2" = SubDownloader2
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 3" = TeamViewer 3
"The Times - Exclusive Tomb Raider Level" = The Times - Exclusive Tomb Raider Level
"Tomb Raider - The Angel of Darkness" = Tomb Raider - The Angel of Darkness
"Tomb Raider - The Last Revelation" = Tomb Raider - The Last Revelation (remove only)
"Tomb Raider II" = Tomb Raider II
"Tomb Raider III - Adventures of Lara Croft" = Tomb Raider III - Adventures of Lara Croft (remove only)
"tomb3.exe" = Tomb Raider III (Demo)
"Vidmex" = Vidmex 1.39
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 3.70 – Εφαρμογή Διαχείρισης Συμπιεσμένων Αρχείων
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xfire" = Xfire (remove only)
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"YU2010_is1" = Your Uninstaller! 2010

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"Stainless_Steel_6.0_Part1of2" = Stainless_Steel_6.0_Part1of2
"Stainless_Steel_6.0_Part2of2" = Stainless_Steel_6.0_Part2of2
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/4/2010 1:32:11 μμ | Computer Name = HP11546321382 | Source = Application Hang | ID = 1002
Description = Κρεμασμένη εφαρμογή jk2mp.exe, έκδοση 0.0.0.0, στοιχείο ελέγχου κρεμάσματος
hungapp, έκδοση 0.0.0.0, διεύθυνση κρεμάσματος 0x00000000.

Error - 5/4/2010 1:50:06 μμ | Computer Name = HP11546321382 | Source = Application Error | ID = 1000
Description = Ελαττωματική εφαρμογή jk2mp.exe, έκδοση 0.0.0.0, ελαττωματική λειτουργική
μονάδα jk2mp.exe, έκδοση 0.0.0.0, ελαττωματική διεύθυνση 0x00076368.

Error - 10/4/2010 8:01:46 πμ | Computer Name = HP11546321382 | Source = Application Error | ID = 1000
Description = Ελαττωματική εφαρμογή jk2mp.exe, έκδοση 0.0.0.0, ελαττωματική λειτουργική
μονάδα jk2mp.exe, έκδοση 0.0.0.0, ελαττωματική διεύθυνση 0x00076368.

Error - 10/4/2010 9:25:03 πμ | Computer Name = HP11546321382 | Source = Application Error | ID = 1000
Description = Ελαττωματική εφαρμογή jk2mp.exe, έκδοση 0.0.0.0, ελαττωματική λειτουργική
μονάδα jk2mp.exe, έκδοση 0.0.0.0, ελαττωματική διεύθυνση 0x00076368.

Error - 11/4/2010 1:55:03 μμ | Computer Name = HP11546321382 | Source = Application Error | ID = 1000
Description = Ελαττωματική εφαρμογή jk2mp.exe, έκδοση 0.0.0.0, ελαττωματική λειτουργική
μονάδα jk2mp.exe, έκδοση 0.0.0.0, ελαττωματική διεύθυνση 0x00076368.

Error - 11/4/2010 3:30:45 μμ | Computer Name = HP11546321382 | Source = EventSystem | ID = 4609
Description = Το σύστημα συμβάντων COM+ εντόπισε έναν εσφαλμένο κωδικό επιστροφής
κατά την εσωτερική του επεξεργασία. Το HRESULT ήταν 800706BA από τη γραμμή 44
του d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Επικοινωνήστε με
τις υπηρεσίες υποστήριξης προϊόντων της Microsoft για να αναφέρετε αυτό το σφάλμ

Error - 12/4/2010 10:44:07 πμ | Computer Name = HP11546321382 | Source = Application Hang | ID = 1002
Description = Κρεμασμένη εφαρμογή LUKernel.exe, έκδοση 15.0.0.498, στοιχείο ελέγχου
κρεμάσματος hungapp, έκδοση 0.0.0.0, διεύθυνση κρεμάσματος 0x00000000.

Error - 12/4/2010 12:42:55 μμ | Computer Name = HP11546321382 | Source = Application Error | ID = 1000
Description = Ελαττωματική εφαρμογή jk2mp.exe, έκδοση 0.0.0.0, ελαττωματική λειτουργική
μονάδα jk2mp.exe, έκδοση 0.0.0.0, ελαττωματική διεύθυνση 0x0006ca37.

Error - 12/4/2010 12:43:31 μμ | Computer Name = HP11546321382 | Source = Application Error | ID = 1000
Description = Ελαττωματική εφαρμογή jk2mp.exe, έκδοση 0.0.0.0, ελαττωματική λειτουργική
μονάδα jk2mp.exe, έκδοση 0.0.0.0, ελαττωματική διεύθυνση 0x0006ca37.

Error - 12/4/2010 6:51:05 μμ | Computer Name = HP11546321382 | Source = Application Hang | ID = 1002
Description = Κρεμασμένη εφαρμογή firefox.exe, έκδοση 1.9.1.3726, στοιχείο ελέγχου
κρεμάσματος hungapp, έκδοση 0.0.0.0, διεύθυνση κρεμάσματος 0x00000000.

[ System Events ]
Error - 12/4/2010 10:43:01 πμ | Computer Name = HP11546321382 | Source = Service Control Manager | ID = 7023
Description = Η υπηρεσία SSHNAS τερματίστηκε με το ακόλουθο σφάλμα: %%126

Error - 12/4/2010 10:44:13 πμ | Computer Name = HP11546321382 | Source = Service Control Manager | ID = 7034
Description = Η λειτουργία της υπηρεσίας INFOlearn Admin Service τερματίστηκε αναπάντεχα.
Αυτό συνέβη 1 φορά(ές).

Error - 13/4/2010 7:28:21 πμ | Computer Name = HP11546321382 | Source = Service Control Manager | ID = 7000
Description = Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας Automatic LiveUpdate Scheduler
εξαιτίας του ακόλουθου σφάλματος: %%3

Error - 13/4/2010 7:28:21 πμ | Computer Name = HP11546321382 | Source = Service Control Manager | ID = 7023
Description = Η υπηρεσία SSHNAS τερματίστηκε με το ακόλουθο σφάλμα: %%126

Error - 13/4/2010 9:58:08 πμ | Computer Name = HP11546321382 | Source = W32Time | ID = 39452689
Description = Υπηρεσία Παροχής Χρόνου NtpClient: Παρουσιάστηκε ένα σφάλμα κατά την
αναζήτηση DNS του σταθμού 'time.windows.com,0x1' με μη αυτόματες ρυθμίσεις παραμέτρων.
Το NtpClient θα επιχειρήσει αναζήτηση DNS ξανά σε 15 λεπτά. Το σφάλμα ήταν: Επιχειρήθηκε
η εκτέλεση μιας λειτουργίας υποδοχής σε ένα κεντρικό υπολογιστή, ο οποίος δεν είναι
προσπελάσιμος. (0x80072751)

Error - 13/4/2010 9:58:08 πμ | Computer Name = HP11546321382 | Source = W32Time | ID = 39452701
Description = Η υπηρεσία παροχής χρόνου NtpClient έχει ρυθμιστεί να λαμβάνει ώρα
από μία ή περισσότερες προελεύσεις χρόνου, ωστόσο αυτή τη στιγμή δεν είναι προσπελάσιμη
καμία
από αυτές. Δεν θα γίνει καμία προσπάθεια επικοινωνίας με κάποια προέλευση χρόνου
για 14 λεπτά. Ο NtpClient δεν έχει προέλευση ακριβούς ώρας.

Error - 13/4/2010 9:58:17 πμ | Computer Name = HP11546321382 | Source = W32Time | ID = 39452689
Description = Υπηρεσία Παροχής Χρόνου NtpClient: Παρουσιάστηκε ένα σφάλμα κατά την
αναζήτηση DNS του σταθμού 'time.windows.com,0x1' με μη αυτόματες ρυθμίσεις παραμέτρων.
Το NtpClient θα επιχειρήσει αναζήτηση DNS ξανά σε 15 λεπτά. Το σφάλμα ήταν: Επιχειρήθηκε
η εκτέλεση μιας λειτουργίας υποδοχής σε ένα κεντρικό υπολογιστή, ο οποίος δεν είναι
προσπελάσιμος. (0x80072751)

Error - 13/4/2010 9:58:17 πμ | Computer Name = HP11546321382 | Source = W32Time | ID = 39452701
Description = Η υπηρεσία παροχής χρόνου NtpClient έχει ρυθμιστεί να λαμβάνει ώρα
από μία ή περισσότερες προελεύσεις χρόνου, ωστόσο αυτή τη στιγμή δεν είναι προσπελάσιμη
καμία
από αυτές. Δεν θα γίνει καμία προσπάθεια επικοινωνίας με κάποια προέλευση χρόνου
για 15 λεπτά. Ο NtpClient δεν έχει προέλευση ακριβούς ώρας.

Error - 13/4/2010 10:04:40 πμ | Computer Name = HP11546321382 | Source = Service Control Manager | ID = 7000
Description = Δεν ήταν δυνατή η εκκίνηση της υπηρεσίας Automatic LiveUpdate Scheduler
εξαιτίας του ακόλουθου σφάλματος: %%3

Error - 13/4/2010 10:04:40 πμ | Computer Name = HP11546321382 | Source = Service Control Manager | ID = 7023
Description = Η υπηρεσία SSHNAS τερματίστηκε με το ακόλουθο σφάλμα: %%126

< End of report >

**Belahzur** · **Belahzur** on 13th April 2010, 6:52 pm

Please run OTL.exe.

Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:OTL
O4 - HKLM..\Run: [] File not found
[2010/04/13 18:35:00 | 000,000,238 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/04/13 18:25:00 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
[2010/04/13 18:00:00 | 000,000,238 | -H-- | M] () -- C:\WINDOWS\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
Click the red Run Fix button.
A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close OTL.exe

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

**Vladimir** · **Vladimir** on 14th April 2010, 11:43 am

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job moved successfully.
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job moved successfully.
C:\WINDOWS\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job moved successfully.

OTL by OldTimer - Version 3.2.1.1 log created on 04142010_144322

**Belahzur** · **Belahzur** on 14th April 2010, 9:11 pm

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

**Vladimir** · **Vladimir** on 15th April 2010, 1:16 pm

So pc is infected from what you saw? I run the malware scan now

**Vladimir** · **Vladimir** on 15th April 2010, 1:26 pm

Here are the results :

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Έκδοση βάσης δεδομένων: 3990

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

15/4/2010 4:25:37 μμ
mbam-log-2010-04-15 (16-25-37).txt

Τύπος σάρωσης: Γρήγορη σάρωση
Αντικείμενα που σαρώθηκαν: 123052
Χρόνος που έχει διανυθεί: 8 λεπτό(ά), 58 δευτερόλεπτο(α)

Μολυσμένες διεργασίες στη μνήμη: 0
Μολυσμένα στοιχεία στη μνήμη: 0
Μολυσμένα κλειδιά στο μητρώο: 5
Μολυσμένες τιμές στο μητρώο: 0
Μολυσμένα αντικείμενα δεδομένων στο μητρώο: 0
Μολυσμένοι φάκελοι: 1
Μολυσμένα αρχεία: 6

Μολυσμένες διεργασίες στη μνήμη:
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)

Μολυσμένα στοιχεία στη μνήμη:
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)

Μολυσμένα κλειδιά στο μητρώο:
HKEY_CURRENT_USER\SOFTWARE\BMIMZMHMFM (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WS9E3IQBKY (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SSHNAS (Trojan.Renos) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.

Μολυσμένες τιμές στο μητρώο:
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)

Μολυσμένα αντικείμενα δεδομένων στο μητρώο:
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)

Μολυσμένοι φάκελοι:
C:\Documents and Settings\User\Start Menu\Προγράμματα\AntiSpyware Protector (Rogue.AntiSpywareProtector) -> Quarantined and deleted successfully.

Μολυσμένα αρχεία:
C:\Documents and Settings\User\Start Menu\Προγράμματα\AntiSpyware Protector\AntiSpy Monitor.lnk (Rogue.AntiSpywareProtector) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Start Menu\Προγράμματα\AntiSpyware Protector\AntiSpy Protector Home.lnk (Rogue.AntiSpywareProtector) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Start Menu\Προγράμματα\AntiSpyware Protector\AntiSpy Protector.lnk (Rogue.AntiSpywareProtector) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Start Menu\Προγράμματα\AntiSpyware Protector\Documentation.lnk (Rogue.AntiSpywareProtector) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Start Menu\Προγράμματα\AntiSpyware Protector\ReadMe.lnk (Rogue.AntiSpywareProtector) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Start Menu\Προγράμματα\Εκκίνηση\AntiSpy Protector.lnk (Rogue.AntiSpywareProtector) -> Quarantined and deleted successfully.

I go for restart