Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-07-2013 01
Ran by adam (administrator) on 23-07-2013 17:52:41
Running from C:\Users\adam\Desktop
Windows 7 Home Premium (X64) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
() C:\ProgramData\DatacardService\DCService.exe
() C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Huawei Technologies Co., Ltd.) C:\Users\adam\AppData\Roaming\blueconnect\ouc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [2703752 2010-03-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1281512 2013-01-27] (Microsoft Corporation)
HKLM\...\Runonce: [NCInstallQueue] - rundll32 netman.dll,ProcessQueue [x]
HKCU\...\Run: [HW_OPENEYE_OUC_blueconnect] - C:\Program Files (x86)\blueconnect\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)
HKCU\...\Run: [DAEMON Tools Lite] - D:\Daemon Tools\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
MountPoints2: F - F:\AutoRun.exe
MountPoints2: {e37b9142-a17e-11e0-b82d-e811324e13ae} - F:\AutoRun.exe
MountPoints2: {e37b9152-a17e-11e0-b82d-e811324e13ae} - G:\AutoRun.exe
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Microsoft Default Manager] - "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [UCam_Menu] - "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [DataCardMonitor] - C:\Program Files (x86)\blueconnect\DataCardMonitor.exe [253952 2011-06-28] (Huawei Technologies Co., Ltd.)
HKLM-x32\...\Run: [GrooveMonitor] - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [1558480 2013-07-03] (APN)
IMEO\avguard.exe: [Debugger] svchost.exe
IMEO\AVWEBGRD.EXE: [Debugger] svchost.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://allegro.pl/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://samsung.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
SearchScopes: HKCU - {2722CCC8-18D6-421A-B6C0-183C28DFFFD9} URL = http://www.bing.com/search?FORM=SMSTDF&PC=MASM&q={searchTerms}&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll ()
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: YouTube To ALLPlayer - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~2\ALLPLA~1\YOUTUB~1.DLL (ALLPlayer.org)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll ()
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll ()
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll ()
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll ()
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 62.179.1.61 62.179.1.60

FireFox:
========
FF ProfilePath: C:\Users\adam\AppData\Roaming\Mozilla\Firefox\Profiles\rfbcrswb.default
FF Homepage: hxxp://allegro.pl/
FF NetworkProxy: "type", 0
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
FF Extension: IplextoALL - C:\Users\adam\AppData\Roaming\Mozilla\Firefox\Profiles\rfbcrswb.default\Extensions\IplextoALL@ALLPlayer.org.xpi
FF Extension: toolbar_AVIRA-V7 - C:\Users\adam\AppData\Roaming\Mozilla\Firefox\Profiles\rfbcrswb.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF Extension: YouTubetoALL - C:\Users\adam\AppData\Roaming\Mozilla\Firefox\Profiles\rfbcrswb.default\Extensions\YouTubetoALL@ALLPlayer.org.xpi
FF Extension: No Name - C:\Users\adam\AppData\Roaming\Mozilla\Firefox\Profiles\rfbcrswb.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
FF Extension: No Name - C:\Users\adam\AppData\Roaming\Mozilla\Firefox\Profiles\rfbcrswb.default\Extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{B7082FAA-CB62-4872-9106-E42DD88EDE45}] C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

==================== Services (Whitelisted) =================

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-03] (APN LLC.)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-08-19] ()
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [203280 2009-01-23] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S2 AVGIDSAgent; "D:\AVG AntiVirus\avgidsagent.exe" [x]

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-09] (DT Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-04-09] (Windows (R) 2003 DDK 3790 provider)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-04-09] (Windows (R) 2003 DDK 3790 provider)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-23 17:43 - 2013-07-23 17:43 - 00000000 _____ C:\Program
2013-07-23 17:33 - 2013-07-23 17:33 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-07-23 17:33 - 2013-07-23 17:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-07-23 17:10 - 2013-07-23 17:43 - 00000000 ____D C:\FRST
2013-07-23 17:08 - 2013-07-23 17:08 - 00357077 _____ (Farbar) C:\Users\adam\Desktop\FSS.exe
2013-07-23 17:04 - 2013-07-23 17:04 - 01779447 _____ (Farbar) C:\Users\adam\Desktop\FRST64.exe
2013-07-23 16:57 - 2013-07-23 16:57 - 00000000 ____D C:\_OTL
2013-07-23 15:18 - 2013-07-23 15:18 - 00368554 _____ C:\Users\adam\Desktop\gmer.zip
2013-07-23 15:17 - 2013-07-23 15:17 - 00602112 _____ (OldTimer Tools) C:\Users\adam\Desktop\OTL.scr
2013-07-23 14:59 - 2013-07-23 14:59 - 00000000 ____D C:\Users\adam\AppData\Local\AskPartnerNetwork
2013-07-23 14:55 - 2013-07-23 17:28 - 00000000 ____D C:\ProgramData\Avira
2013-07-23 14:55 - 2013-07-23 14:55 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-23 14:55 - 2013-07-23 14:55 - 00000000 ____D C:\ProgramData\APN
2013-07-23 14:55 - 2013-07-23 14:55 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-23 14:49 - 2013-07-23 14:49 - 108450560 _____ C:\Users\adam\Downloads\avira_free_antivirus_en.exe
2013-07-23 14:24 - 2013-07-23 17:33 - 00001912 _____ C:\Windows\epplauncher.mif
2013-07-23 14:23 - 2010-04-09 13:06 - 00374664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-07-23 14:21 - 2013-07-23 14:21 - 13508048 _____ (Microsoft Corporation) C:\Users\adam\Desktop\mseinstall.exe
2013-07-23 14:07 - 2013-05-02 17:29 - 00278800 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-07-23 14:04 - 2013-07-23 14:04 - 00000000 ____D C:\Users\adam\AppData\Roaming\TuneUp Software
2013-07-23 14:03 - 2013-07-23 14:05 - 00000000 ____D C:\ProgramData\AVG2013
2013-07-23 14:00 - 2013-07-23 14:10 - 00000000 ____D C:\ProgramData\MFAData
2013-07-23 14:00 - 2013-07-23 14:00 - 00000000 ____D C:\Users\adam\AppData\Local\MFAData
2013-07-23 14:00 - 2013-07-23 14:00 - 00000000 ____D C:\Users\adam\AppData\Local\Avg2013
2013-07-23 13:48 - 2013-07-23 17:30 - 00098076 _____ C:\Windows\PFRO.log
2013-07-23 13:27 - 2013-07-23 13:27 - 00003130 _____ C:\Windows\System32\Tasks\{8B44E3E4-6EB8-4B45-B7F4-0F8AAD59CC50}
2013-07-23 13:19 - 2013-07-23 17:49 - 00000504 _____ C:\Windows\setupact.log
2013-07-23 13:19 - 2013-07-23 13:19 - 00000000 _____ C:\Windows\setuperr.log
2013-07-23 13:17 - 2013-07-23 13:17 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-23 13:17 - 2013-07-23 13:17 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-23 13:17 - 2013-07-23 13:17 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-23 13:17 - 2013-07-23 13:17 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-23 13:17 - 2013-07-23 13:17 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-23 13:17 - 2013-07-23 13:17 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-23 13:03 - 2013-07-23 13:03 - 00004124 _____ C:\Windows\System32\Tasks\avast! Emergency Update

==================== One Month Modified Files and Folders =======

2013-07-23 17:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2013-07-23 17:49 - 2013-07-23 13:19 - 00000504 _____ C:\Windows\setupact.log
2013-07-23 17:49 - 2012-09-07 08:35 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-07-23 17:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-23 17:48 - 2010-11-08 21:20 - 01061033 _____ C:\Windows\WindowsUpdate.log
2013-07-23 17:43 - 2013-07-23 17:43 - 00000000 _____ C:\Program
2013-07-23 17:43 - 2013-07-23 17:10 - 00000000 ____D C:\FRST
2013-07-23 17:38 - 2009-07-14 06:45 - 00014144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-23 17:38 - 2009-07-14 06:45 - 00014144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-23 17:33 - 2013-07-23 17:33 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-07-23 17:33 - 2013-07-23 17:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-07-23 17:33 - 2013-07-23 14:24 - 00001912 _____ C:\Windows\epplauncher.mif
2013-07-23 17:30 - 2013-07-23 13:48 - 00098076 _____ C:\Windows\PFRO.log
2013-07-23 17:28 - 2013-07-23 14:55 - 00000000 ____D C:\ProgramData\Avira
2013-07-23 17:13 - 2012-04-11 21:08 - 00193536 ___SH C:\Users\adam\Desktop\Thumbs.db
2013-07-23 17:08 - 2013-07-23 17:08 - 00357077 _____ (Farbar) C:\Users\adam\Desktop\FSS.exe
2013-07-23 17:04 - 2013-07-23 17:04 - 01779447 _____ (Farbar) C:\Users\adam\Desktop\FRST64.exe
2013-07-23 16:57 - 2013-07-23 16:57 - 00000000 ____D C:\_OTL
2013-07-23 15:18 - 2013-07-23 15:18 - 00368554 _____ C:\Users\adam\Desktop\gmer.zip
2013-07-23 15:17 - 2013-07-23 15:17 - 00602112 _____ (OldTimer Tools) C:\Users\adam\Desktop\OTL.scr
2013-07-23 14:59 - 2013-07-23 14:59 - 00000000 ____D C:\Users\adam\AppData\Local\AskPartnerNetwork
2013-07-23 14:56 - 2011-06-28 17:24 - 00000000 ____D C:\Users\adam\Desktop\na lapa
2013-07-23 14:55 - 2013-07-23 14:55 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-23 14:55 - 2013-07-23 14:55 - 00000000 ____D C:\ProgramData\APN
2013-07-23 14:55 - 2013-07-23 14:55 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-23 14:49 - 2013-07-23 14:49 - 108450560 _____ C:\Users\adam\Downloads\avira_free_antivirus_en.exe
2013-07-23 14:29 - 2012-12-25 22:15 - 00000000 ____D C:\Users\adam\AppData\Roaming\Firewall Host
2013-07-23 14:21 - 2013-07-23 14:21 - 13508048 _____ (Microsoft Corporation) C:\Users\adam\Desktop\mseinstall.exe
2013-07-23 14:10 - 2013-07-23 14:00 - 00000000 ____D C:\ProgramData\MFAData
2013-07-23 14:05 - 2013-07-23 14:03 - 00000000 ____D C:\ProgramData\AVG2013
2013-07-23 14:04 - 2013-07-23 14:04 - 00000000 ____D C:\Users\adam\AppData\Roaming\TuneUp Software
2013-07-23 14:00 - 2013-07-23 14:00 - 00000000 ____D C:\Users\adam\AppData\Local\MFAData
2013-07-23 14:00 - 2013-07-23 14:00 - 00000000 ____D C:\Users\adam\AppData\Local\Avg2013
2013-07-23 13:53 - 2010-11-08 04:36 - 00000000 ____D C:\ProgramData\McAfee
2013-07-23 13:51 - 2010-11-08 04:36 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-07-23 13:39 - 2012-04-02 21:00 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-23 13:39 - 2012-04-02 20:59 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-23 13:27 - 2013-07-23 13:27 - 00003130 _____ C:\Windows\System32\Tasks\{8B44E3E4-6EB8-4B45-B7F4-0F8AAD59CC50}
2013-07-23 13:19 - 2013-07-23 13:19 - 00000000 _____ C:\Windows\setuperr.log
2013-07-23 13:17 - 2013-07-23 13:17 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-23 13:17 - 2013-07-23 13:17 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-23 13:17 - 2013-07-23 13:17 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-23 13:17 - 2013-07-23 13:17 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-23 13:17 - 2013-07-23 13:17 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-23 13:17 - 2013-07-23 13:17 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-23 13:17 - 2011-08-23 14:07 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-23 13:12 - 2011-06-29 11:41 - 00000000 ____D C:\Users\adam\AppData\Roaming\Skype
2013-07-23 13:03 - 2013-07-23 13:03 - 00004124 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-22 20:08 - 2011-06-29 11:45 - 00000000 ____D C:\Users\adam\Documents\Youcam
2013-07-22 17:09 - 2013-03-13 09:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-22 17:09 - 2013-03-13 09:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-22 17:08 - 2013-01-09 15:27 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-22 17:08 - 2011-08-08 15:55 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-22 16:05 - 2011-06-28 14:06 - 00000000 ____D C:\Users\adam
2013-07-22 16:02 - 2011-06-28 14:29 - 00000000 ____D C:\Users\adam\AppData\Roaming\blueconnect
2013-07-22 16:02 - 2011-06-28 14:27 - 00000000 ____D C:\Program Files (x86)\blueconnect
2013-07-22 16:02 - 2010-11-08 21:49 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-07-22 16:02 - 2010-11-08 04:34 - 00000000 ____D C:\ProgramData\WinClon
2013-07-22 16:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-06-29 18:12 - 2010-11-08 22:02 - 00701984 _____ C:\Windows\system32\perfh015.dat
2013-06-29 18:12 - 2010-11-08 22:02 - 00136712 _____ C:\Windows\system32\perfc015.dat
2013-06-29 18:12 - 2009-07-14 07:13 - 01560328 _____ C:\Windows\system32\PerfStringBackup.INI

Files to move or delete:
====================
C:\Users\adam\AppData\Roaming\cache.dat
C:\ProgramData\FullRemove.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-23 16:43

==================== End Of Log ============================