Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-09-2013
Ran by User (administrator) on USER-KOMPUTER on 12-09-2013 16:35:45
Running from C:\Users\User\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
() C:\Windows\SysWOW64\PnkBstrA.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\WFWIZ.exe
(Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9642528 2009-12-08] (Realtek Semiconductor)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [WinFast Schedule] - C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2912256 2009-03-11] (Leadtek Research Inc.)
HKCU\...\Run: [Gadu-Gadu 10] - C:\Program Files (x86)\Gadu-Gadu 10\gg.exe [12661344 2010-10-07] (GG Network S.A.)
HKCU\...\Run: [Google Update] - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-01] (Google Inc.)
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
MountPoints2: {7ce70fe5-f8d7-11e1-b169-6cf049750c5c} - G:\LGAutoRun.exe
MountPoints2: {e002d240-f4c9-11e0-a187-806e6f6e6963} - F:\setup_homm5.exe
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [WinFastDTV] - C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [90112 2009-10-02] (Leadtek Research Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [BCU] - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [346320 2009-08-04] (DeviceVM, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2254768 2012-12-10] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1558480 2013-07-26] (APN)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1098640
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyD0DyCtByC0E0B0DyByE0CtN0D0Tzu0CtByEtBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=665501089
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyD0DyCtByC0E0B0DyByE0CtN0D0Tzu0CtByEtBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=665501089
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b}
SearchScopes: HKLM-x32 - {14D20B54-692B-A145-9C63-1444FD9A71E0} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
SearchScopes: HKLM-x32 - {aa91a22e-2e6d-4c79-a578-d50109b651aa} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVxdm138YYPL&ptb=F7C46875-5961-40B1-B8D3-4777F69E7E76&psa=&ind=2010071702&ptnrS=ZVxdm138YYPL&si=gua131701&st=sb&n=77cf4296&searchfor={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyD0DyCtByC0E0B0DyByE0CtN0D0Tzu0CtByEtBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=665501089
SearchScopes: HKCU - DefaultScope {70E7FB92-85CD-4b16-95D0-47F304E4C883} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKCU - Backup.Old.DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - {14D20B54-692B-A145-9C63-1444FD9A71E0} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
SearchScopes: HKCU - {18670B1F-C2D6-45BD-9A8D-52765D9D04C3} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=YYYYYYYYPL&apn_uid=D5E9B6A6-CB5D-4DC3-B56D-FC6AD2BD42F4&apn_sauid=BE31E702-B2A2-453B-B9B1-DF77225466F7
SearchScopes: HKCU - {1922A1A6-2BE2-476D-A739-609B79AF019D} URL = http://www.youtube.com/results?search_query={searchTerms}&page={startPage?}&utm_source=opensearch
SearchScopes: HKCU - {70E7FB92-85CD-4b16-95D0-47F304E4C883} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKCU - {aa91a22e-2e6d-4c79-a578-d50109b651aa} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVxdm138YYPL&ptb=F7C46875-5961-40B1-B8D3-4777F69E7E76&psa=&ind=2010071702&ptnrS=ZVxdm138YYPL&si=gua131701&st=sb&n=77cf4296&searchfor={searchTerms}
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search/web?q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyD0DyCtByC0E0B0DyByE0CtN0D0Tzu0CtByEtBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=665501089
BHO-x32: hosts - {11111111-1111-1111-1111-110311531182} - C:\Program Files (x86)\hosts\hosts-bho.dll (Alex)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll (Conduit Ltd.)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll No File
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll No File
Toolbar: HKLM-x32 - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - toolplugin - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Users\User\AppData\Roaming\toolplugin\toolbar.dll ()
Toolbar: HKLM-x32 - Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll No File
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {DD02A4EB-4AFD-4D60-99D8-E67F964CA813} -  No File
Toolbar: HKCU - No Name - {AC7B03F7-9C6B-4946-8964-7A00F880E1F6} -  No File
Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\..\Interfaces\{D86DC8B2-F0BA-4592-A66F-D63A8C117A7B}: [NameServer]213.241.79.37,213.241.79.38

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default
FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default\user.js
FF DefaultSearchEngine: Search the web
FF SearchEngineOrder.1: Search the web
FF SelectedSearchEngine: Search the web
FF Homepage: hxxp://start.funmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDyD0DyCtByC0E0B0DyByE0CtN0D0Tzu0CtByEtBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=665501089
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @ei.IWONG.com/Plugin - C:\Program Files (x86)\IWONGEI\Installr\4.bin\NP9uEISB.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\User\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\User\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default\searchplugins\daemon-search.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default\searchplugins\Search.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default\searchplugins\sweetim.xml
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default\Extensions\05dd836e-2cbd-4204-9ff3-2f8a8665967d@a8876730-fb0c-4057-a2fc-f9c09d438e81.com
FF Extension: Funmoods.com - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default\Extensions\ffxtlbr@funmoods.com
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default\Extensions\radiobar@toolbar
FF Extension: toolplugin - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default\Extensions\welcome@toolmin.com
FF Extension: Divx 2012 Plugin - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default\Extensions\youtube@youtube3.com
FF Extension: XfireXO - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default\Extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
FF Extension: DVDVideoSoftTB Community Toolbar - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF Extension: Download Community Toolbar - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default\Extensions\{ac7b03f7-9c6b-4946-8964-7a00f880e1f6}
FF Extension: PHPNukeEN Community Toolbar - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default\Extensions\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}
FF Extension: free-downloads.net Community Toolbar - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default\Extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
FF Extension: toolbar_AVIRA-V7 - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m0c02wli.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (Google) - http://www.google.com/search?q={searchTerms}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.66\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (IWON Installer Plugin Stub) - C:\Program Files (x86)\IWONGEI\Installr\4.bin\NP9uEISB.dll No File
CHR Plugin: (Google Update) - C:\Users\User\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\20.53263_0
CHR Extension: (New Tab) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\9.4.1_0
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (hosts) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnlomafmkpiclmaaekkhpoecnclldmaa\1.24.52_0
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\User\AppData\Local\funmoods.crx
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\User\AppData\Local\funmoods-speeddial.crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
CHR HKLM-x32\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\User\AppData\Local\funmoods.crx
CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\User\AppData\Local\funmoods-speeddial.crx
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx
CHR StartMenuInternet: Google Chrome - C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-05-24] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-11] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-07-20] ()
S4 PuranDefrag; C:\Windows\system32\PuranDefragS.exe [292736 2013-08-15] (Puran Software)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)

==================== Drivers (Whitelisted) ====================

R3 3xHybr64; C:\Windows\System32\DRIVERS\3xHybr64.sys [1311616 2009-08-17] (NXP Semiconductors Germany GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-11] (Avira Operations GmbH & Co. KG)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-09-12] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-09-12] (Windows (R) Server 2003 DDK provider)
S3 pfc; C:\Windows\SysWow64\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-10-12] (Duplex Secure Ltd.)
S3 ST330; C:\Windows\System32\DRIVERS\st330.sys [47616 2010-02-27] (THOMSON Telecom Belgium)
S3 STBUS; C:\Windows\System32\DRIVERS\stbus.sys [24576 2010-02-27] (THOMSON Telecom Belgium)
S3 STETH; C:\Windows\System32\DRIVERS\steth.sys [58880 2010-02-27] (THOMSON Telecom Belgium)
S3 stppp; C:\Windows\System32\DRIVERS\stppp.sys [54272 2010-02-27] (THOMSON Telecom Belgium)
S3 pfc; system32\drivers\pfc.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-12 15:40 - 2013-09-12 15:40 - 00563762 _____ C:\Users\User\Desktop\OTL.Txt
2013-09-11 19:25 - 2013-09-11 19:25 - 00000978 _____ C:\Users\User\Desktop\PuranDefragGUI.lnk
2013-09-11 19:23 - 2013-09-11 21:23 - 00000000 ____D C:\Program Files\Puran Utilities
2013-09-11 19:23 - 2013-08-15 16:39 - 01367424 _____ (Puran Software) C:\Windows\system32\PuranFD.exe
2013-09-11 19:23 - 2013-08-15 16:39 - 00292736 _____ (Puran Software) C:\Windows\system32\PuranDefragS.exe
2013-09-11 19:23 - 2013-08-15 16:39 - 00287616 _____ (Puran Software) C:\Windows\system32\PuranDC.exe
2013-09-11 19:23 - 2013-08-15 16:39 - 00256896 _____ (Puran Software) C:\Windows\system32\PuranDefrag.dll
2013-09-11 19:23 - 2013-08-15 16:39 - 00132480 _____ (Puran Software) C:\Windows\system32\PuranDefragBT.exe
2013-09-11 19:22 - 2013-09-11 19:22 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-11 19:21 - 2013-09-11 19:21 - 00000000 ____D C:\Users\User\AppData\Roaming\Avira
2013-09-11 19:21 - 2013-09-11 19:21 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-09-11 19:21 - 2013-09-11 19:21 - 00000000 ____D C:\ProgramData\APN
2013-09-11 19:21 - 2013-09-11 19:21 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-09-11 19:21 - 2013-06-06 22:41 - 00489392 _____ (Ask Partner Network) C:\Users\User\Documents\APNSetup.exe
2013-09-11 19:20 - 2013-09-11 19:20 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-09-11 19:20 - 2013-09-11 19:20 - 00000000 ____D C:\ProgramData\Avira
2013-09-11 19:20 - 2013-09-11 19:20 - 00000000 ____D C:\Program Files (x86)\Avira
2013-09-11 19:20 - 2013-09-11 19:19 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-11 19:20 - 2013-09-11 19:19 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-11 19:20 - 2013-09-11 19:19 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-11 19:07 - 2013-09-11 19:07 - 02092792 _____ C:\Users\User\Downloads\avira_free_antivirus.exe
2013-09-11 18:57 - 2013-09-11 18:57 - 07912440 _____ (Adobe Systems Inc.) C:\Users\User\Downloads\Shockwave_Installer_Slim.exe
2013-09-11 18:55 - 2013-09-11 18:55 - 00000000 ____D C:\ProgramData\Oracle
2013-09-11 18:54 - 2013-09-11 18:54 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-11 18:54 - 2013-09-11 18:54 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-11 18:54 - 2013-09-11 18:54 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-11 18:54 - 2013-09-11 18:54 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-11 18:54 - 2013-09-11 18:54 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-11 18:51 - 2013-09-11 18:51 - 00913832 _____ (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u40.exe
2013-09-11 18:44 - 2013-09-11 18:44 - 00000000 ____D C:\FRST
2013-09-11 18:29 - 2013-09-11 18:30 - 10702672 _____ (Puran Software                                              ) C:\Users\User\Downloads\PuranUtilitiesSetup.exe
2013-09-11 18:21 - 2013-09-11 18:21 - 00000648 _____ C:\Users\User\Desktop\defogger_disable.log
2013-09-11 18:21 - 2013-09-11 18:21 - 00000214 _____ C:\Users\User\defogger_reenable
2013-09-11 18:20 - 2013-09-11 18:20 - 00602112 _____ (OldTimer Tools) C:\Users\User\Desktop\OTL.exe
2013-09-11 18:19 - 2013-09-11 18:20 - 01949408 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2013-09-11 18:05 - 2013-09-11 18:05 - 00050477 _____ C:\Users\User\Desktop\Defogger.exe
2013-09-11 17:49 - 2013-09-11 17:49 - 00003003 _____ C:\Users\User\photorec.cfg
2013-09-11 17:47 - 2013-09-11 17:47 - 00000000 ____D C:\Users\User\Downloads\testdisk-6.14.win
2013-09-11 15:16 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 15:16 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 15:16 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 15:16 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-10 19:00 - 2013-09-10 19:00 - 09430408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-09-09 09:31 - 2013-09-09 09:51 - 00002432 _____ C:\Users\User\AppData\Local\Tempuk2112.html
2013-08-31 09:21 - 2013-09-08 18:23 - 00000000 ____D C:\Users\User\Downloads\Cod5
2013-08-30 16:14 - 2013-08-30 16:14 - 00000000 ____D C:\Users\User\Documents\Alcohol 52%
2013-08-30 15:01 - 2013-08-30 15:01 - 01130576 _____ (BitTorrent Inc.) C:\Users\User\Downloads\utorrent.exe
2013-08-30 09:40 - 2013-08-30 11:02 - 00000000 ____D C:\Users\User\Desktop\Heroes of Might & Magic V - Dzikie Hordy
2013-08-28 09:33 - 2013-08-28 10:02 - 00000000 ____D C:\Users\User\AppData\Roaming\Origin
2013-08-26 13:57 - 2013-08-26 13:57 - 00000000 ____D C:\Users\User\Documents\Paradox Interactive
2013-08-26 13:53 - 2013-08-26 13:53 - 00000000 ____D C:\8ee20b058dc89cae709aed3829ee3d
2013-08-26 13:53 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2013-08-26 13:53 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-08-26 13:53 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-08-26 13:53 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2013-08-26 13:53 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2013-08-26 13:53 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2013-08-26 13:53 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2013-08-26 13:53 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2013-08-26 13:53 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-08-26 13:53 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2013-08-26 13:53 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2013-08-26 13:53 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2013-08-26 13:53 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2013-08-26 13:53 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2013-08-26 13:53 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2013-08-26 13:53 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2013-08-26 13:53 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-08-26 13:53 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2013-08-26 13:53 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2013-08-26 13:53 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2013-08-26 13:53 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2013-08-26 13:53 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-08-26 13:53 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2013-08-26 13:53 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2013-08-26 13:53 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2013-08-26 13:53 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2013-08-26 13:53 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2013-08-26 13:53 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2013-08-26 13:53 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2013-08-26 13:53 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-08-26 13:53 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2013-08-26 13:53 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-08-26 13:53 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-08-26 13:53 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2013-08-26 13:53 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2013-08-26 13:53 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2013-08-26 13:51 - 2013-08-26 13:51 - 00001210 _____ C:\Users\Public\Desktop\Europa Universalis IV.lnk
2013-08-26 13:48 - 2013-08-26 13:51 - 00000000 ____D C:\Program Files (x86)\Europa Universalis IV
2013-08-26 12:02 - 2013-08-26 12:02 - 00000000 ____D C:\Users\User\AppData\Roaming\DownLite
2013-08-23 18:34 - 2013-08-23 18:36 - 00000000 ____D C:\Users\User\Downloads\aaaaatrajner
2013-08-21 10:38 - 2013-08-21 10:38 - 00005187 _____ C:\Users\User\Documents\Polonez-alt.mscz
2013-08-19 15:29 - 2013-08-19 15:52 - 00000357 _____ C:\Users\User\Desktop\ASG.txt
2013-08-14 23:57 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 23:57 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 23:57 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 23:57 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 23:57 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 23:57 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 23:57 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 23:57 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 23:57 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 23:57 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 23:57 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 23:57 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 23:57 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 23:57 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 23:57 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 23:57 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 23:57 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 23:57 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 23:57 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 23:57 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 23:57 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 23:57 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 23:57 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 23:57 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 23:57 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 23:57 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 23:57 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 23:57 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 23:57 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 23:57 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 23:57 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 23:52 - 2013-08-14 23:54 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 20:33 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 20:33 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 20:33 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 20:33 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 20:33 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 20:33 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 20:33 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 20:33 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 20:31 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 20:31 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 20:31 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 20:31 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 20:31 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 20:31 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 20:31 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 20:31 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 20:31 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 20:31 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 20:31 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 20:31 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 20:31 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 20:31 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 20:31 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 20:31 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 20:31 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 20:31 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 20:31 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

2013-09-12 16:00 - 2012-03-29 20:04 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-12 15:42 - 2013-09-12 15:42 - 00104150 _____ C:\Users\User\Desktop\Extras.Txt
2013-09-12 15:40 - 2013-09-12 15:40 - 00563762 _____ C:\Users\User\Desktop\OTL.Txt
2013-09-12 15:39 - 2011-10-01 22:04 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1892876427-196628923-906992480-1000UA.job
2013-09-12 15:19 - 2010-02-23 21:57 - 01578567 _____ C:\Windows\WindowsUpdate.log
2013-09-12 11:58 - 2009-07-14 06:45 - 00015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-12 11:58 - 2009-07-14 06:45 - 00015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-12 11:54 - 2010-11-07 01:37 - 00000000 ____D C:\Users\User\AppData\Local\LogMeIn Hamachi
2013-09-12 11:51 - 2010-02-23 23:09 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-09-12 11:51 - 2010-02-23 23:01 - 00000144 _____ C:\service.log
2013-09-12 11:51 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-12 11:51 - 2009-07-14 06:51 - 00254609 _____ C:\Windows\setupact.log
2013-09-12 09:05 - 2010-02-23 22:47 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-12 09:05 - 2010-02-23 22:47 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-12 09:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2013-09-11 22:14 - 2009-07-14 19:55 - 00697896 _____ C:\Windows\system32\perfh015.dat
2013-09-11 22:14 - 2009-07-14 19:55 - 00135006 _____ C:\Windows\system32\perfc015.dat
2013-09-11 22:14 - 2009-07-14 07:13 - 01569162 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-11 21:23 - 2013-09-11 19:23 - 00000000 ____D C:\Program Files\Puran Utilities
2013-09-11 19:25 - 2013-09-11 19:25 - 00000978 _____ C:\Users\User\Desktop\PuranDefragGUI.lnk
2013-09-11 19:22 - 2013-09-11 19:22 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-11 19:21 - 2013-09-11 19:21 - 00000000 ____D C:\Users\User\AppData\Roaming\Avira
2013-09-11 19:21 - 2013-09-11 19:21 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-09-11 19:21 - 2013-09-11 19:21 - 00000000 ____D C:\ProgramData\APN
2013-09-11 19:21 - 2013-09-11 19:21 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-09-11 19:20 - 2013-09-11 19:20 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-09-11 19:20 - 2013-09-11 19:20 - 00000000 ____D C:\ProgramData\Avira
2013-09-11 19:20 - 2013-09-11 19:20 - 00000000 ____D C:\Program Files (x86)\Avira
2013-09-11 19:19 - 2013-09-11 19:20 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-11 19:19 - 2013-09-11 19:20 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-11 19:19 - 2013-09-11 19:20 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-11 19:07 - 2013-09-11 19:07 - 02092792 _____ C:\Users\User\Downloads\avira_free_antivirus.exe
2013-09-11 19:04 - 2010-03-04 13:36 - 00282112 _____ C:\Windows\PFRO.log
2013-09-11 19:00 - 2012-01-26 20:00 - 00000396 _____ C:\Windows\SysWOW64\AppLog.log
2013-09-11 18:59 - 2010-07-23 13:30 - 00000000 ____D C:\Program Files\VDownloader
2013-09-11 18:57 - 2013-09-11 18:57 - 07912440 _____ (Adobe Systems Inc.) C:\Users\User\Downloads\Shockwave_Installer_Slim.exe
2013-09-11 18:57 - 2010-07-19 18:24 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-09-11 18:55 - 2013-09-11 18:55 - 00000000 ____D C:\ProgramData\Oracle
2013-09-11 18:54 - 2013-09-11 18:54 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-11 18:54 - 2013-09-11 18:54 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-11 18:54 - 2013-09-11 18:54 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-11 18:54 - 2013-09-11 18:54 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-11 18:54 - 2013-09-11 18:54 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-11 18:54 - 2012-05-24 20:48 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-11 18:54 - 2011-01-28 23:48 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-11 18:51 - 2013-09-11 18:51 - 00913832 _____ (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u40.exe
2013-09-11 18:44 - 2013-09-11 18:44 - 00000000 ____D C:\FRST
2013-09-11 18:30 - 2013-09-11 18:29 - 10702672 _____ (Puran Software                                              ) C:\Users\User\Downloads\PuranUtilitiesSetup.exe
2013-09-11 18:21 - 2013-09-11 18:21 - 00000648 _____ C:\Users\User\Desktop\defogger_disable.log
2013-09-11 18:21 - 2013-09-11 18:21 - 00000214 _____ C:\Users\User\defogger_reenable
2013-09-11 18:20 - 2013-09-11 18:20 - 00602112 _____ (OldTimer Tools) C:\Users\User\Desktop\OTL.exe
2013-09-11 18:20 - 2013-09-11 18:19 - 01949408 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2013-09-11 18:05 - 2013-09-11 18:05 - 00050477 _____ C:\Users\User\Desktop\Defogger.exe
2013-09-11 17:49 - 2013-09-11 17:49 - 00003003 _____ C:\Users\User\photorec.cfg
2013-09-11 17:47 - 2013-09-11 17:47 - 00000000 ____D C:\Users\User\Downloads\testdisk-6.14.win
2013-09-11 17:23 - 2010-11-21 20:16 - 00000000 ____D C:\Program Files (x86)\Graboid
2013-09-11 17:22 - 2010-03-27 22:49 - 00003982 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{BCC6A330-5EB9-4A56-B8BE-543DC1D52F59}
2013-09-11 17:18 - 2010-09-05 14:01 - 00000000 ____D C:\ProgramData\Symantec
2013-09-11 17:18 - 2010-09-05 14:01 - 00000000 ____D C:\ProgramData\Norton
2013-09-11 11:39 - 2011-10-01 22:04 - 00001002 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1892876427-196628923-906992480-1000Core.job
2013-09-10 19:01 - 2012-03-29 20:04 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-10 19:01 - 2012-03-29 20:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-10 19:01 - 2011-12-30 23:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-10 19:00 - 2013-09-10 19:00 - 09430408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-09-09 20:08 - 2010-12-25 10:58 - 00111928 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-09-09 20:08 - 2010-12-25 10:58 - 00111928 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-09-09 09:51 - 2013-09-09 09:31 - 00002432 _____ C:\Users\User\AppData\Local\Tempuk2112.html
2013-09-08 18:23 - 2013-08-31 09:21 - 00000000 ____D C:\Users\User\Downloads\Cod5
2013-09-07 16:10 - 2010-07-19 16:00 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2013-09-05 18:47 - 2011-10-01 22:07 - 00002321 _____ C:\Users\User\Desktop\Google Chrome.lnk
2013-09-02 17:49 - 2012-03-19 23:12 - 00000000 ____D C:\Users\User\Desktop\FIZYKA-matura(TO BZDURA)
2013-09-02 09:10 - 2010-12-20 15:16 - 00000000 ____D C:\Users\User\Documents\My Games
2013-08-30 16:21 - 2011-10-12 22:42 - 00000539 _____ C:\Users\User\Documents\ax_files.xml
2013-08-30 16:18 - 2010-03-03 18:24 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-30 16:14 - 2013-08-30 16:14 - 00000000 ____D C:\Users\User\Documents\Alcohol 52%
2013-08-30 15:03 - 2010-07-19 16:01 - 00000000 ____D C:\Program Files\uTorrent
2013-08-30 15:01 - 2013-08-30 15:01 - 01130576 _____ (BitTorrent Inc.) C:\Users\User\Downloads\utorrent.exe
2013-08-30 11:02 - 2013-08-30 09:40 - 00000000 ____D C:\Users\User\Desktop\Heroes of Might & Magic V - Dzikie Hordy
2013-08-29 21:35 - 2010-04-11 11:02 - 00000000 ____D C:\Users\User\Documents\FIFA 09
2013-08-29 07:21 - 2012-02-19 20:05 - 00000000 ____D C:\Users\User\AppData\Local\CoI
2013-08-28 19:17 - 2011-07-02 18:01 - 00000000 ____D C:\Civilization V
2013-08-28 17:44 - 2010-03-03 18:01 - 00504540 _____ C:\Windows\DirectX.log
2013-08-28 14:25 - 2011-01-12 20:01 - 00000000 ____D C:\Users\User\Desktop\wojenno strategiczne
2013-08-28 14:16 - 2013-02-12 17:26 - 00000000 ____D C:\Users\User\AppData\Local\Warframe
2013-08-28 10:02 - 2013-08-28 09:33 - 00000000 ____D C:\Users\User\AppData\Roaming\Origin
2013-08-28 10:02 - 2011-11-20 12:29 - 00000000 ____D C:\ProgramData\Origin
2013-08-27 14:32 - 2013-04-02 20:09 - 00000000 ____D C:\Users\User\Downloads\kam_remake_server_r4186
2013-08-26 18:37 - 2010-07-26 15:16 - 00000000 ____D C:\Users\User\Downloads\pbsetup
2013-08-26 18:36 - 2010-12-14 23:15 - 00000000 ____D C:\Users\User\Downloads\CoD4MW-1.6-1.7-PatchSetup.exe
2013-08-26 18:33 - 2012-06-16 01:51 - 00000000 ____D C:\Users\User\Downloads\Manager
2013-08-26 13:57 - 2013-08-26 13:57 - 00000000 ____D C:\Users\User\Documents\Paradox Interactive
2013-08-26 13:54 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-08-26 13:53 - 2013-08-26 13:53 - 00000000 ____D C:\8ee20b058dc89cae709aed3829ee3d
2013-08-26 13:51 - 2013-08-26 13:51 - 00001210 _____ C:\Users\Public\Desktop\Europa Universalis IV.lnk
2013-08-26 13:51 - 2013-08-26 13:48 - 00000000 ____D C:\Program Files (x86)\Europa Universalis IV
2013-08-26 12:02 - 2013-08-26 12:02 - 00000000 ____D C:\Users\User\AppData\Roaming\DownLite
2013-08-23 18:36 - 2013-08-23 18:34 - 00000000 ____D C:\Users\User\Downloads\aaaaatrajner
2013-08-23 17:48 - 2010-07-26 15:27 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-22 08:56 - 2009-07-14 07:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-21 10:38 - 2013-08-21 10:38 - 00005187 _____ C:\Users\User\Documents\Polonez-alt.mscz
2013-08-19 15:52 - 2013-08-19 15:29 - 00000357 _____ C:\Users\User\Desktop\ASG.txt
2013-08-15 16:39 - 2013-09-11 19:23 - 01367424 _____ (Puran Software) C:\Windows\system32\PuranFD.exe
2013-08-15 16:39 - 2013-09-11 19:23 - 00292736 _____ (Puran Software) C:\Windows\system32\PuranDefragS.exe
2013-08-15 16:39 - 2013-09-11 19:23 - 00287616 _____ (Puran Software) C:\Windows\system32\PuranDC.exe
2013-08-15 16:39 - 2013-09-11 19:23 - 00256896 _____ (Puran Software) C:\Windows\system32\PuranDefrag.dll
2013-08-15 16:39 - 2013-09-11 19:23 - 00132480 _____ (Puran Software) C:\Windows\system32\PuranDefragBT.exe
2013-08-14 23:54 - 2013-08-14 23:52 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 23:52 - 2010-07-31 07:43 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-13 23:22 - 2013-01-21 14:25 - 00000000 ____D C:\Users\User\Desktop\jakie tam

Files to move or delete:
====================
C:\Users\User\AppData\Local\Temp\arctic-loop.exe
C:\Users\User\AppData\Local\Temp\AskSLib.dll
C:\Users\User\AppData\Local\Temp\drm_dyndata_7370012.dll
C:\Users\User\AppData\Local\Temp\gg10.upgr.exe
C:\Users\User\AppData\Local\Temp\hamachi-update-2.1.0.294.exe
C:\Users\User\AppData\Local\Temp\htmlayout.dll
C:\Users\User\AppData\Local\Temp\ICReinstall_audacity-win-2.0.2_Downloader.exe
C:\Users\User\AppData\Local\Temp\install_flashplayer11x32au_mssa_aih.exe
C:\Users\User\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\rootsupd.exe
C:\Users\User\AppData\Local\Temp\setup.exe
C:\Users\User\AppData\Local\Temp\Shortcut_Shortcut_SweetIMSetup (2).exe
C:\Users\User\AppData\Local\Temp\Shortcut_SweetIMSetup (2).exe
C:\Users\User\AppData\Local\Temp\Shortcut_SweetIMSetup.exe
C:\Users\User\AppData\Local\Temp\SIMEEI2Installer.exe
C:\Users\User\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\User\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\User\AppData\Local\Temp\tbDow0.dll
C:\Users\User\AppData\Local\Temp\tbPHP0.dll
C:\Users\User\AppData\Local\Temp\tbXfir.dll
C:\Users\User\AppData\Local\Temp\tmp9E12.exe
C:\Users\User\AppData\Local\Temp\uninstall14444694.exe
C:\Users\User\AppData\Local\Temp\uninstall14444756.exe
C:\Users\User\AppData\Local\Temp\uninstall14444818.exe
C:\Users\User\AppData\Local\Temp\uninstall14444834.exe
C:\Users\User\AppData\Local\Temp\uninstall14444959.exe
C:\Users\User\AppData\Local\Temp\update1548575.exe
C:\Users\User\AppData\Local\Temp\update166016.exe
C:\Users\User\AppData\Local\Temp\update68656.exe
C:\Users\User\AppData\Local\Temp\utt2F20.tmp.exe
C:\Users\User\AppData\Local\Temp\_is93D6.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-12-05 14:10

==================== End Of Log ============================