Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2013 03
Ran by Bowflan (administrator) on BOWFLAN-PC on 04-09-2013 20:28:04
Running from C:\Users\Bowflan\Downloads
Windows 7 Ultimate (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Users\Bowflan\AppData\Local\Google\Update\GoogleUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Users\Bowflan\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Bowflan\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Bowflan\AppData\Local\Google\Chrome\Application\chrome.exe
(OldTimer Tools) C:\Users\Bowflan\Downloads\OTL.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [Google Update] - C:\Users\Bowflan\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-07] (Google Inc.)
HKCU\...\Run: [Optimizer Pro] - C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [192304 2012-06-07] (PC Utilities Pro)
HKCU\...\Run: [Speech Recognition] - C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [802136 2013-06-17] (BitTorrent Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKCU\...\Run: [RGSC] - D:\Games\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.)
MountPoints2: {5dc934ae-986a-11e1-8165-20cf30db1497} - G:\setup.exe
MountPoints2: {89d358ee-559d-11e2-b2ea-20cf30db1497} - F:\LGAutoRun.exe
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-08-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Bowflan\AppData\Roaming\Mozilla\Firefox\Profiles\r3gld0en.default
FF user.js: detected! => C:\Users\Bowflan\AppData\Roaming\Mozilla\Firefox\Profiles\r3gld0en.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @curl.com/Curl.RTE - c:\Program Files (x86)\Curl Corporation\Surge\plugins\np-curl-surge64.dll (SCSK Corporation.)
FF Plugin: @curl.com/Curl.RTE.8.0 - c:\Program Files (x86)\Curl Corporation\Surge\plugins\np-curl-surge64-8-0.dll (SCSK Corporation.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @curl.com/Curl.RTE - c:\Program Files (x86)\Curl Corporation\Surge\plugins\np-curl-surge.dll (SCSK Corporation.)
FF Plugin-x32: @curl.com/Curl.RTE.8.0 - c:\Program Files (x86)\Curl Corporation\Surge\plugins\np-curl-surge-8-0.dll (SCSK Corporation.)
FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 - C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.15.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll No File
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Bowflan\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Bowflan\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Bowflan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: No Name - C:\Users\Bowflan\AppData\Roaming\Mozilla\Firefox\Profiles\r3gld0en.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Bowflan\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Bowflan\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Bowflan\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (GanymedeNet.Detector) - C:\Users\Bowflan\AppData\Local\Google\Chrome\Application\plugins\npganymedenet.dll ( )
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Users\Bowflan\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Unity Player) - C:\Users\Bowflan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Curl RTE) - c:\Program Files (x86)\Curl Corporation\Surge\plugins\np-curl-surge-8-0.dll (SCSK Corporation.)
CHR Plugin: (Curl RTE) - c:\Program Files (x86)\Curl Corporation\Surge\plugins\np-curl-surge.dll (SCSK Corporation.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (Angry Birds) - C:\Users\Bowflan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (YouTube) - C:\Users\Bowflan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Bowflan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Angry Birds Space) - C:\Users\Bowflan\AppData\Local\Google\Chrome\User Data\Default\Extensions\echcgcnnjpaoiandnoaabdpgjbkdnbdl\1.8_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Bowflan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\Bowflan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR StartMenuInternet: Google Chrome - C:\Users\Bowflan\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-08] (Avira Operations GmbH & Co. KG)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [745368 2012-11-26] (Tunngle.net GmbH)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-05-08] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-05-08] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2011-09-16] (Avira GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-07] (DT Soft Ltd)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-04 20:26 - 2013-09-04 20:26 - 01950416 _____ (Farbar) C:\Users\Bowflan\Downloads\FRST64.exe
2013-09-04 20:18 - 2013-09-04 20:18 - 00602112 _____ (OldTimer Tools) C:\Users\Bowflan\Downloads\OTL (1).exe
2013-09-04 02:45 - 2013-09-04 02:45 - 00070662 _____ C:\Users\Bowflan\Downloads\Extras.Txt
2013-09-04 02:43 - 2013-09-04 02:43 - 00067890 _____ C:\Users\Bowflan\Downloads\OTL.Txt
2013-09-04 02:35 - 2013-09-04 02:36 - 00602112 _____ (OldTimer Tools) C:\Users\Bowflan\Downloads\OTL.exe
2013-09-03 18:54 - 2013-09-03 18:54 - 00000000 ____D C:\Users\Bowflan\Documents\CPY_SAVES
2013-09-03 10:46 - 2013-09-03 12:42 - 00000000 ____D C:\Users\Bowflan\Downloads\Football.Manager.2013.PROPER-CPY
2013-09-03 10:45 - 2013-09-03 10:45 - 00485033 _____ C:\Users\Bowflan\Downloads\[www.tnt24.info] Football Manager 2013 [PL].torrent
2013-08-31 23:49 - 2013-08-31 23:49 - 00009866 _____ C:\Users\Bowflan\Documents\Uninstall Dragon Age Origins.log
2013-08-28 17:50 - 2013-08-28 17:55 - 00007607 _____ C:\Users\Bowflan\AppData\Local\Resmon.ResmonCfg
2013-08-19 22:19 - 2013-08-19 22:19 - 00000000 ____D C:\Users\Bowflan\AppData\Roaming\Wayforward Technologies
2013-08-19 21:05 - 2013-08-19 21:05 - 00000000 ____D C:\Users\Bowflan\Downloads\DuckTales.Remastered-RELOADED
2013-08-16 15:51 - 2013-08-20 22:21 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-08-16 15:51 - 2013-08-16 15:51 - 00000000 ____D C:\Users\Bowflan\Documents\Catan
2013-08-16 15:42 - 2013-08-16 15:42 - 00000000 ____D C:\ProgramData\Package Cache
2013-08-16 14:57 - 2013-08-16 15:23 - 00000000 ____D C:\Users\Bowflan\Downloads\Catan_Creators_Edition-FANiSO
2013-08-12 03:50 - 2013-08-12 03:50 - 00000000 ____D C:\Users\Bowflan\Documents\Duels of the Planeswalkers Dumps
2013-08-09 00:38 - 2013-08-09 00:39 - 00000000 ____D C:\Users\Bowflan\Documents\Shadowrun Returns
2013-08-07 17:42 - 2013-08-07 17:42 - 00000000 ____D C:\Users\Bowflan\AppData\Local\Harebrained Schemes
2013-08-07 17:42 - 2013-08-07 17:42 - 00000000 ____D C:\Users\Bowflan\AppData\Local\EMU
2013-08-07 17:24 - 2013-08-07 17:24 - 00000000 ____D C:\Users\Bowflan\Documents\Cloudberry Kingdom
2013-08-07 16:23 - 2013-08-07 17:17 - 00000000 ____D C:\Users\Bowflan\Downloads\Shadowrun_Returns-FLT

==================== One Month Modified Files and Folders =======

2013-09-04 20:27 - 2013-09-04 20:27 - 00000000 ____D C:\FRST
2013-09-04 20:26 - 2013-09-04 20:26 - 01950416 _____ (Farbar) C:\Users\Bowflan\Downloads\FRST64.exe
2013-09-04 20:19 - 2012-05-07 17:49 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3871990740-555819104-137526814-1000UA.job
2013-09-04 20:18 - 2013-09-04 20:18 - 00602112 _____ (OldTimer Tools) C:\Users\Bowflan\Downloads\OTL (1).exe
2013-09-04 20:12 - 2012-08-08 14:37 - 00001050 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-04 19:46 - 2012-05-07 17:45 - 00000000 ____D C:\Users\Bowflan\AppData\Roaming\GG
2013-09-04 19:37 - 2012-06-17 18:06 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-04 19:27 - 2012-05-07 17:50 - 00002376 _____ C:\Users\Bowflan\Desktop\Google Chrome.lnk
2013-09-04 19:20 - 2012-08-08 14:37 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-04 19:20 - 2012-05-08 17:44 - 00000000 ____D C:\Users\Bowflan\AppData\Roaming\uTorrent
2013-09-04 19:17 - 2012-05-07 17:25 - 01819038 _____ C:\Windows\WindowsUpdate.log
2013-09-04 19:14 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-04 19:14 - 2009-07-14 06:51 - 00070057 _____ C:\Windows\setupact.log
2013-09-04 03:04 - 2012-05-07 18:07 - 00000000 ____D C:\Users\Bowflan\AppData\Local\PMB Files
2013-09-04 02:45 - 2013-09-04 02:45 - 00070662 _____ C:\Users\Bowflan\Downloads\Extras.Txt
2013-09-04 02:43 - 2013-09-04 02:43 - 00067890 _____ C:\Users\Bowflan\Downloads\OTL.Txt
2013-09-04 02:36 - 2013-09-04 02:35 - 00602112 _____ (OldTimer Tools) C:\Users\Bowflan\Downloads\OTL.exe
2013-09-03 23:19 - 2012-05-07 17:49 - 00001014 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3871990740-555819104-137526814-1000Core.job
2013-09-03 20:50 - 2012-05-07 18:07 - 00000000 ____D C:\ProgramData\PMB Files
2013-09-03 18:54 - 2013-09-03 18:54 - 00000000 ____D C:\Users\Bowflan\Documents\CPY_SAVES
2013-09-03 12:42 - 2013-09-03 10:46 - 00000000 ____D C:\Users\Bowflan\Downloads\Football.Manager.2013.PROPER-CPY
2013-09-03 10:45 - 2013-09-03 10:45 - 00485033 _____ C:\Users\Bowflan\Downloads\[www.tnt24.info] Football Manager 2013 [PL].torrent
2013-09-03 10:32 - 2012-06-29 17:24 - 00000000 ____D C:\Users\Bowflan\AppData\Roaming\.minecraft
2013-09-01 23:36 - 2013-04-04 01:59 - 00000000 ____D C:\Users\Bowflan\AppData\Local\Rockstar Games
2013-09-01 13:32 - 2012-05-07 17:40 - 00100386 _____ C:\Windows\PFRO.log
2013-08-31 23:51 - 2012-07-08 16:35 - 00000000 ____D C:\Users\Bowflan\Documents\My Games
2013-08-31 23:50 - 2012-05-07 18:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-31 23:49 - 2013-08-31 23:49 - 00009866 _____ C:\Users\Bowflan\Documents\Uninstall Dragon Age Origins.log
2013-08-31 23:49 - 2013-06-29 19:48 - 00000000 ____D C:\ProgramData\BioWare
2013-08-29 22:16 - 2009-07-14 06:45 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-29 22:16 - 2009-07-14 06:45 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-28 17:55 - 2013-08-28 17:50 - 00007607 _____ C:\Users\Bowflan\AppData\Local\Resmon.ResmonCfg
2013-08-27 23:58 - 2012-11-13 22:05 - 00000000 ____D C:\Users\Bowflan\AppData\Roaming\Skype
2013-08-25 02:37 - 2013-06-21 18:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-25 02:37 - 2013-06-21 18:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-25 02:03 - 2013-04-21 17:50 - 00000000 __SHD C:\Users\Bowflan\wc
2013-08-21 02:37 - 2012-06-17 18:06 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-21 02:37 - 2012-06-17 18:05 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-21 02:37 - 2012-06-17 18:05 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-20 22:21 - 2013-08-16 15:51 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-08-19 22:19 - 2013-08-19 22:19 - 00000000 ____D C:\Users\Bowflan\AppData\Roaming\Wayforward Technologies
2013-08-19 21:05 - 2013-08-19 21:05 - 00000000 ____D C:\Users\Bowflan\Downloads\DuckTales.Remastered-RELOADED
2013-08-17 02:02 - 2012-07-10 14:12 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-16 15:51 - 2013-08-16 15:51 - 00000000 ____D C:\Users\Bowflan\Documents\Catan
2013-08-16 15:42 - 2013-08-16 15:42 - 00000000 ____D C:\ProgramData\Package Cache
2013-08-16 15:40 - 2013-04-27 13:37 - 00764390 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-16 15:39 - 2009-07-14 07:13 - 00764390 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-16 15:30 - 2012-05-07 19:11 - 00492154 _____ C:\Windows\DirectX.log
2013-08-16 15:23 - 2013-08-16 14:57 - 00000000 ____D C:\Users\Bowflan\Downloads\Catan_Creators_Edition-FANiSO
2013-08-12 03:50 - 2013-08-12 03:50 - 00000000 ____D C:\Users\Bowflan\Documents\Duels of the Planeswalkers Dumps
2013-08-09 00:39 - 2013-08-09 00:38 - 00000000 ____D C:\Users\Bowflan\Documents\Shadowrun Returns
2013-08-07 17:42 - 2013-08-07 17:42 - 00000000 ____D C:\Users\Bowflan\AppData\Local\Harebrained Schemes
2013-08-07 17:42 - 2013-08-07 17:42 - 00000000 ____D C:\Users\Bowflan\AppData\Local\EMU
2013-08-07 17:24 - 2013-08-07 17:24 - 00000000 ____D C:\Users\Bowflan\Documents\Cloudberry Kingdom
2013-08-07 17:17 - 2013-08-07 16:23 - 00000000 ____D C:\Users\Bowflan\Downloads\Shadowrun_Returns-FLT
2013-08-07 16:31 - 2012-05-13 17:36 - 00000000 ____D C:\Users\Bowflan\AppData\Roaming\wargaming.net
2013-08-07 15:32 - 2012-05-24 18:50 - 00000000 ____D C:\Users\Bowflan\AppData\Local\SKIDROW
2013-08-06 23:23 - 2012-05-07 19:07 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-08-06 23:23 - 2012-05-07 19:07 - 00000000 ____D C:\Windows\SysWOW64\directx

Files to move or delete:
====================
C:\Users\Bowflan\AppData\Local\Temp\7z920.exe
C:\Users\Bowflan\AppData\Local\Temp\AskSLib.dll
C:\Users\Bowflan\AppData\Local\Temp\AutoRun.exe
C:\Users\Bowflan\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Bowflan\AppData\Local\Temp\bundlesweetimsetup.exe
C:\Users\Bowflan\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Bowflan\AppData\Local\Temp\drm_dyndata_7370007.dll
C:\Users\Bowflan\AppData\Local\Temp\DSETUP.dll
C:\Users\Bowflan\AppData\Local\Temp\dsetup32.dll
C:\Users\Bowflan\AppData\Local\Temp\DXSETUP.exe
C:\Users\Bowflan\AppData\Local\Temp\ggdrive-menu.exe
C:\Users\Bowflan\AppData\Local\Temp\ggdrive-overlay.exe
C:\Users\Bowflan\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Bowflan\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Bowflan\AppData\Local\Temp\installstats.exe
C:\Users\Bowflan\AppData\Local\Temp\MSNC7E9.exe
C:\Users\Bowflan\AppData\Local\Temp\SCS Uninstaller.exe
C:\Users\Bowflan\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Bowflan\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Bowflan\AppData\Local\Temp\ubiBED2.tmp.exe
C:\Users\Bowflan\AppData\Local\Temp\Uninstall.exe
C:\Users\Bowflan\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Bowflan\AppData\Local\Temp\_is687F.exe
C:\Users\Bowflan\AppData\Local\Temp\_is8D57.exe
C:\Users\Bowflan\AppData\Local\Temp\~nsu.tmp\GameuxInstallHelper.dll
C:\Users\Bowflan\AppData\Local\Temp\{FE0B5DE6-1BC5-4E95-A6F2-93F2C85D6F55}\ISSetup.dll
C:\Users\Bowflan\AppData\Local\Temp\{FE0B5DE6-1BC5-4E95-A6F2-93F2C85D6F55}\_Setup.dll
C:\Users\Bowflan\AppData\Local\Temp\{B4FA5B01-45D9-4FF2-B2F4-5754A0314657}\{918A9082-6287-4D25-9002-5E5D5E4971CB}\DSETUP.dll
C:\Users\Bowflan\AppData\Local\Temp\{B4FA5B01-45D9-4FF2-B2F4-5754A0314657}\{918A9082-6287-4D25-9002-5E5D5E4971CB}\dsetup32.dll
C:\Users\Bowflan\AppData\Local\Temp\{B4FA5B01-45D9-4FF2-B2F4-5754A0314657}\{918A9082-6287-4D25-9002-5E5D5E4971CB}\DXSETUP.exe
C:\Users\Bowflan\AppData\Local\Temp\{B0AD8904-495C-43DA-B31D-2BB0C7E2268C}\ISSetup.dll
C:\Users\Bowflan\AppData\Local\Temp\{B0AD8904-495C-43DA-B31D-2BB0C7E2268C}\_Setup.dll
C:\Users\Bowflan\AppData\Local\Temp\{9BA3AF7C-3389-40A0-B5D8-84D26A37EBA0}\_Setup.dll
C:\Users\Bowflan\AppData\Local\Temp\{4C623B7C-6709-4DAA-A3DA-8FA30E4C8ADE}\_Setup.dll
C:\Users\Bowflan\AppData\Local\Temp\{2DA1994E-BDB4-4F6F-A817-57597165C3B8}\InstallFlashPlayer.exe
C:\Users\Bowflan\AppData\Local\Temp\_ir_sf_temp_0\npCouponPrinter.dll
C:\Users\Bowflan\AppData\Local\Temp\_ir_sf_temp_0\npMozCouponPrinter.dll
C:\Users\Bowflan\AppData\Local\Temp\VSD6461.tmp\setup(1).exe
C:\Users\Bowflan\AppData\Local\Temp\VSD397A.tmp\setup(1).exe
C:\Users\Bowflan\AppData\Local\Temp\nsbE1DB.tmp\CrypticError.exe
C:\Users\Bowflan\AppData\Local\Temp\nsbE1DB.tmp\dbghelp.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Setup.exe
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupEngine.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUi.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUtility.exe
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\sqmapi.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3082\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3076\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2070\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2052\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1055\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1053\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1049\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1046\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1045\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1044\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1043\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1042\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1041\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1040\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1038\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1037\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1036\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1035\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1033\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1032\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1031\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1030\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1029\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1028\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1025\SetupResources.dll
C:\Users\Bowflan\AppData\Local\Temp\is-V01LS.tmp\chiefzip.dll
C:\Users\Bowflan\AppData\Local\Temp\is-V01LS.tmp\itdownload.dll
C:\Users\Bowflan\AppData\Local\Temp\is-V01LS.tmp\TunngleSetup.exe
C:\Users\Bowflan\AppData\Local\Temp\is-V01LS.tmp\_isetup\_shfoldr.dll
C:\Users\Bowflan\AppData\Local\Temp\is-KNUCQ.tmp\_isetup\_isdecmp.dll
C:\Users\Bowflan\AppData\Local\Temp\is-KNUCQ.tmp\_isetup\_shfoldr.dll
C:\Users\Bowflan\AppData\Local\Temp\is-H70Q5.tmp\chiefzip.dll
C:\Users\Bowflan\AppData\Local\Temp\is-H70Q5.tmp\itdownload.dll
C:\Users\Bowflan\AppData\Local\Temp\is-H70Q5.tmp\TunngleSetup.exe
C:\Users\Bowflan\AppData\Local\Temp\is-H70Q5.tmp\_isetup\_shfoldr.dll
C:\Users\Bowflan\AppData\Local\Temp\IDC2.tmp\FP_AX_CAB_INSTALLER64.exe
C:\Users\Bowflan\AppData\Local\Temp\F\LGAutoRun.exe
C:\Users\Bowflan\AppData\Local\Temp\F\P5_LGPsLvDlChk.dll
C:\Users\Bowflan\AppData\Local\Temp\F\SendScsiCmd.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\vcredist_x64_vs2008sp1.exe
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\vcredist_x86_vs2008sp1.exe
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\SPInstaller.exe
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\SPInstallerEngine.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\SPInstallerUi.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\sqmapi.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\3082\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\2070\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\2052\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1055\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1053\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1049\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1046\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1045\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1044\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1043\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1042\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1041\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1040\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1038\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1037\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1036\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1035\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1033\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1032\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1031\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1030\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1029\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1028\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\MSChart\1025\SPInstallerResources.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\DXRedistCutdown\DSETUP.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\DXRedistCutdown\dsetup32.dll
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\DXRedistCutdown\DXSETUP.exe
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\Binaries\UnSetup.exe
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Redist\AMD\amdcpusetup.exe
C:\Users\Bowflan\AppData\Local\Temp\Epic-7768b146-c215-455e-89d0-f1b70928fc7d\Binaries\UnSetup.exe
C:\Users\Bowflan\AppData\Local\Temp\DSOClient\D3DX9_43.dll
C:\Users\Bowflan\AppData\Local\Temp\DSOClient\fmodex.dll
C:\Users\Bowflan\AppData\Local\Temp\DSOClient\fmod_event.dll
C:\Users\Bowflan\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll
C:\Users\Bowflan\AppData\Local\Temp\7ZipSfx.000\v9ht.exe
C:\Users\Bowflan\AppData\Local\Temp\._msigeplugin61\GoogleEarth.exe
C:\Users\Bowflan\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\earthps.dll
C:\Users\Bowflan\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\geplugin.exe
C:\Users\Bowflan\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\ge_expat.dll
C:\Users\Bowflan\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\googleearth_free.dll
C:\Users\Bowflan\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\msvcp100.dll
C:\Users\Bowflan\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\msvcr100.dll
C:\Users\Bowflan\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\npgeplugin.dll
C:\Users\Bowflan\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\plugin_ax.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-02 05:35

==================== End Of Log ============================