View Full Version : Strange Spybot Behaviour - Possible Virtumonde
Hi all and a very nice new week !
I am afraid that today is my turn to ask for help...
I use Spybot Search & Destroy for more than one and a half year, being absolutelly satisfied and protected and having NO problems with it at all.
But, after an update of last week (05/11/2008), strange thinks started happening.
When I made a scan of my pc with Spybot, a popup window appeared suggesting me that I have to reboot my pc and startover.
At this point, the bar at the bottom of Spybot's UI shows virtumonde.sdn .
I did as advised, rebooted my pc, Spybot started over again and finally detected that virtumonde.sdn was residing in
C:\windows\system32\ptipbmf.dll .
I accepted repair of the problem found, rebooted system again and immediatelly after that, on starting windows, a system (windows) message appears saying that File ptipbmf.dll is missing which is essential for the windows system operation !!!
Having a clean Norton Ghost backup of my pc, I replaced all my C:\ hard disk with the Ghost clean backup. Then I updated Spybot again with the latest update, made a full scan and realised again that the same thinks happen.
I don't know if there's a problem with the latest Spybot update or not, but I cannot understand how a Microsoft windows essential file is considered by Spybot to be infected just after installing the latest update, even in case that I go back to a clean HDD C:\ configuration with Norton Ghost.
My pc runs Windows XP Pro, Greek language edition, SP3.
If you need any other hardware and/or software information, I will be glad to provide it to you.
I hope that we will find out what is going wrong.
Many thanks in advance,
CDL_gr
-----------------------------------------------------
HiJackThis log follows (copied and pasted here) :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:25:05, on 10/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ANYCOM\Blue USB-120-240\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\MGE\RunSC.exe
C:\WINDOWS\system32\MGE\PCtl.exe
C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe
C:\WINDOWS\system32\MGE\BIL.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\WINDOWS\system32\MGE\CILUSB.EXE
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ELITEA~1\SINGUL~1\eWatchDog2005.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\EliteApps\Singular Accountant\eSas2005.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Corsair\Corsair Flash Voyager Utility\PLBkMon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Norton Password Manager\AcctMgr.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Hewlett-Packard\hp business inkjet 1100 series\Toolbox\mpm.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Watch.exe
C:\Program Files\ANYCOM\Blue USB-120-240\BTTray.exe
C:\Program Files\Dosprn\DOSprn.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Pinnacle\Pinnacle PCTV\Vision\Vision.exe
C:\PROGRA~1\Pinnacle\SHARED~1\Filter\server.exe
C:\PROGRA~1\Pinnacle\SHARED~1\Filter\VBI_SE~1.EXE
C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\ACD Systems\IDBSvr.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Temp\MY\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.gr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.gr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.gr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Συνδέσεις
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat WRITER 6.0 Professional\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat WRITER 6.0 Professional\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\SMax4.exe" /tray
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [CORSAIR_PLUtil] "C:\Program Files\Corsair\Corsair Flash Voyager Utility\PLBkMon.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [HPWH myPrintMileage Agent] C:\Program Files\Hewlett-Packard\hp business inkjet 1100 series\Toolbox\mpm.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\Ad-Watch.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: DOSPRN.lnk = C:\Program Files\Dosprn\DOSprn.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: DOSPRN.lnk = C:\Program Files\Dosprn\DOSprn.exe (User 'Default user')
O4 - Startup: DOSPRN.lnk = C:\Program Files\Dosprn\DOSprn.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Download using Download &Express - C:\Program Files\Download Express\Add_Url.htm
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: Ε&ξαγωγή στο Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Έρευνα - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Blue USB-120-240\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Blue USB-120-240\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: MSN Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\MSN Messenger\MSNMSGR.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\MSN Messenger\MSNMSGR.EXE
O12 - Plugin for .zip: C:\PROGRA~1\PKWARE\PKZIPP\nppkzip.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {156BF4B7-AE3A-4365-BD88-95A75AF8F09D} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {17D0C64A-5283-4125-8256-105694C274ED} (MozillaPluginHostCtrl Class) - http://www.maerklin.de/service/kundenservice/specials/anim/bigboy_web/bigboy/spx33.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {60EFC337-15C2-4369-B2A0-3429B071D8B8} (Hewlett-Packard Printer Diagnostics) - http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISWebManager.CAB
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://maps.flash.gr/inc/activex/mgaxctrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1132949752124
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1223482530515
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3012E6BD-BE38-42A3-ABBC-9EDFAE2C57B0}: NameServer = 195.170.2.2,195.170.0.1
O18 - Protocol: bw+0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\ANYCOM\Blue USB-120-240\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: MGE Service module - Unknown owner - C:\WINDOWS\system32\MGE\RunSC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SingularAccountantWatchDog - Unknown owner - C:\PROGRA~1\ELITEA~1\SINGUL~1\eWatchDog2005.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Αδιάλειπτη Παροχή Ενέργειας (UPS) - Unknown owner - C:\WINDOWS\System32\ups2.exe (file missing)
--
End of file - 28831 bytes
To be more helpful while waiting for an expert help,
I thought proper to fully scan my entire pc using Kaspersky Online Scanner 7.0 .
The scanning result was :
Files Scanned ............................ 193331
Thread Names ............................ 0
Infected Objects ........................ 0
Suspicious Objects .................... 0
Duration of the scan .................. 03:17:49
I also made a Full Scan of my entire pc, using Malwarebytes' Anti-Malware (updated with the latest file) and the result was also " NO INFECTIONS "...
Hi CDL_gr
Download random's system information tool (RSIT) by random/random from here (http://images.malwareremoval.com/random/RSIT.exe) and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
Hi Shaba and thank you very much for your kind reply.
I did as advised, bit RSIT produces ONLY ONE file, the following :
Logfile of random's system information tool 1.04 (written by random/random)
Run by Costis at 2008-11-14 13:52:45
Microsoft Windows XP Professional Service Pack 3
System drive C: has 156 GB (80%) free of 194 GB
Total RAM: 3453 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:52:54, on 14/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ANYCOM\Blue USB-120-240\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\MGE\RunSC.exe
C:\WINDOWS\system32\MGE\PCtl.exe
C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe
C:\WINDOWS\system32\MGE\BIL.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\MGE\CILUSB.EXE
C:\WINDOWS\system32\IoctlSvc.exe
C:\PROGRA~1\ELITEA~1\SINGUL~1\eWatchDog2005.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\EliteApps\Singular Accountant\eSas2005.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Corsair\Corsair Flash Voyager Utility\PLBkMon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Norton Password Manager\AcctMgr.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\Hewlett-Packard\hp business inkjet 1100 series\Toolbox\mpm.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Watch.exe
C:\Program Files\ANYCOM\Blue USB-120-240\BTTray.exe
C:\Program Files\Dosprn\DOSprn.exe
C:\Program Files\Pinnacle\Pinnacle PCTV\Vision\Vision.exe
C:\PROGRA~1\Pinnacle\SHARED~1\Filter\server.exe
C:\PROGRA~1\Pinnacle\SHARED~1\Filter\VBI_SE~1.EXE
C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\hp business inkjet 1100 series\Toolbox\HPWHTBX.exe
C:\Program Files\Common Files\ACD Systems\IDBSvr.exe
C:\Temp\MY\RSIT.exe
C:\Program Files\trend micro\Costis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.gr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Συνδέσεις
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat WRITER 6.0 Professional\Acrobat\AcroIEFavClient.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat WRITER 6.0 Professional\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\SMax4.exe" /tray
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [CORSAIR_PLUtil] "C:\Program Files\Corsair\Corsair Flash Voyager Utility\PLBkMon.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [eBayToolbar] C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [HPWH myPrintMileage Agent] C:\Program Files\Hewlett-Packard\hp business inkjet 1100 series\Toolbox\mpm.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\Ad-Watch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: DOSPRN.lnk = C:\Program Files\Dosprn\DOSprn.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Download using Download &Express - C:\Program Files\Download Express\Add_Url.htm
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: Ε&ξαγωγή στο Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Έρευνα - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Blue USB-120-240\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Blue USB-120-240\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: MSN Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\MSN Messenger\MSNMSGR.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\MSN Messenger\MSNMSGR.EXE
O12 - Plugin for .zip: C:\PROGRA~1\PKWARE\PKZIPP\nppkzip.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {156BF4B7-AE3A-4365-BD88-95A75AF8F09D} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {17D0C64A-5283-4125-8256-105694C274ED} (MozillaPluginHostCtrl Class) - http://www.maerklin.de/service/kundenservice/specials/anim/bigboy_web/bigboy/spx33.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {60EFC337-15C2-4369-B2A0-3429B071D8B8} (Hewlett-Packard Printer Diagnostics) - http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISWebManager.CAB
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://maps.flash.gr/inc/activex/mgaxctrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1132949752124
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1223482530515
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=24931
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3012E6BD-BE38-42A3-ABBC-9EDFAE2C57B0}: NameServer = 195.170.2.2,195.170.0.1
O18 - Protocol: bw+0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B5B2744C-4D12-42BF-BB4F-2B62FCE94F02} - C:\Program Files\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\ANYCOM\Blue USB-120-240\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: MGE Service module - Unknown owner - C:\WINDOWS\system32\MGE\RunSC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SingularAccountantWatchDog - Unknown owner - C:\PROGRA~1\ELITEA~1\SINGUL~1\eWatchDog2005.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Αδιάλειπτη Παροχή Ενέργειας (UPS) - Unknown owner - C:\WINDOWS\System32\ups2.exe (file missing)
--
End of file - 28004 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Costis.job
C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll [2006-09-06 93400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22D8E815-4A5E-4DFB-845E-AAB64207F5BD}]
eBay Toolbar Helper - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll [2008-04-03 562416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-10-08 308832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-07-07 1562448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-11 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat WRITER 6.0 Professional\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-09-30 145424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-11 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat WRITER 6.0 Professional\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Show Norton Toolbar - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll [2006-09-06 510152]
{92085AD4-F48A-450D-BD93-B28CC7DF67CE} - eBay Toolbar - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll [2008-04-03 562416]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-04-18 552960]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-09-30 145424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2003-05-29 790528]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\SMax4.exe [2003-05-30 585728]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]
"CORSAIR_PLUtil"=C:\Program Files\Corsair\Corsair Flash Voyager Utility\PLBkMon.exe [2004-11-11 90112]
"BluetoothAuthenticationAgent"=C:\WINDOWS\system32\bthprops.cpl [2008-04-14 110592]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-06-28 8466432]
"nwiz"=nwiz.exe /install []
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2007-01-09 115816]
"osCheck"=C:\Program Files\Norton Internet Security\osCheck.exe [2006-09-06 26248]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"USBToolTip"=C:\Program Files\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"AcctMgr"=C:\Program Files\Norton Password Manager\AcctMgr.exe [2005-07-29 586896]
"USB2Check"=C:\WINDOWS\system32\PCLECoInst.dll [2005-12-21 73728]
"eBayToolbar"=C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe [2008-04-03 652528]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-06-28 81920]
"Ptipbmf"=C:\WINDOWS\system32\ptipbmf.dll [2003-06-20 118784]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"HPWH myPrintMileage Agent"=C:\Program Files\Hewlett-Packard\hp business inkjet 1100 series\Toolbox\mpm.exe [2003-09-23 102400]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\Ad-Watch.exe [2008-07-09 2468200]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-11 136600]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2008-06-10 1406024]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Start Menu\Προγράμματα\Εκκίνηση
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
BTTray.lnk - C:\Program Files\ANYCOM\Blue USB-120-240\BTTray.exe
C:\Documents and Settings\Costis\Start Menu\Προγράμματα\Εκκίνηση
DOSPRN.lnk - C:\Program Files\Dosprn\DOSprn.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\Hewlett-Packard\hp business inkjet 1100 series\Toolbox\HPWHTBX.exe"="C:\Program Files\Hewlett-Packard\hp business inkjet 1100 series\Toolbox\HPWHTBX.exe:*:Enabled:Toolbox for HP Printing System for Windows"
"C:\Program Files\Download Express\dep.exe"="C:\Program Files\Download Express\dep.exe:*:Enabled:Browser download plugin"
"C:\Program Files\Pinnacle\Pinnacle PCTV\TeleText\WebServer.exe"="C:\Program Files\Pinnacle\Pinnacle PCTV\TeleText\WebServer.exe:*:Enabled:WebServer"
"C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pinnacle\Studio 10\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\Studio 10\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
======File associations======
.reg - open -
======List of files/folders created in the last 1 months======
2008-11-14 13:45:07 ----D---- C:\Program Files\trend micro
2008-11-14 13:45:06 ----D---- C:\rsit
2008-11-13 00:27:10 ----D---- C:\Program Files\Common Files\McAfee
2008-11-13 00:26:29 ----D---- C:\Program Files\McAfee
2008-11-12 17:11:51 ----D---- C:\Documents and Settings\Costis\Application Data\Malwarebytes
2008-11-12 17:11:44 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-11-12 17:11:44 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-11-12 16:56:04 ----A---- C:\WINDOWS\system32\WmiConf.txt
2008-11-12 16:55:27 ----A---- C:\DxSysChk_Log.txt
2008-11-12 16:23:55 ----D---- C:\Program Files\Microsoft IntelliPoint
2008-11-12 16:11:37 ----D---- C:\Documents and Settings\All Users\Application Data\DriverScanner
2008-11-12 16:10:23 ----HDC---- C:\Documents and Settings\All Users\Application Data\{5A76C6B3-3FA8-46D0-AA81-62C3805E38BC}
2008-11-12 00:45:10 ----D---- C:\Documents and Settings\All Users\Application Data\Macrovision
2008-11-12 00:45:06 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2008-11-12 00:17:53 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-12 00:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-12 00:13:46 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-12 00:11:50 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-12 00:11:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-11-12 00:11:21 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-12 00:11:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-12 00:10:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-12 00:10:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-11-12 00:10:22 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-11 23:21:47 ----D---- C:\Program Files\CLICK game
2008-11-11 22:53:41 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-11-11 22:41:36 ----A---- C:\WINDOWS\system32\javaws.exe
2008-11-11 22:41:36 ----A---- C:\WINDOWS\system32\javaw.exe
2008-11-11 22:41:36 ----A---- C:\WINDOWS\system32\java.exe
2008-11-11 22:41:36 ----A---- C:\WINDOWS\system32\deploytk.dll
======List of files/folders modified in the last 1 months======
2008-11-14 13:51:36 ----D---- C:\WINDOWS\Temp
2008-11-14 13:50:38 ----D---- C:\Program Files\Mozilla Firefox
2008-11-14 13:45:09 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-11-14 13:45:07 ----D---- C:\Program Files
2008-11-14 13:40:55 ----D---- C:\Documents and Settings\Costis\Application Data\WholeSecurity
2008-11-14 13:40:55 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2008-11-14 13:28:46 ----SHD---- C:\WINDOWS\Installer
2008-11-14 13:28:46 ----HD---- C:\Config.Msi
2008-11-14 13:14:08 ----SD---- C:\WINDOWS\Tasks
2008-11-14 13:13:25 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-14 04:21:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-14 02:06:37 ----D---- C:\Program Files\SyncBack
2008-11-14 01:27:52 ----D---- C:\Program Files\FreeCommander
2008-11-14 00:52:39 ----AD---- C:\WINDOWS\system32
2008-11-14 00:29:00 ----D---- C:\WINDOWS\Prefetch
2008-11-13 18:13:22 ----AC---- C:\WINDOWS\IE4 Error Log.txt
2008-11-13 15:03:48 ----D---- C:\Program Files\Google
2008-11-13 11:51:54 ----D---- C:\WINDOWS
2008-11-13 00:35:46 ----D---- C:\Program Files\HERMA LabelWorld
2008-11-13 00:27:21 ----D---- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-11-13 00:27:11 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2008-11-13 00:27:10 ----D---- C:\Program Files\Common Files
2008-11-13 00:27:08 ----HD---- C:\WINDOWS\inf
2008-11-12 17:11:47 ----D---- C:\WINDOWS\system32\drivers
2008-11-12 17:02:15 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-11-12 16:58:00 ----D---- C:\Program Files\Intel
2008-11-12 16:30:37 ----D---- C:\WINDOWS\system32\config
2008-11-12 16:24:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-11-12 16:24:49 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-11-12 16:24:02 ----RSD---- C:\WINDOWS\Fonts
2008-11-12 16:11:37 ----D---- C:\Program Files\Uniblue
2008-11-12 16:11:37 ----D---- C:\Documents and Settings\Costis\Application Data\Uniblue
2008-11-12 15:20:23 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-12 00:48:48 ----D---- C:\Documents and Settings\Costis\Application Data\Adobe
2008-11-12 00:48:48 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-11-12 00:43:23 ----D---- C:\Program Files\Common Files\Adobe
2008-11-12 00:42:51 ----D---- C:\Program Files\Adobe
2008-11-12 00:40:21 ----D---- C:\Program Files\mIRC
2008-11-12 00:20:47 ----D---- C:\WINDOWS\system32\Macromed
2008-11-12 00:20:47 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-12 00:17:49 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-12 00:14:50 ----A---- C:\WINDOWS\imsins.BAK
2008-11-12 00:14:35 ----D---- C:\WINDOWS\WinSxS
2008-11-12 00:07:37 ----N---- C:\WINDOWS\win.ini
2008-11-11 23:24:06 ----D---- C:\Program Files\GuestGen
2008-11-11 22:58:46 ----D---- C:\Program Files\Common Files\ACD Systems
2008-11-11 22:49:33 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-11 22:41:22 ----D---- C:\Program Files\Java
2008-11-11 21:47:46 ----D---- C:\Temp
2008-11-11 21:17:54 ----D---- C:\Program Files\TuneUp Utilities 2008
2008-11-03 16:10:26 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-15 18:35:43 ----A---- C:\WINDOWS\system32\netapi32.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Οδηγός επεξεργαστή Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40832]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2003-03-14 4228]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
R1 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2008-10-03 187952]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2006-12-19 15781]
R2 ROB_A;Pinnacle WDM PCTV Audio Capture; C:\WINDOWS\system32\DRIVERS\rob_a.sys [2003-02-10 17664]
R2 ROB_V;Pinnacle WDM PCTV Video Capture; C:\WINDOWS\system32\drivers\rob_v.sys [2003-04-11 125568]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
R3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; \??\C:\WINDOWS\system32\drivers\AWRTPD.sys []
R3 Ad-Watch Registry Filter;Ad-Watch Registry Kernel Filter; \??\C:\WINDOWS\system32\drivers\AWRTRD.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-03-13 100224]
R3 Aldebaran;Aldebaran - SCSI Command Filters; C:\WINDOWS\System32\Drivers\Aldebaran.sys [2003-10-09 11731]
R3 Arp1394;Πρωτόκολλο πελάτη ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2004-03-02 16640]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2004-03-02 30235]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2004-03-02 146716]
R3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\system32\DRIVERS\Camdrl.sys [2004-10-08 326656]
R3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:\WINDOWS\System32\DRIVERS\e1000325.sys [2007-11-07 171152]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Πρόγραμμα οδήγησης HID της Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-10 21060]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-08 22016]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-07-13 171008]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20081113.004\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20081113.004\NAVEX15.SYS []
R3 NIC1394;Πρόγραμμα οδήγησης δικτύου 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-06-28 6807328]
R3 pctvvbi;PCTVVBI; C:\WINDOWS\System32\DRIVERS\pctvvbi.sys [2002-11-11 6400]
R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-10-02 10368]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2008-06-10 31048]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2003-04-17 5888]
R3 smbusp;Intel(R) SMBus 2.0 Driver; C:\WINDOWS\system32\DRIVERS\intelsmb.sys [2006-12-28 45184]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-06-02 578304]
R3 SNXPCARD;Sunix PCI Multi I/O Card Driver; C:\WINDOWS\System32\DRIVERS\snxpcard.sys [2003-04-02 20864]
R3 SNXPPALX;Sunix PCI Parallel Port Driver; C:\WINDOWS\System32\DRIVERS\snxppalx.sys [2003-04-07 75264]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2008-10-03 12848]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2008-10-03 146096]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2008-10-03 39984]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20081112.002\SymIDSCo.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2008-10-03 35120]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2008-10-03 27696]
R3 usbaudio;Πρόγραμμα οδήγησης ήχου USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Γενικό γονικό πρόγραμμα οδήγησης USB της Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Πρόγραμμα οδήγησης USB 2.0-προηγμένου κεντρικού ελεγκτή Miniport της Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Διανομέας με δυνατότητα USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbscan;Πρόγραμμα οδήγησης σαρωτή USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Πρόγραμμα οδήγησης Miniport ενιαίου κεντρικού ελεγκτή Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2005-04-12 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2005-04-12 45504]
S1 kbdhid;Πρόγραμμα οδήγησης πληκτρολογίου HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14848]
S2 ASInsHelp;ASInsHelp; \??\C:\WINDOWS\system32\drivers\AsInsHelp32.sys []
S3 AVC2310F;AVC-2310/AVC-2210 USB Loader; C:\WINDOWS\System32\Drivers\avcuwfl.sys [2003-07-09 18580]
S3 BthEnum;Υπηρεσία απαρίθμησης Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Πρόγραμμα οδήγησης επικοινωνιών Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Πρόγραμμα οδήγησης θύρας Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 273152]
S3 BTHUSB;Πρόγραμμα οδήγησης θύρας USB ασύρματου Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTWUSB;%BTWUSB.SvcDesc%; C:\WINDOWS\System32\Drivers\btwusb.sys [2004-03-02 52856]
S3 CCDECODE;Αποκωδικοποιητής κωδικοποιημένων υπότιτλων; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DCamUSBEMPIA;Dazzle DVC Video Device; C:\WINDOWS\system32\DRIVERS\emDevice.sys [2005-12-21 100957]
S3 emAudio;Dazzle DVC Audio Device; C:\WINDOWS\system32\drivers\emAudio.sys [2005-12-21 19712]
S3 FiltUSBEMPIA;USB Device Lower Filter; C:\WINDOWS\system32\DRIVERS\emFilter.sys [2005-12-21 5245]
S3 FreshIO;FreshIO; \??\C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys []
S3 HidBatt;HID UPS Battery Driver; C:\WINDOWS\System32\DRIVERS\HidBatt.sys [2008-04-13 20352]
S3 LHidUsbK;Logitech SetPoint USB Receiver device driver; C:\WINDOWS\system32\drivers\LHidUsbK.sys []
S3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\drivers\LMouKE.sys []
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-20 235100]
S3 mouhid;Πρόγραμμα οδήγησης ποντικιού HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-11-26 12288]
S3 MSTEE;Μετατροπέας Tee/Sink-to-Sink ροής της Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Σύνδεση τηλεόρασης/βίντεο της Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 netModUSBlfService;netMod USB Lower Filter Service; C:\WINDOWS\system32\drivers\nMUSBlf.sys [2003-12-08 20628]
S3 netModUSBService;Service for netMod USB CAPI Driver; C:\WINDOWS\system32\drivers\nMUSB.sys [2004-09-08 62824]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 PhilCam8116;Logitech QuickCam Pro 3000(PID_08B0); C:\WINDOWS\system32\DRIVERS\CamDrL21.sys [2004-02-14 244096]
S3 PLFF;USB Flash Disk Driver; C:\WINDOWS\System32\Drivers\PLFF.sys [2003-10-06 7424]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 ScanUSBEMPIA;USB Still Image Capture Device; C:\WINDOWS\system32\DRIVERS\emScan.sys [2005-12-21 4493]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbprint;Κλάση εκτυπωτών Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbser;%USBFilterString%; C:\WINDOWS\System32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 USBSTOR;Πρόγραμμα οδήγησης μαζικής αποθήκευσης USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Συσκευή βίντεο USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2005-04-12 22240]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2005-04-12 17632]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2005-04-12 5600]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-09 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-09-03 198336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\ANYCOM\Blue USB-120-240\bin\btwdins.exe [2004-03-02 135168]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 ccProxy;Symantec Network Proxy; C:\Program Files\Common Files\Symantec Shared\ccProxy.exe [2007-09-13 202088]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-11 152984]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2008-10-08 203280]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MGE Service module;MGE Service module; C:\WINDOWS\system32\MGE\RunSC.exe [2006-09-27 122880]
R2 MSSQLSERVER;MSSQLSERVER; C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe [2008-05-25 9154560]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-06-28 155716]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2004-09-03 53248]
R2 SingularAccountantWatchDog;SingularAccountantWatchDog; C:\PROGRA~1\ELITEA~1\SINGUL~1\eWatchDog2005.exe [2007-10-26 433152]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-04-03 1251720]
R2 SymAppCore;Symantec AppCore Service; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2006-09-02 46736]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [2001-05-01 53248]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 PinnacleSys.MediaServer;Pinnacle Systems Media Service; C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe [2006-01-19 49152]
S2 WMPNetworkSvc;Υπηρεσία κοινής χρήσης δικτύου του Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 922112]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-11-12 68096]
S3 aspnet_state;Υπηρεσία κατάστασης ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2006-09-03 48272]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 ISPwdSvc;Symantec IS Password Validation; C:\Program Files\Norton Internet Security\isPwdSvc.exe [2006-09-06 79496]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-09-03 2528960]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-12-10 353280]
S3 SQLSERVERAGENT;SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL\binn\sqlagent.exe [2005-05-03 323584]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-10-08 355584]
S3 usnjsvc;Υπηρεσία ανάγνωσης χρονικού USN κοινόχρηστων φακέλων του Messenger; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S4 eSasWDg;e-SAS WatchDog; C:\PROGRA~1\ELITEA~1\eSas\eSasWatchDog.exe [2004-06-08 340992]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
-----------------EOF-----------------
Please check if there is info.txt in c:\rsit folder.
If so, please post contents of it next :)
I haven't noticed that this directory existed.
Yes you were right, I did find the file and here it is :
info.txt logfile of random's system information tool 1.04 2008-11-14 13:45:47
======Uninstall list======
##CAMERADRIVERNAME##-->"C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\system32\UninstIPP.isu
-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\OTEnet E-mail Deleting Program\ST6UNST.000"
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3BB529C7-855D-11D7-8444-0050BA1D384D}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C8D07881-18E2-11D7-86D3-00055DF3561E}\setup.exe" -l0x9
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACD Media Support Package 1.0-->MsiExec.exe /X{C531F248-1EC0-4C5D-A32C-A16672929B42}
ACD mPower Tools-->MsiExec.exe /I{6C40BF43-BC81-44A3-8C25-179D5DB47168}
ACD Photo Editor 3.1-->MsiExec.exe /I{651BC4A2-49D2-4357-9EAE-E00A3F4A4317}
ACD VideoMagic with DivX Pro-->MsiExec.exe /X{33771059-E751-49D6-AEFB-338BBCF693E0}
ACDSee 10 Photo Manager-->MsiExec.exe /I{F8B98EB6-FC06-45BF-87D4-9784E0408611}
ACDSee 8 Media Support Package-->MsiExec.exe /X{1EBFA30C-6206-4FD8-8B82-3A29F0D01B28}
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat - Reader 6.0.2 Update-->MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Acrobat 6.0.1 Professional-->MsiExec.exe /I{AC76BA86-1033-0000-7760-000000000001}
Adobe Acrobat and Reader 6.0.3 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000603}
Adobe Acrobat and Reader 6.0.4 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000604}
Adobe Acrobat and Reader 6.0.5 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000605}
Adobe Acrobat and Reader 6.0.6 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000606}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Atmosphere Player for Acrobat and Adobe Reader-->C:\WINDOWS\atmoUn.exe
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x9
Adobe Reader 8 - Greek-->MsiExec.exe /I{AC76BA86-7AD7-1032-7B44-A80000000000}
Adobe Reader 8 - Greek-->MsiExec.exe /I{AC76BA86-7AD7-1032-7B44-A81200000003}
Adobe Reader 8.1.0 - Greek-->MsiExec.exe /I{AC76BA86-7AD7-1032-7B44-A81000000003}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe SVG Viewer 3.0-->C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
AFPL Ghostscript 7.04-->c:\program files\acd systems\gs\uninstgs.exe "c:\program files\acd systems\gs\gs7.04\uninstal.txt"
AFPL Ghostscript Fonts-->c:\program files\acd systems\gs\uninstgs.exe "c:\program files\acd systems\gs\fonts\uninstal.txt"
ANYCOM Blue USB-120-240 Software-->MsiExec.exe /X{E98D6792-FC51-4187-9448-CA9BF893384E}
AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ASUS Probe V2.25.02-->C:\WINDOWS\uninst.exe -f"C:\Program Files\ASUS\Asus Probe\DeIsL1.isu" -c"C:\Program Files\ASUS\Asus Probe\probunis.dll"
AV-->MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Bonus-->MsiExec.exe /I{420F8FCF-8F5E-4518-A5B3-FBBD56B98FEC}
Borland Database Engine-->C:\PROGRA~1\COMMON~1\BORLAN~1\BDE\UNWISE.EXE C:\PROGRA~1\COMMON~1\BORLAN~1\BDE\INSTALL.LOG
Canon iP3300-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3300\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3300 /L0x0008
Canon Setup Utility 2.3-->"C:\Program Files\Canon\Canon Setup Utility 2.3\Maint.exe" /Uninstall C:\Program Files\Canon\Canon Setup Utility 2.3\uninst.ini
Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE
CC_ccProxyExt-->MsiExec.exe /I{2EBF25F1-F8A2-40EA-92BE-931C142A44E2}
ccCommon-->MsiExec.exe /I{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}
ccCommon-->MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
ccPxyCore-->MsiExec.exe /I{30738666-9805-4926-A78F-91DA33B6C437}
CIB-->MsiExec.exe /I{E8176C35-0C2D-4142-9ED4-81861ECAB403}
Colin McRae Rally 2005-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC67770B-581D-4E96-B72A-A7907CE18725}\setup.exe" -l0x9
ColorWizzard-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Color n Code\ColorWizzard\cfmunins.isu" -c"C:\PROGRA~1\COLORN~1\COLORW~1\cfmunins.dll" ProdNameColorific
Corel Graphics Suite 11-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{07A540AB-D785-11D5-8E89-0090275862A0}
Corsair Flash Voyager Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41FC7856-55A1-41A6-94B1-15A1E3C050B8}\Setup.exe" -l0x9
Creative DVD Audio Plugin for Audigy Series-->"C:\Program Files\Creative\CTDPlugin\CTUIDVD.exe " -u
Desktop Restore-->MsiExec.exe /I{33107B5F-9FF9-41F7-B1DC-288AD0DA8B9B}
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DOSPRN 1.79-->"C:\Program Files\DOSPRN\unins000.exe"
DOSPRN-->C:\PROGRA~1\Dosprn\UNWISE.EXE C:\PROGRA~1\Dosprn\INSTALL.LOG
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
Easy-WebPrint-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
eBay Toolbar-->C:\Program Files\InstallShield Installation Information\{3DB5FD00-BB93-4AF3-B925-77DAA0E4E2F4}\setup.exe -runfromtemp -l0x0009 eBay Toolbar -removeonly
e-Singular Application Server 2005 (ver 3.0)-->C:\PROGRA~1\ELITEA~1\SINGUL~1\UNWISE.EXE C:\PROGRA~1\ELITEA~1\SINGUL~1\INSTALL.LOG
e-Singular Application Server ver 2.5-->C:\PROGRA~1\ELITEA~1\eSas\UNWISE.EXE C:\PROGRA~1\ELITEA~1\eSas\INSTALL.LOG
Evritania-->MsiExec.exe /I{E2242633-8D10-4BA8-9D33-C1834C5C31BA}
Express Thumbnail Creator 1.72-->"C:\Program Files\Express Thumbnail Creator\unins000.exe"
Fokis-->MsiExec.exe /I{6C8F466D-F7FA-4396-9E41-2800B3FE9B84}
FotoSlate 4-->MsiExec.exe /I{7BD59782-9B02-4CC3-91D1-E3780DCFFCF7}
FreeCommander 2007.10a-->"C:\Program Files\FreeCommander\unins000.exe"
FreshDiagnose-->"C:\Program Files\FreshDevices\FreshDiagnose\unins000.exe"
FreshUI-->"C:\Program Files\FreshDevices\FreshUI\unins000.exe"
Giona-->MsiExec.exe /X{60A1403F-7F14-4104-AD6F-A8A3DE461E9E}
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
HERMA LabelWorld-->C:\PROGRA~1\HERMAL~1\UNWISE.EXE C:\PROGRA~1\HERMAL~1\INSTALL.LOG
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix 2050 for SQL Server 2000 ENU (KB948110)-->"C:\WINDOWS\$SQLUninstallSQL2000-KB948110-v8.00.2050-x86-ENU$\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Format SDK (KB902344)-->"C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
hp business inkjet 1100-->msiexec /x{242B9150-74EC-4606-AAB1-2F0C719378D7}
HP Commercial Scanjet 5590 TWAIN Driver-->C:\WINDOWS\IsUninst.exe -f"C:\WINDOWS\PIXTRAN\HP Commercial Scanjet 5590 TWAIN Driver.isu" -c"C:\WINDOWS\PIXTRAN\sdkunin.dll"
HP Imaging Device Functions 9.0-->C:\Program Files\Hewlett-Packard\HP Scanjet 5590 ADF\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 9.0-->C:\Program Files\Hewlett-Packard\HP Scanjet 5590 ADF\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Scanjet 5590 9.0-->C:\Program Files\Hewlett-Packard\HP Scanjet 5590 ADF\Digital Imaging\{672BDFD3-9E0A-4fc5-A97A-42DBC2B8C280}\setup\hpzscr01.exe -datfile hpgscr25.dat
HP Solution Center 9.0-->C:\Program Files\Hewlett-Packard\HP Scanjet 5590 ADF\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
Icon Snatcher Version 3.6.1-->"C:\Program Files\Icon Snatcher\unins000.exe"
ID_DCRaw Image Decoder Plug-In-->MsiExec.exe /X{DA1876DD-323E-4D78-8F9F-8F4FDE25C010}
Image2SWF 1.002-->"C:\Program Files\Vertical Moon\Image2SWF\unins000.exe"
Intel(R) Network Connections 13.0.42.0-->MsiExec.exe /i{2223FC2F-B862-4F83-BC9E-DDF2DADF2859} ARPREMOVE=1
InterVideo WinDVD 5-->"C:\Program Files\InstallShield Installation Information\{1B399A41-C1D0-40A2-9E4F-095868EFAF01}\setup.exe" REMOVEALL
InterVideo WinDVD Creator 2-->"C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
InterVideo WinDVD Creator 3-->"C:\Program Files\InstallShield Installation Information\{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}\setup.exe" REMOVEALL
InterVideo WinRip-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D32D4182-DE6C-457E-838C-8D7B9CE332BA}\setup.exe" REMOVEALL
Ipswitch WS_FTP PhotoMover-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C25E85DC-3829-476C-BA46-D5A005F9C53D}\setup.exe" -l0x9
Ipswitch WS_FTP Professional 2006-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}\setup.exe" -l0x9
i-Sound Pro 6.71-->"C:\Program Files\i-Sound Pro\UninsHs.exe" /u=i-Sound WMA MP3 Recorder
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
LiveReg (Symantec Corporation)-->C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 3.1 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x9 UNINSTALL /L9
Logitech Gaming Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C1DA723-24FC-48AD-93BA-925695C3EF26}\setup.exe" -l0x8 -removeonly
Logitech QuickCam Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x9
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee SiteAdvisor-->C:\Program Files\McAfee\SiteAdvisor\Uninstall.exe
Media Library Management Wizard-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplibwiz.inf,DefaultUninstall
MetaProducts Download Express-->C:\Program Files\Download Express\dep.exe /UnInstall
Microsoft .NET Framework 1.1 Greek Language Pack-->MsiExec.exe /X{3D9E9EB7-B14F-4AE4-8C1F-1AD4CF3093BE}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Greek Language Pack-->MsiExec.exe /X{909CAC9A-F30E-4006-A760-8183B0756879}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft Baseline Security Analyzer 2.0-->MsiExec.exe /I{8A8F4EF8-160C-4E0F-B32D-92E2313E039B}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2003 Στοιχεία Web-->MsiExec.exe /I{90A40408-6000-11D3-8CFE-0150048383C9}
Microsoft Office 97 Sounds (Remove only)-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\Sounds.inf, Uninstall.NT
Microsoft Office Basic Edition 2003-->MsiExec.exe /I{91130408-6000-11D3-8CFE-0150048383C9}
Microsoft Office FrontPage 2003-->MsiExec.exe /I{91170408-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110408-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2000-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Microsoft SQL Server\MSSQL\Uninst.isu" -c"C:\Program Files\Microsoft SQL Server\MSSQL\sqlsun.dll" -msql.mif i=MSSQLSERVER
Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Αριθμομηχανή+-->MsiExec.exe /I{7716E562-D830-4916-A0A6-D37CC607C427}
mIRC-->C:\Program Files\mIRC\backup\mIRC\uninstall.exe _?=C:\Program Files\mIRC\backup\mIRC
Moffsoft FreeCalc-->"C:\Program Files\Moffsoft FreeCalc\unins000.exe"
MotionDV STUDIO 6.0E LE for DV-->C:\Program Files\InstallShield Installation Information\{4C41DF54-F78D-404E-9E71-29EF5A00F1E9}\Setup.exe -runfromtemp -l0x0009 UNINSTALL -removeonly
Movie Maker Background Music Files-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmmusic.inf,DefaultUninstall
Movie Maker Sound Effects-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmsounds.inf,DefaultUninstall
Movie Maker Title Images-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmtitle.inf,DefaultUninstall
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Messenger 7.5-->MsiExec.exe /I{4043A416-03EC-11DA-BFBD-00065BBDC0B5}
MSRedist-->MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69}
MSRedist-->MsiExec.exe /I{FC37ABD0-2108-4beb-B010-1254E0662B5A}
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero 6-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nero Digital-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
Nero Media Player-->C:\WINDOWS\UNNMP.exe /UNINSTALL
NeroMIX-->C:\WINDOWS\UNNMIX.exe /UNINSTALL
NetMod Configuration Manager-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Intracom S.A.\NetMod Configuration Manager\Uninst.isu"
Nokia Connectivity Cable Driver-->MsiExec.exe /X{0A3D3C54-2EC0-4D67-B265-FF17926E6D67}
Nokia Multimedia Factory-->"C:\Documents and Settings\All Users\Application Data\Installations\{4CFB3821-1582-4f3b-BF8D-30986923B36B}\Nokia_Multimedia_Factory_2_0.exe" /MAINTENANCE /SILENT="SWLPCER" /LANG="2057" /MSI_COMMON_OPTIONS="PCSLANG= MMFLANG=eng"
Nokia Multimedia Factory-->MsiExec.exe /I{4CFB3821-1582-4F3B-BF8D-30986923B36B}
Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Nokia_PC_Suite_rel_6_85_14_1_gre.exe
Nokia PC Suite-->MsiExec.exe /I{29466F9C-7C6A-419C-B301-F440FAF78760}
Nokia Software Updater-->MsiExec.exe /X{57CEA991-6F11-4E7E-B67C-2F02168CED6B}
Norton AntiSpam-->MsiExec.exe /I{3B29A786-5803-4E9E-9B58-3014A5B4E519}
Norton AntiSpam-->MsiExec.exe /I{5677563D-0CB1-485F-9E18-C5025306BB3F}
Norton AntiVirus-->MsiExec.exe /X{830D8CBD-C668-49e2-A969-C2C2106332E0}
Norton Confidential Browser Component-->MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}
Norton Confidential Web Protection Component-->MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}
Norton Internet Security (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_0_0_86\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}.exe" /X
Norton Internet Security Add-on Pack (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{420F8FCF-8F5E-4518-A5B3-FBBD56B98FEC}_1_0_2_3\{420F8FCF-8F5E-4518-A5B3-FBBD56B98FEC}.exe" /X
Norton Internet Security Bonus Pack-->MsiExec.exe /I{D4BB907A-623E-4F07-8787-041ABAE088E4}
Norton Internet Security-->MsiExec.exe /I{48185814-A224-447a-81DA-71BD20580E1B}
Norton Internet Security-->MsiExec.exe /I{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}
Norton Internet Security-->MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
Norton Internet Security-->MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton Password Manager (Symantec Corporation)-->C:\Program Files\Common Files\Symantec Shared\SymSetup\{8315D4B0-9BF2-4D63-8654-74B89D288D6E}.exe /X
Norton Password Manager-->MsiExec.exe /I{8315D4B0-9BF2-4D63-8654-74B89D288D6E}
Norton Protection Center-->MsiExec.exe /I{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}
NPM_DRM_COLLECTION-->MsiExec.exe /I{E38D4B55-212A-4016-BE7E-ED3A6153CBEA}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OTEnet E-mail Deleting Program-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\OTEnet E-mail Deleting Program\ST6UNST.LOG"
Panasonic DVC USB Driver-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{D1014B9B-5704-4B27-B581-1C19B72528D1} /l1032
PC Connectivity Solution-->MsiExec.exe /I{BA084E7C-8ABA-4670-BDE8-B85E689A5C1B}
Personal License Update Wizard for Windows Media Player-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\drmtool.inf,DefaultUninstall
Personal Solution Pac-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0335E386-9ECB-11D4-BA6E-0020AFBCF620}\setup.exe"
PhotoRescue 2.1.676 Memory Corp Version-->"C:\Program Files\PhotoRescue PC\unins000.exe"
Pinnacle Instant DVD Recorder-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}\setup.exe" -l0x9 UNINSTALL
Pinnacle MediaServer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{460CE8B9-6EC2-458A-90D4-691631ECE9D9}\setup.exe" -l0x9 UNINSTALL
Pinnacle PCTV-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C02ED4F-46B0-4E9E-87F7-47AEBA4031C8}\Setup.exe" -l0x9 -L0x9 UNINSTALL
PINNACLE STUDIO 10 Plus Αναβάθμιση στα Ελληνικά -->C:\WINDOWS\iun6002ev.exe "C:\WINDOWS\irunin.ini"
Pinnacle Systems PCI Performance Enhancer-->C:\PROGRA~1\Pinnacle\PPE\UNWISE.EXE C:\PROGRA~1\Pinnacle\PPE\INSTALL.LOG
Pinnacle TRex-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9313E9A6-03DF-11D5-88F8-005004361016}\setup.exe" -l0x9 UNINSTALL
PKZIP Command Line - Registered Version-->MsiExec.exe /I{ED712DA6-4926-11D5-B541-00001C0919A4}
PKZIP Explorer - Registered Version-->MsiExec.exe /I{0F5688F2-4948-11D5-B541-00001C0919A4}
PKZIP for Windows - Registered Version-->MsiExec.exe /I{E2A94DE6-8CA0-11D5-B543-00001C0919A4}
PKZIP Plug-In - Registered Version-->MsiExec.exe /I{479A9026-492F-11D5-B541-00001C0919A4}
Plastira-->MsiExec.exe /I{A3DAEC14-D390-40FE-BD40-5CFB7E7ECC8C}
Plus! MP3 Audio Converter LE-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\audcle.inf,DefaultUninstall
Pocket Video Maker - Mobile Edition Uninstaller-->"C:\Program Files\deset\Pocket Video Maker - Mobile Edition\uninstall.exe"
PowerQuest PartitionMagic 8.0-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
Presto! PageManager 7.11-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC5FDFC6-D617-11D6-86D3-00055DF3561E}\setup.exe" -l0x9
proDAD Heroglyph 2.5-->"C:\Program Files\Pinnacle\proDAD\Heroglyph-2.5\uninstall.exe" uninstall spcp PATHVERSION 2.5 MAINNAME Heroglyph
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Readiris Pro 10-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6300A7D-C1B6-4A25-861D-4AED96202FCD}\Setup.exe" -l0x9
RealOptimizer Pro ACD plug-in-->MsiExec.exe /X{925502FA-FF33-4396-993C-54199781DD3A}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RealPopup-->"C:\Program Files\RealPopup\unins000.exe"
Replay Converter 2.8-->C:\WINDOWS\iun6002.exe "C:\Program Files\Replay Converter\iruninRCV.ini"
Replay Media Catcher-->"C:\WINDOWS\Replay Media Catcher\uninstall.exe" "/U:C:\Program Files\Replay Media Catcher\Uninstall\uninstall.xml"
Replay Media Catcher-->"C:\WINDOWS\Replay Media Catcher\uninstall.exe" "/U:C:\Program Files\Replay Media Catcher\Uninstall\uninstall.xml"
Replay Media Catcher-->C:\PROGRA~1\REPLAY~1\UNWISE.EXE C:\PROGRA~1\REPLAY~1\INSTALL.LOG
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Singular Accountant ver. 2.22-->C:\PROGRA~1\ELITEA~1\SINGUL~1\UNWISE.EXE C:\PROGRA~1\ELITEA~1\SINGUL~1\INSTALL.LOG
Singular Accountant ver. 2.22b-->C:\PROGRA~1\ELITEA~1\SINGUL~1\UNWISE.EXE C:\PROGRA~1\ELITEA~1\SINGUL~1\INSTALL.LOG
Singular Accountant ver. 2.22d-->C:\PROGRA~1\ELITEA~1\SINGUL~1\UNWISE.EXE C:\PROGRA~1\ELITEA~1\SINGUL~1\INSTALL.LOG
Singular Accountant ver. 2.22e-->C:\PROGRA~1\ELITEA~1\SINGUL~1\UNWISE.EXE C:\PROGRA~1\ELITEA~1\SINGUL~1\INSTALL.LOG
Singular Accountant ver. 3.01-->C:\PROGRA~1\ELITEA~1\SINGUL~1\UNWISE.EXE C:\PROGRA~1\ELITEA~1\SINGUL~1\INSTALL.LOG
Singular Accountant ver. 3.01c-->C:\PROGRA~1\ELITEA~1\SINGUL~1\UNWISE.EXE C:\PROGRA~1\ELITEA~1\SINGUL~1\INSTALL.LOG
Singular Accountant ver. 3.01d-->C:\PROGRA~1\ELITEA~1\SINGUL~1\UNWISE.EXE C:\PROGRA~1\ELITEA~1\SINGUL~1\INSTALL.LOG
Singular Accountant ver. 3.02-->C:\PROGRA~1\ELITEA~1\SINGUL~1\UNWISE.EXE C:\PROGRA~1\ELITEA~1\SINGUL~1\INSTALL.LOG
Singular Accountant ver. 3.02d-->C:\PROGRA~1\ELITEA~1\SINGUL~1\UNWISE.EXE C:\PROGRA~1\ELITEA~1\SINGUL~1\INSTALL.LOG
Singular Accountant ver. 3.02e-->C:\PROGRA~1\ELITEA~1\SINGUL~1\UNWISE.EXE C:\PROGRA~1\ELITEA~1\SINGUL~1\INSTALL.LOG
Singular Accountant ver. 3.02h-->C:\PROGRA~1\ELITEA~1\SINGUL~1\UNWISE.EXE C:\PROGRA~1\ELITEA~1\SINGUL~1\INSTALL.LOG
Singular Accountant ver. 3.03-->C:\PROGRA~1\ELITEA~1\SINGUL~1\UNWISE.EXE C:\PROGRA~1\ELITEA~1\SINGUL~1\INSTALL.LOG
Singular Accountant ver. 3.07-->C:\PROGRA~1\ELITEA~1\SINGUL~1\UNWISE.EXE C:\PROGRA~1\ELITEA~1\SINGUL~1\INSTALL.LOG
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SmartSound Quicktracks Plugin-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
StartupMonitor-->MsiExec.exe /I{76EFAC4F-1712-401F-B2AE-590B170C9BCE}
Studio 10 Bonus DVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6A012D9C-2E2E-405A-B87C-E909F5297C3F}\Setup.exe" -l0x9 UNINSTALL
Studio 10-->"C:\Program Files\InstallShield Installation Information\{3CB05291-F546-458E-A796-B5BCF5A3CDC4}\Setup2.exe" -l0x9 UNINSTALL
Studio Premium Pack 1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F14B48AA-FB25-4CAF-9B75-1B9F066ECFEB}\Setup.exe" -l0x9 UNINSTALL
Studio RTFx Volume 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B03028E5-633F-41EE-84A9-2274917F9400}\Setup.exe" -l0x9 UNINSTALL
SweetMovieLife 1.1E-->C:\Program Files\InstallShield Installation Information\{56F6A91D-46D4-4919-ABE6-55BD17DEB039}\setup.exe -runfromtemp -l0x0009 UNINSTALL -removeonly
SWF 'n Slide Pro 1.024-->"C:\Program Files\Vertical Moon\SWF 'n Slide Pro\unins000.exe"
SWF, Lock & Load 1.208-->"C:\Program Files\Vertical Moon\SWF, Lock & Load\unins000.exe"
SyncBack-->"C:\Program Files\SyncBack\unins000.exe"
System Requirements Lab-->C:\Program Files\Common Files\SystemRequirementsLab\Uninstall.exe
TopoView-->MsiExec.exe /I{18DAD2F1-7D83-4E4C-9250-E2836B2740D2}
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
Uniblue DriverScanner 2009-->"C:\Documents and Settings\All Users\Application Data\{5A76C6B3-3FA8-46D0-AA81-62C3805E38BC}\DriverScanner_Setup.exe" REMOVE=TRUE MODIFY=FALSE
Uniblue DriverScanner 2009-->C:\Documents and Settings\All Users\Application Data\{5A76C6B3-3FA8-46D0-AA81-62C3805E38BC}\DriverScanner_Setup.exe
Uniblue RegistryBooster 2009-->"C:\Documents and Settings\All Users\Application Data\{8EE64AC9-4067-4544-96FA-A1719B301ABF}\Uniblue RegistryBooster.exe" REMOVE=TRUE MODIFY=FALSE
Uniblue RegistryBooster 2009-->C:\Documents and Settings\All Users\Application Data\{8EE64AC9-4067-4544-96FA-A1719B301ABF}\Uniblue RegistryBooster.exe
Video2SWF 1.013-->"C:\Program Files\Vertical Moon\Video2SWF\unins000.exe"
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Driver Package - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{39CD7D93-BF66-4B8F-9A9C-560A1F939A0E}
Windows Media Bonus Pack for Windows XP-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmbonus.inf,DefaultUninstall
Windows Media Connect-->"C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Playlist Import to Excel Wizard-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mpxlswiz.inf,DefaultUninstall
Windows Media Player Skin Importer-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wa2wmp.inf,DefaultUninstall
Windows Media Player Tray Control-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mpxptray.inf,DefaultUninstall
Windows Workflow Foundation EL Language Pack-->MsiExec.exe /I{42918E53-1597-4154-A203-CC100AF41EAB}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe"
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Αντίγραφα ασφαλείας προσωπικών φακέλων του Microsoft Outlook-->MsiExec.exe /X{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}
Δήλωση χρήστη Canon iP3300-->C:\Program Files\Canon\IJEREG\iP3300\UNINST.EXE
Ενημερωμένη έκδοση ασφαλείας για Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Ενημερωμένη έκδοση ασφαλείας για το Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Ενημέρωση ασφαλείας για Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Ενημέρωση για Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Ενημέρωση για Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Επείγουσα επιδιόρθωση για Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Επείγουσα επιδιόρθωση για το Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Επέκταση HighMAT στον Οδηγό εγγραφής CD για Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
Πακέτο βασικής υπηρεσίας παροχής κρυπτογράφησης έξυπνων καρτών της Microsoft-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Πακέτο ελληνικής γλώσσας του Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Greek Language Pack\setup.exe
Πακέτο προγραμμάτων οδήγησης των Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_F12A08B6F776984A95553486F64C541356F86E38\pccs_bluetooth.inf
Πακέτο προγραμμάτων οδήγησης των Windows - Nokia Modem (05/24/2007 6.84.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_5E1541AFF1E1EA3554CE566743CCAD323ED1C108\nokbtmdm.inf
Πακέτο προγραμμάτων οδήγησης των Windows - Nokia Modem (08/03/2007 6.84.0.2)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_1EB5F2E6F54A6BEDE9F436D1BA5D830FC71739BE\nokbtmdm.inf
Πακέτο προγραμμάτων οδήγησης των Windows - Nokia Modem (08/08/2007 3.3)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_32E2E448B53EE5B28E074D88802D0BAF984038DA\pccs_bluetooth.inf
Πακέτο προγραμμάτων οδήγησης των Windows - Nokia Modem (10/12/2007 3.6)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_0A5D98F754C6588B2E3DDE89DDEF097075ADFFB7\nokia_bluetooth.inf
Πακέτο προγραμμάτων οδήγησης των Windows - Nokia Modem (11/03/2006 6.82.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567\nokbtmdm.inf
Πακέτο προγραμμάτων οδήγησης των Windows - Pinnacle Systems (3xHybrid) MEDIA 08/30/2004 1.3.1.15-->C:\WINDOWS\system32\DRVSTORE\f1490bc41e7d27129cb157cba768cf63b89e7752\DPInst.exe /u PCTV100i_ee9ddc2045823be44b9d84ab9ec730afda4514cf
Πακέτο συμβατότητας για το 2007 Microsoft Office system-->MsiExec.exe /X{90120000-0020-0408-0000-0000000FF1CE}
Πρόγραμμα Προβολής Microsoft Office PowerPoint 2003-->MsiExec.exe /X{90AF0408-6000-11D3-8CFE-0150048383C9}
Πρόγραμμα-πελάτης Windows Rights Management with Service Pack 2-->MsiExec.exe /X{8B99FB52-9689-43F9-8D78-7B877F4AB14C}
Συγκεντρωτικές καταστάσεις Πελατών-Προμηθευτών Έκδοση 2007 v1-->"C:\Program Files\KVS2007\unins000.exe"
Συμβατότητα με παλαιότερες εκδόσεις SP2 του Προγράμματος-πελάτη Windows Rights Management-->MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790}
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: Norton Internet Security
FW: Norton Internet Security
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\ACD Systems\EN\;C:\Program Files\Microsoft SQL Server\80\Tools\BINN;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Sonic\MyDVD;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Intel\DMIX
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0304
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
-----------------EOF-----------------
Sorry for delay, I got no email notification.
That looks like a false positive to me.
Please go to Eset website (http://www.eset.com/onlinescan/) to perform an online scan. Please use Internet Explorer as it uses ActiveX.
Check (tick) this box: YES, I accept the Terms of Use.
Click on the Start button next to it.
When prompted to run ActiveX. click Yes.
You will be asked to install an ActiveX. Click Install.
Once installed, the scanner will be initialized.
After the scanner is initialized, click Start.
Uncheck (untick) Remove found threats box.
Check (tick) Scan unwanted applications.
Click on Scan.
It will start scanning. Please be patient.
Once the scan is done, you will find a log in C:\Program Files\esetonlinescanner\log.txt. Please post this log in your next reply.
My apologies for my late reply, but it did take a long time to scan my computer indeed.
Here's the log you asked for :
# version=4
# OnlineScanner.ocx=1.0.0.635
# OnlineScannerDLLA.dll=1, 0, 0, 79
# OnlineScannerDLLW.dll=1, 0, 0, 78
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=3615 (20081115)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.066 (20070917)
# EOSSerial=233145fe1af2284bafafbc7abb0d898e
# end=finished
# remove_checked=false
# unwanted_checked=true
# utc_time=2008-11-16 05:38:36
# local_time=2008-11-16 07:38:36 )
# country="Greece"
# osver=5.1.2600 NT Service Pack 3
# scanned=684742
# found=0
# scan_time=11698
That looks good :)
Still problems?
I don't know.
I am just scanning again with spybot.
Hope that it will not deliver again the same notification...
I'll keep you informed as soon as spybot finishes scanning.
Any other advice from your side ?
Many thanxz
Post back anyway after scan and I will give instructions after that :)
Well... I really don't know what to suppose...
This time Spybot found absolutely NOTHING.
The strange thing is that no viruses and/or malware and/or spyware was found so far by any of the software you suggested to use.
Although, Spybot suddenly stopped finding that Virtumonte issue...
My limited knowledge stops somewhere here.
Any idea from you Shaba ?
Have you updated spybot meanwhile?
If so, that might have been a false positive which have been fixed in latest update.
I really do not remember if I manually updated Spybot,
but as far as I had programmed a scheduled update, it probably did automatically.
The problem was first noticed after installing detection update of 05/11/2008.
Now, taking a look at Spybot > Info & Licence, it says :
Latest detection update 12/11/2008.
So, it probably was a false positive which was corrected in new update.
I hope it does not alert me again for the same issue...
I would like to thank you very much for all your efforts towards solving my issue.
I'll drop a few thanking lines at the appropriate section of this forum.
My warmest regards,
CDL_gr
Yes that seems to be the reason.
See below for my tips.
Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:
Next we remove all used tools.
You can delete rsit and c:\rsit folder.
Disable and Enable System Restore. - If you are using Windows XP then you should disable and re-enable system restore to make sure there are no infected files found in a restore point.
You can find instructions on how to enable and re-enable system restore here:
Windows XP System Restore Guide (http://www.bleepingcomputer.com/forums/tutorial56.html)
Re-enable system restore with instructions from tutorial above
Make your Internet Explorer more secure - This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialize and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.
Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com (http://www.windowsupdate.com) regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
Install Malwarebytes' Anti-Malware - Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is
totally free but for real-time protection you will have to pay a small one-time fee. Tutorial on installing & using this product can be found below:
Malwarebytes' Anti-Malware Setup Guide (http://www.bfccomputers.com/forum/index.php?showtopic=1644)
Malwarebytes' Anti-Malware Scanning Guide (http://www.bfccomputers.com/forum/index.php?showtopic=1645)
Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.
A tutorial on installing & using this product can be found here:
Using SpywareBlaster to protect your computer from Spyware and Malware (http://www.bleepingcomputer.com/tutorials/tutorial49.html)
Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Follow this list and your potential for being infected again will reduce dramatically.
Here are some additional utilities that will enhance your safety
MVPS Hosts file (http://mvps.org/winhelp2002/hosts.htm) <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer. See also a hosts file tutorial here (http://malwareremoval.com/forum/viewtopic.php?t=22187)
Winpatrol (http://www.winpatrol.com/) <= Download and install the free version of Winpatrol. a tutorial for this product is located here:
Using Winpatrol to protect your computer from malicious software (http://www.winpatrol.com/features.html)
Stand Up and Be Counted ---> Malware Complaints (http://www.malwarecomplaints.info/index.php) <--- where you can make difference!
The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware.
Also, please read this great article by Tony Klein So How Did I Get Infected In First Place (http://forums.spybot.info/showthread.php?t=279)
Happy surfing and stay clean! :bigthumb:
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.
Note: If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.
If it has been less than five days since your last response and you need the thread re-opened, please send me or your helper a private message (pm). A valid, working link to the closed topic is required.