Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2013 03
Ran by Pancio (administrator) on EXPERT-KOMP on 04-09-2013 16:15:36
Running from C:\Users\Pancio\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(brother Industries Ltd) C:\Windows\SysWOW64\brsvc01a.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Threat Expert Ltd.) C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
() C:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(brother Industries Ltd) C:\Windows\SysWOW64\brss01a.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\Tor\tor.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
(Visicom Media Inc.) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(ASUS) C:\Windows\AsScrPro.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(DealPly Technologies Ltd) C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Visicom Media Inc.) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
(www.BitComet.com) C:\Program Files\BitComet\BitComet.exe
(www.BitComet.com) C:\Program Files\BitComet\tools\BitCometService.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-08-12] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [617856 2009-07-30] (ELAN Microelectronic Corp.)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624 2009-07-07] (ASUS)
HKLM-x32\...\Run: [SSDMonitor] - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2012-01-04] (PC Tools)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Panda Security URL Filtering] - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe [235072 2013-04-11] (Visicom Media Inc.)
HKLM-x32\...\Run: [PSUAMain] - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe [32480 2013-01-27] (Panda Security, S.L.)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2314416 2013-08-15] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKU\Expert\...\Run: [ALLUpdate] - C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2991616 2012-10-08] (ALLCinema)
HKU\Expert\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [719672 2012-01-20] (Microsoft Corporation)
HKU\Expert\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKU\Expert\...\Run: [GarenaPlus] - C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [9827632 2013-04-25] ()
HKU\Expert\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-05-09] ()
HKU\Expert\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1811880 2013-08-28] (Valve Corporation)
HKU\Expert\...\Run: [NTRedirect] - C:\Users\Expert\AppData\Roaming\BabSolution\Shared\NTRedirect.dll [121856 2013-07-25] () <===== ATTENTION
AppInit_DLLs-x32: c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll  [2691536 2013-07-26] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PC Tools Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.5.0.2\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: DealPly Shopping - {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll ()
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll (Delta-search.com)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll ()
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.5.0.2\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog9 01 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 02 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 03 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 04 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 05 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 06 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 18 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 01 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 02 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 03 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 04 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 05 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 06 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 18 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
Tcpip\Parameters: [DhcpNameServer] 194.24.244.3 194.24.244.4

FireFox:
========
FF ProfilePath: C:\Users\Pancio\AppData\Roaming\Mozilla\Firefox\Profiles\bketpiy1.default
FF NewTab: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=34BD00FF1636D8C1&affID=119828&tsp=4962
FF SearchEngineOrder.1: Delta Search
FF SelectedSearchEngine: Delta Search
FF Homepage: hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=34BD00FF1636D8C1&affID=119828&tsp=4962
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=3 - C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=9 - C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\adawaretb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
FF HKLM-x32\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\
FF Extension: Browser Guard Toolbar - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\15.5.0.2
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\15.5.0.2

==================== Services (Whitelisted) =================

R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
R3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
R2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-14] (brother Industries Ltd)
R2 Browser Defender Update Service; C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [575448 2012-06-22] (Threat Expert Ltd.)
R2 BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2847696 2013-07-26] ()
S2 dealplylive; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-08-02] (DealPly Technologies Ltd)
S3 dealplylivem; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-08-02] (DealPly Technologies Ltd)
S2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2012-04-08] ()
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [140512 2013-01-27] (Panda Security, S.L.)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2012-01-04] (PC Tools)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2011-04-04] ()
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [37088 2013-01-27] (Panda Security, S.L.)
S3 sdAuxService; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [402368 2012-06-22] (PC Tools)
S3 sdCoreService; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe [1118680 2012-06-22] (PC Tools)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-30] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [746392 2013-03-20] (Tunngle.net GmbH)
R2 vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [1643184 2013-08-15] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 1394hub; C:\Windows\SysWow64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-08-15] (AVG Technologies)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [17656 2011-05-05] (Applied Networking Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [89640 2012-11-26] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [114728 2012-11-26] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [95712 2013-01-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [114216 2012-11-26] (Panda Security, S.L.)
S1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [33320 2012-10-22] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [94248 2012-11-26] (Panda Security, S.L.)
S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69160 2012-11-28] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [118312 2012-11-26] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306216 2012-11-26] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [116776 2012-11-26] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [114216 2012-11-26] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [232488 2012-11-28] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [105000 2012-11-26] (Panda Security, S.L.)
R3 PCTBD; C:\Windows\System32\Drivers\PCTBD64.sys [85224 2012-06-22] (PC Tools)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [426616 2012-04-23] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS64.sys [453896 2012-02-28] (PC Tools)
R1 PCTSD; C:\Windows\System32\Drivers\PCTSD64.sys [251560 2012-06-22] (PC Tools)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [167976 2012-11-09] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [119848 2012-11-09] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [204328 2012-11-09] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [123944 2012-11-09] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [133160 2012-11-09] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [58360 2012-11-07] (Panda Security, S.L.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-09-27] ()
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
U3 ao00ca3b; C:\Windows\System32\Drivers\ao00ca3b.sys [0 ] (Advanced Micro Devices)
S3 ALSysIO; \??\C:\Users\Expert\AppData\Local\Temp\ALSysIO64.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [x]
U3 tmlwf; 
U3 tmwfp; 
S3 Tosrfcom; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-04 16:12 - 2013-09-04 16:12 - 00000000 ____D C:\Users\Pancio\AppData\Local\Macromedia
2013-09-04 16:06 - 2013-09-04 16:14 - 00000000 ____D C:\Users\Pancio\AppData\Roaming\Skype
2013-09-04 16:05 - 2013-09-04 16:11 - 00000000 ____D C:\Users\Pancio\AppData\Roaming\TS3Client
2013-09-04 16:04 - 2013-09-04 16:14 - 00000000 ____D C:\Users\Pancio\AppData\Roaming\BitComet
2013-09-04 16:03 - 2013-09-04 16:03 - 00000000 ____D C:\Users\Pancio\AppData\Roaming\Mozilla
2013-09-04 16:03 - 2013-09-04 16:03 - 00000000 ____D C:\Users\Pancio\AppData\Roaming\Macromedia
2013-09-04 16:03 - 2013-09-04 16:03 - 00000000 ____D C:\Users\Pancio\AppData\Local\Mozilla
2013-09-04 16:02 - 2013-09-04 16:02 - 00110864 _____ C:\Users\Pancio\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-04 16:02 - 2013-09-04 16:02 - 00001423 _____ C:\Users\Pancio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-04 16:02 - 2013-09-04 16:02 - 00000000 ___RD C:\Users\Pancio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-04 16:02 - 2013-09-04 16:02 - 00000000 ___RD C:\Users\Pancio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-04 16:02 - 2013-09-04 16:02 - 00000000 ____D C:\Users\Pancio\AppData\Roaming\Adobe
2013-09-04 16:02 - 2013-09-04 16:02 - 00000000 ____D C:\Users\Pancio\AppData\Local\SRS Labs
2013-09-04 16:02 - 2013-09-04 16:02 - 00000000 ____D C:\Users\Pancio\AppData\Local\panda4_0dn
2013-09-04 16:02 - 2013-09-04 16:02 - 00000000 ____D C:\Users\Pancio\AppData\Local\LogMeIn Hamachi
2013-09-04 16:02 - 2013-09-04 16:02 - 00000000 ____D C:\Users\Pancio\AppData\Local\AVG SafeGuard toolbar
2013-09-04 16:01 - 2013-09-04 16:02 - 00000000 ____D C:\Users\Pancio
2013-09-04 16:01 - 2013-09-04 16:01 - 00000020 ___SH C:\Users\Pancio\ntuser.ini
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\Ustawienia lokalne
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\Szablony
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\Moje dokumenty
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\Menu Start
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\Documents\Moje wideo
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\Documents\Moje obrazy
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\Documents\Moja muzyka
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\Dane aplikacji
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\AppData\Local\Historia
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\AppData\Local\Dane aplikacji
2013-09-04 16:01 - 2012-04-09 19:52 - 00000000 ____D C:\Users\Pancio\AppData\Local\Microsoft Help
2013-09-04 16:01 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Pancio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-04 16:01 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Pancio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-04 15:51 - 2013-08-30 21:20 - 00000880 _____ C:\Users\Pancio\Desktop\yhy.txt
2013-09-04 15:51 - 2013-02-20 23:13 - 11427497 _____ C:\Users\Pancio\Desktop\haxy od miłosza.rar
2013-09-04 15:47 - 2013-09-04 16:11 - 00000000 ____D C:\Users\Pancio\Desktop\new konto
2013-09-03 19:56 - 2013-09-03 20:05 - 00000000 ____D C:\pobieralnia
2013-09-03 06:36 - 2013-09-03 06:36 - 00000000 ____D C:\Windows\SysWOW64\BrowserProtect
2013-09-02 20:08 - 2013-09-02 20:08 - 00000000 ____D C:\repro
2013-09-02 16:09 - 2012-11-07 10:00 - 00058360 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2013-09-02 16:01 - 2013-09-03 17:00 - 00000000 ____D C:\Windows\SysWOW64\cache
2013-09-01 00:08 - 2013-09-02 00:19 - 00000000 ____D C:\FRST
2013-08-31 16:22 - 2013-08-31 16:22 - 00000570 _____ C:\Windows\PFRO.log
2013-08-30 23:53 - 2013-09-04 15:30 - 00000560 _____ C:\Windows\setupact.log
2013-08-30 23:53 - 2013-08-30 23:53 - 00000000 _____ C:\Windows\setuperr.log
2013-08-30 23:52 - 2013-08-30 23:52 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\WinRAR
2013-08-30 23:51 - 2013-08-30 23:51 - 00000745 _____ C:\Windows\COD.INI
2013-08-30 23:40 - 2013-08-30 23:40 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\DAEMON Tools Lite
2013-08-30 23:37 - 2013-08-30 23:37 - 00000000 _____ C:\1Clickfoldertest.txt
2013-08-30 23:00 - 2013-08-30 23:00 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\File Scout
2013-08-30 21:27 - 2013-08-30 21:27 - 00000000 ____D C:\Users\TEMP\Documents\Diablo III
2013-08-30 21:21 - 2013-08-30 21:21 - 00000880 _____ C:\Users\TEMP\Desktop\yhy.txt
2013-08-30 21:13 - 2013-08-30 21:21 - 00000000 ____D C:\Users\TEMP\Documents\Visual Studio 2005
2013-08-30 17:54 - 2013-08-30 17:54 - 00000000 ____D C:\Users\TEMP\AppData\Local\Macromedia
2013-08-30 17:20 - 2013-08-30 17:20 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Mozilla
2013-08-30 17:20 - 2013-08-30 17:20 - 00000000 ____D C:\Users\TEMP\AppData\Local\Mozilla
2013-08-30 17:13 - 2013-08-30 17:13 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Macromedia
2013-08-30 17:13 - 2013-08-30 17:13 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\LolClient
2013-08-30 17:13 - 2013-08-30 17:13 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Adobe
2013-08-30 17:13 - 2013-08-30 17:13 - 00000000 ____D C:\Users\TEMP\AppData\Local\AVG SafeGuard toolbar
2013-08-30 17:12 - 2013-08-31 04:57 - 00000000 ____D C:\Users\TEMP\AppData\Local\PMB Files
2013-08-30 17:12 - 2013-08-31 04:18 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Skype
2013-08-30 17:12 - 2013-08-30 21:25 - 00000000 ____D C:\Users\TEMP\AppData\Local\LogMeIn Hamachi
2013-08-30 17:12 - 2013-08-30 17:12 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\GarenaPlus
2013-08-30 17:12 - 2013-08-30 17:12 - 00000000 ____D C:\Users\TEMP\AppData\Local\SRS Labs
2013-08-30 17:12 - 2013-08-30 17:12 - 00000000 ____D C:\Users\TEMP\AppData\Local\panda4_0dn
2013-08-30 17:11 - 2012-04-09 19:52 - 00000000 ____D C:\Users\TEMP\AppData\Local\Microsoft Help
2013-08-30 16:21 - 2013-08-30 16:21 - 00003440 _____ C:\Windows\System32\Tasks\AdobeFlashPlayerUpdate
2013-08-30 16:21 - 2013-08-30 16:21 - 00003180 _____ C:\Windows\System32\Tasks\AdobeFlashPlayerUpdate 2
2013-08-30 16:12 - 2013-08-30 16:12 - 00000000 ____D C:\Program Files (x86)\Tor
2013-08-20 22:43 - 2013-08-21 18:39 - 00000000 ____D C:\Program Files (x86)\Diablo III
2013-08-20 22:43 - 2013-08-20 22:44 - 00001130 _____ C:\Users\Public\Desktop\Diablo III.lnk
2013-08-20 22:32 - 2013-08-20 22:41 - 40048216 _____ (Blizzard Entertainment) C:\Users\Expert\Downloads\Diablo-III-Setup-plPL.exe
2013-08-19 04:03 - 2013-08-19 04:03 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-19 04:03 - 2013-08-19 04:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-19 04:02 - 2013-08-19 04:02 - 00815496 _____ (Adobe Systems Incorporated) C:\Users\Expert\Downloads\uninstall_flash_player.exe
2013-08-19 03:54 - 2013-08-19 03:54 - 17737608 _____ (Adobe Systems Incorporated) C:\Users\Expert\Downloads\install_flash_player.exe
2013-08-16 20:24 - 2013-08-18 15:55 - 00000000 ____D C:\Users\Expert\Desktop\wazne
2013-08-15 03:16 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 03:16 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 03:16 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 03:16 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 03:16 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 03:16 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 03:16 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 03:16 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 03:16 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 03:16 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 03:16 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 03:16 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 03:16 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 03:16 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 03:16 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 03:16 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 03:16 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 03:16 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 03:16 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 03:16 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 03:16 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 03:16 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 03:16 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 03:16 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 03:16 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 03:16 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 03:16 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 03:16 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 03:15 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 03:15 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 03:15 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 14:36 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 14:36 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 14:36 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 14:36 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 14:36 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 14:36 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 14:36 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 14:36 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 14:36 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 14:36 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 14:35 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 14:35 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 14:34 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 14:34 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 14:34 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 14:34 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 14:34 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 14:34 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 14:34 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 14:34 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 14:34 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 14:24 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 14:24 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 14:24 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 14:24 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 14:24 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 14:24 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-11 15:09 - 2013-09-01 17:48 - 00000000 ____D C:\Program Files (x86)\Movdap
2013-08-11 15:09 - 2013-08-30 16:14 - 00000000 ____D C:\Users\Expert\AppData\Roaming\Movdap
2013-08-09 22:04 - 2013-08-09 22:04 - 00000000 _____ C:\Windows\SysWOW64\shoAD65.tmp
2013-08-09 22:00 - 2013-08-15 03:06 - 00000000 ____D C:\Windows\system32\MRT
2013-08-05 13:51 - 2013-08-05 13:52 - 00000000 _____ C:\Users\Expert\AppData\Local\{4A831CC0-96DD-4209-862C-91C0E19AAC89}

==================== One Month Modified Files and Folders =======

2013-09-04 16:15 - 2013-09-04 16:15 - 01950416 _____ (Farbar) C:\Users\Pancio\Downloads\FRST64.exe
2013-09-04 16:14 - 2013-09-04 16:06 - 00000000 ____D C:\Users\Pancio\AppData\Roaming\Skype
2013-09-04 16:14 - 2013-09-04 16:04 - 00000000 ____D C:\Users\Pancio\AppData\Roaming\BitComet
2013-09-04 16:12 - 2013-09-04 16:12 - 00000000 ____D C:\Users\Pancio\AppData\Local\Macromedia
2013-09-04 16:11 - 2013-09-04 16:05 - 00000000 ____D C:\Users\Pancio\AppData\Roaming\TS3Client
2013-09-04 16:11 - 2013-09-04 15:47 - 00000000 ____D C:\Users\Pancio\Desktop\new konto
2013-09-04 16:07 - 2013-08-02 16:02 - 00000906 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-09-04 16:07 - 2013-08-02 16:02 - 00000902 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2013-09-04 16:06 - 2011-11-07 15:53 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-09-04 16:06 - 2011-03-28 21:30 - 00000000 ____D C:\ProgramData\Skype
2013-09-04 16:03 - 2013-09-04 16:03 - 00000000 ____D C:\Users\Pancio\AppData\Roaming\Mozilla
2013-09-04 16:03 - 2013-09-04 16:03 - 00000000 ____D C:\Users\Pancio\AppData\Roaming\Macromedia
2013-09-04 16:03 - 2013-09-04 16:03 - 00000000 ____D C:\Users\Pancio\AppData\Local\Mozilla
2013-09-04 16:02 - 2013-09-04 16:02 - 00110864 _____ C:\Users\Pancio\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-04 16:02 - 2013-09-04 16:02 - 00001423 _____ C:\Users\Pancio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-04 16:02 - 2013-09-04 16:02 - 00000000 ___RD C:\Users\Pancio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-04 16:02 - 2013-09-04 16:02 - 00000000 ___RD C:\Users\Pancio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-04 16:02 - 2013-09-04 16:02 - 00000000 ____D C:\Users\Pancio\AppData\Roaming\Adobe
2013-09-04 16:02 - 2013-09-04 16:02 - 00000000 ____D C:\Users\Pancio\AppData\Local\SRS Labs
2013-09-04 16:02 - 2013-09-04 16:02 - 00000000 ____D C:\Users\Pancio\AppData\Local\panda4_0dn
2013-09-04 16:02 - 2013-09-04 16:02 - 00000000 ____D C:\Users\Pancio\AppData\Local\LogMeIn Hamachi
2013-09-04 16:02 - 2013-09-04 16:02 - 00000000 ____D C:\Users\Pancio\AppData\Local\AVG SafeGuard toolbar
2013-09-04 16:02 - 2013-09-04 16:01 - 00000000 ____D C:\Users\Pancio
2013-09-04 16:02 - 2013-01-01 18:58 - 00000000 ____D C:\ProgramData\Panda Security URL Filtering
2013-09-04 16:01 - 2013-09-04 16:01 - 00000020 ___SH C:\Users\Pancio\ntuser.ini
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\Ustawienia lokalne
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\Szablony
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\Moje dokumenty
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\Menu Start
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\Documents\Moje wideo
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\Documents\Moje obrazy
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\Documents\Moja muzyka
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\Dane aplikacji
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\AppData\Local\Historia
2013-09-04 16:01 - 2013-09-04 16:01 - 00000000 _SHDL C:\Users\Pancio\AppData\Local\Dane aplikacji
2013-09-04 16:01 - 2013-08-02 16:01 - 00000294 _____ C:\Windows\Tasks\Dealply.job
2013-09-04 16:01 - 2013-06-09 19:05 - 00000352 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_MAY2013_TB_rel.job
2013-09-04 16:01 - 2011-05-20 22:47 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-04 16:00 - 2013-07-04 18:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-04 15:45 - 2012-06-26 19:07 - 00001507 _____ C:\Users\Expert\Desktop\TeamSpeak 3 Client.lnk
2013-09-04 15:38 - 2009-07-14 06:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-04 15:38 - 2009-07-14 06:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-04 15:37 - 2011-05-20 22:47 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-04 15:35 - 2013-07-28 21:38 - 01178188 _____ C:\Windows\WindowsUpdate.log
2013-09-04 15:30 - 2013-08-30 23:53 - 00000560 _____ C:\Windows\setupact.log
2013-09-04 15:30 - 2012-04-01 12:29 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-04 15:30 - 2010-12-25 01:48 - 00000566 _____ C:\Windows\system32\BootTime.ini
2013-09-04 15:30 - 2010-12-25 01:45 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-04 15:30 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-03 20:05 - 2013-09-03 19:56 - 00000000 ____D C:\pobieralnia
2013-09-03 19:53 - 2011-06-23 14:24 - 00000268 _____ C:\Windows\Tasks\RMSchedule.job
2013-09-03 17:00 - 2013-09-02 16:01 - 00000000 ____D C:\Windows\SysWOW64\cache
2013-09-03 16:13 - 2012-04-14 21:37 - 00000000 ____D C:\Games
2013-09-03 06:36 - 2013-09-03 06:36 - 00000000 ____D C:\Windows\SysWOW64\BrowserProtect
2013-09-02 20:08 - 2013-09-02 20:08 - 00000000 ____D C:\repro
2013-09-02 18:51 - 2013-04-30 18:00 - 00000000 ____D C:\ifjeifjswfoi
2013-09-02 18:39 - 2013-06-12 13:30 - 00000000 ____D C:\Hearts of Iron III
2013-09-02 17:08 - 2011-01-16 01:39 - 00000000 ____D C:\lg
2013-09-02 00:19 - 2013-09-01 00:08 - 00000000 ____D C:\FRST
2013-09-01 17:48 - 2013-08-11 15:09 - 00000000 ____D C:\Program Files (x86)\Movdap
2013-08-31 16:30 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-08-31 16:22 - 2013-08-31 16:22 - 00000570 _____ C:\Windows\PFRO.log
2013-08-31 04:57 - 2013-08-30 17:12 - 00000000 ____D C:\Users\TEMP\AppData\Local\PMB Files
2013-08-31 04:18 - 2013-08-30 17:12 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Skype
2013-08-31 01:59 - 2011-01-16 01:37 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-30 23:59 - 2013-03-11 18:28 - 00000000 ____D C:\Program Files (x86)\Call of Duty
2013-08-30 23:53 - 2013-08-30 23:53 - 00000000 _____ C:\Windows\setuperr.log
2013-08-30 23:52 - 2013-08-30 23:52 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\WinRAR
2013-08-30 23:51 - 2013-08-30 23:51 - 00000745 _____ C:\Windows\COD.INI
2013-08-30 23:40 - 2013-08-30 23:40 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\DAEMON Tools Lite
2013-08-30 23:37 - 2013-08-30 23:37 - 00000000 _____ C:\1Clickfoldertest.txt
2013-08-30 23:00 - 2013-08-30 23:00 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\File Scout
2013-08-30 21:29 - 2011-05-20 22:48 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-30 21:27 - 2013-08-30 21:27 - 00000000 ____D C:\Users\TEMP\Documents\Diablo III
2013-08-30 21:25 - 2013-08-30 17:12 - 00000000 ____D C:\Users\TEMP\AppData\Local\LogMeIn Hamachi
2013-08-30 21:25 - 2013-06-14 12:54 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-30 21:25 - 2011-01-27 22:39 - 00000000 ____D C:\Windows\Minidump
2013-08-30 21:21 - 2013-08-30 21:21 - 00000880 _____ C:\Users\TEMP\Desktop\yhy.txt
2013-08-30 21:21 - 2013-08-30 21:13 - 00000000 ____D C:\Users\TEMP\Documents\Visual Studio 2005
2013-08-30 21:20 - 2013-09-04 15:51 - 00000880 _____ C:\Users\Pancio\Desktop\yhy.txt
2013-08-30 21:20 - 2010-12-25 19:36 - 00000880 _____ C:\Users\Expert\Desktop\yhy.txt
2013-08-30 17:54 - 2013-08-30 17:54 - 00000000 ____D C:\Users\TEMP\AppData\Local\Macromedia
2013-08-30 17:20 - 2013-08-30 17:20 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Mozilla
2013-08-30 17:20 - 2013-08-30 17:20 - 00000000 ____D C:\Users\TEMP\AppData\Local\Mozilla
2013-08-30 17:13 - 2013-08-30 17:13 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Macromedia
2013-08-30 17:13 - 2013-08-30 17:13 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\LolClient
2013-08-30 17:13 - 2013-08-30 17:13 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Adobe
2013-08-30 17:13 - 2013-08-30 17:13 - 00000000 ____D C:\Users\TEMP\AppData\Local\AVG SafeGuard toolbar
2013-08-30 17:12 - 2013-08-30 17:12 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\GarenaPlus
2013-08-30 17:12 - 2013-08-30 17:12 - 00000000 ____D C:\Users\TEMP\AppData\Local\SRS Labs
2013-08-30 17:12 - 2013-08-30 17:12 - 00000000 ____D C:\Users\TEMP\AppData\Local\panda4_0dn
2013-08-30 17:11 - 2013-06-09 19:42 - 00002506 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-30 16:51 - 2011-01-16 01:37 - 00000000 ____D C:\Users\Expert\AppData\Local\PMB Files
2013-08-30 16:25 - 2011-03-28 21:30 - 00000000 ____D C:\Users\Expert\AppData\Roaming\Skype
2013-08-30 16:21 - 2013-08-30 16:21 - 00003440 _____ C:\Windows\System32\Tasks\AdobeFlashPlayerUpdate
2013-08-30 16:21 - 2013-08-30 16:21 - 00003180 _____ C:\Windows\System32\Tasks\AdobeFlashPlayerUpdate 2
2013-08-30 16:21 - 2012-09-10 17:58 - 00000000 ____D C:\Users\Expert\AppData\Local\LogMeIn Hamachi
2013-08-30 16:14 - 2013-08-11 15:09 - 00000000 ____D C:\Users\Expert\AppData\Roaming\Movdap
2013-08-30 16:13 - 2010-12-25 01:48 - 00002475 _____ C:\Windows\system32\ServiceFilter.ini
2013-08-30 16:12 - 2013-08-30 16:12 - 00000000 ____D C:\Program Files (x86)\Tor
2013-08-29 03:11 - 2011-01-15 16:13 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-29 03:03 - 2010-12-24 17:52 - 00000000 ____D C:\Users\Expert
2013-08-29 02:44 - 2011-01-20 16:32 - 00000000 ____D C:\Users\Expert\AppData\Roaming\TS3Client
2013-08-28 05:34 - 2013-06-12 16:55 - 00006080 _____ C:\ProgramData\NanoRepository.bin
2013-08-27 15:28 - 2013-04-17 21:15 - 00000000 ____D C:\Users\Expert\AppData\Roaming\GarenaPlus
2013-08-27 15:28 - 2013-04-17 21:14 - 00000000 ____D C:\ProgramData\GarenaMessenger
2013-08-26 00:40 - 2013-06-12 16:55 - 00006080 _____ C:\ProgramData\NanoRepository.bin.bak
2013-08-21 18:39 - 2013-08-20 22:43 - 00000000 ____D C:\Program Files (x86)\Diablo III
2013-08-21 14:43 - 2010-12-27 19:49 - 00000412 ____H C:\Windows\Tasks\Norton Security Scan for Expert.job
2013-08-20 22:44 - 2013-08-20 22:43 - 00001130 _____ C:\Users\Public\Desktop\Diablo III.lnk
2013-08-20 22:41 - 2013-08-20 22:32 - 40048216 _____ (Blizzard Entertainment) C:\Users\Expert\Downloads\Diablo-III-Setup-plPL.exe
2013-08-19 15:36 - 2012-06-26 19:06 - 00000000 ____D C:\Users\Expert\AppData\Local\TeamSpeak 3 Client
2013-08-19 13:33 - 2012-05-08 12:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-19 04:03 - 2013-08-19 04:03 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-19 04:03 - 2013-08-19 04:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-19 04:02 - 2013-08-19 04:02 - 00815496 _____ (Adobe Systems Incorporated) C:\Users\Expert\Downloads\uninstall_flash_player.exe
2013-08-19 03:54 - 2013-08-19 03:54 - 17737608 _____ (Adobe Systems Incorporated) C:\Users\Expert\Downloads\install_flash_player.exe
2013-08-18 17:58 - 2012-06-15 09:54 - 00000000 ____D C:\Users\Expert\Documents\Visual Studio 2005
2013-08-18 16:46 - 2012-09-08 19:52 - 00000000 ____D C:\Users\Expert\AppData\Roaming\Xfire
2013-08-18 16:31 - 2012-09-08 19:52 - 00000000 ____D C:\ProgramData\Xfire
2013-08-18 15:55 - 2013-08-16 20:24 - 00000000 ____D C:\Users\Expert\Desktop\wazne
2013-08-16 20:22 - 2011-01-27 16:44 - 00000000 ____D C:\Users\Expert\AppData\Roaming\DAEMON Tools Lite
2013-08-16 20:22 - 2009-07-29 08:03 - 00000000 ____D C:\Windows\Panther
2013-08-15 22:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-15 03:10 - 2009-08-03 21:55 - 00701984 _____ C:\Windows\system32\perfh015.dat
2013-08-15 03:10 - 2009-08-03 21:55 - 00136712 _____ C:\Windows\system32\perfc015.dat
2013-08-15 03:10 - 2009-07-14 07:13 - 01580494 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-15 03:06 - 2013-08-09 22:00 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 03:02 - 2010-12-24 19:49 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-15 00:21 - 2013-04-15 17:38 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-08-15 00:21 - 2012-10-13 16:35 - 00045856 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-08-13 16:26 - 2013-08-02 16:01 - 00000000 ____D C:\Program Files (x86)\Web Cake
2013-08-12 03:39 - 2013-08-02 16:01 - 00000000 ____D C:\Users\Expert\AppData\Roaming\Web Cake
2013-08-09 22:04 - 2013-08-09 22:04 - 00000000 _____ C:\Windows\SysWOW64\shoAD65.tmp
2013-08-09 15:28 - 2013-04-17 21:14 - 00000000 ____D C:\Program Files (x86)\Garena Plus
2013-08-09 15:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-05 19:51 - 2010-12-25 01:48 - 00002788 _____ C:\Windows\system32\AutoRunFilter.ini
2013-08-05 13:52 - 2013-08-05 13:51 - 00000000 _____ C:\Users\Expert\AppData\Local\{4A831CC0-96DD-4209-862C-91C0E19AAC89}

Files to move or delete:
====================
C:\Users\Expert\AppData\Roaming\BabSolution\Shared\NTRedirect.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-02 12:05

==================== End Of Log ============================