Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2013 2
Ran by A (administrator) on A-KOMPUTER on 07-12-2013 18:18:58
Running from C:\Users\A\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ECAREME) C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EeeStorageBackup] - C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe [947472 2009-08-25] (ECAREME)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [619392 2009-06-12] (ELAN Microelectronic Corp.)
HKCU\...\Run: [Gadu-Gadu 10] - C:\Program Files (x86)\Gadu-Gadu 10\gg.exe [12984928 2010-12-16] (GG Network S.A.)
HKCU\...\Run: [EA Core] - C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [3325952 2009-03-28] (Electronic Arts)
HKCU\...\Run: [Facebook Update] - C:\Users\A\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-11-24] (Facebook Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
MountPoints2: {3f1d1c4e-8511-11e1-9794-90e6baaa2065} - F:\Startme.exe
MountPoints2: {aa30358e-a976-11e0-bbe0-90e6baaa2065} - F:\AutoRun.exe
MountPoints2: {aa3035af-a976-11e0-bbe0-90e6baaa2065} - F:\AutoRun.exe
MountPoints2: {aa3035e3-a976-11e0-bbe0-90e6baaa2065} - F:\AutoRun.exe
MountPoints2: {aa3035f0-a976-11e0-bbe0-90e6baaa2065} - F:\AutoRun.exe
MountPoints2: {aa303623-a976-11e0-bbe0-90e6baaa2065} - F:\AutoRun.exe
MountPoints2: {aa303631-a976-11e0-bbe0-90e6baaa2065} - F:\AutoRun.exe
MountPoints2: {aa303662-a976-11e0-bbe0-90e6baaa2065} - F:\AutoRun.exe
MountPoints2: {aa30366d-a976-11e0-bbe0-90e6baaa2065} - F:\AutoRun.exe
MountPoints2: {aa30367a-a976-11e0-bbe0-90e6baaa2065} - F:\AutoRun.exe
MountPoints2: {f88b3301-ab34-11e0-a7a2-90e6baaa2065} - G:\AutoRun.exe
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE [2244096 2009-07-13] (VIA)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4297136 2012-10-30] (AVAST Software)
HKLM-x32\...\Run: [ADSMTray] - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [272952 2009-06-24] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421160 2011-06-07] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [QuickTime Task] - D:\quicktime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=063490E6BAAA2065&affID=119357&tt=250613_gr5&tsp=4928
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=67af9efc-3dfe-4937-b13f-8fec67702c2f&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=67af9efc-3dfe-4937-b13f-8fec67702c2f&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=67af9efc-3dfe-4937-b13f-8fec67702c2f&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=67af9efc-3dfe-4937-b13f-8fec67702c2f&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=67af9efc-3dfe-4937-b13f-8fec67702c2f&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=67af9efc-3dfe-4937-b13f-8fec67702c2f&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss_Btisdt7&mntrId=063490E6BAAA2065&affID=119357&tt=250613_gr5&tsp=4928
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = 
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocnik logowania za pomocą konta Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Auslogics Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Auslogics Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.14.1 82.160.1.1

FireFox:
========
FF ProfilePath: C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\ewu2b6li.default
FF user.js: detected! => C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\ewu2b6li.default\user.js
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - D:\Adobe\AdobeReader\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\A\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\ewu2b6li.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\ewu2b6li.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\ewu2b6li.default\searchplugins\Web Search.xml
FF Extension: Linkury Smartbar - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\ewu2b6li.default\Extensions\{67af9efc-3dfe-4937-b13f-8fec67702c2f}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome: 
=======
CHR HomePage: hxxp://isearch.babylon.com/?babsrc=HP_ss_btis&mntrId=063490E6BAAA2065&affID=119357&tt=250613_gr5&tsp=4928
CHR RestoreOnStartup: "hxxp://isearch.babylon.com/?babsrc=HP_ss_btis&mntrId=063490E6BAAA2065&affID=119357&tt=250613_gr5&tsp=4928", "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=063490E6BAAA2065&affID=119357&tt=250613_gr5&tsp=4928"
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: http://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR DefaultSuggestURL: http://suggestqueries.google.com/complete/search?q={searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Extension: (SmallringFX DarkMagenta Theme) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\cchaoggejjglkolggnioggbfikicamgg\1.7_0
CHR Extension: (Stylish) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.2_0
CHR Extension: (Wrzuta.pl - odtwarzacz + pobieranie) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnebjlalfckmmmcphlnkjnigcifcbfnj\1.0_0
CHR Extension: (avast! WebRep) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0
CHR Extension: (Bing\u2122 Wallpaper for Google\u2122 Homepage) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\ignkobhlkpgjcpkfgfohhdgdaldfaoni\7.10_0
CHR Extension: (Google Wallet) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\A\AppData\Roaming\BabSolution\CR\Delta.crx
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx

==================== Services (Whitelisted) =================

R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-30] (AVAST Software)
S3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [167936 2005-08-08] ()
R2 SRS_VolSync_Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [128224 2009-07-10] (SRS Labs, Inc.)
S2 AFBAgent; 

==================== Drivers (Whitelisted) ====================

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-10-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [71600 2012-10-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-10-15] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [984144 2012-10-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [370288 2012-10-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-10-30] (AVAST Software)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-07-23] (DT Soft Ltd)
S3 hwdatacard; No ImagePath
S3 hwusbdev; No ImagePath
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-07-23] (Duplex Secure Ltd.)
R3 SRS_PremiumSound_Service; C:\Windows\System32\drivers\srs_PremiumSound_amd64.sys [343592 2009-05-18] ()
U3 a1imm93u; No ImagePath
U3 tmlwf; 
U3 tmwfp; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-07 18:18 - 2013-12-07 18:19 - 00019517 _____ C:\Users\A\Desktop\FRST.txt
2013-12-07 18:18 - 2013-12-07 18:18 - 00000000 ____D C:\FRST
2013-12-07 18:16 - 2013-12-07 18:16 - 00602112 _____ (OldTimer Tools) C:\Users\A\Desktop\OTL.exe
2013-12-07 18:16 - 2013-12-07 18:16 - 00377856 _____ C:\Users\A\Desktop\fz4yf5ro.exe
2013-12-07 18:15 - 2013-12-07 18:16 - 01927514 _____ (Farbar) C:\Users\A\Desktop\FRST64.exe
2013-12-07 17:58 - 2013-12-07 17:58 - 00000000 ____D C:\Users\A\Desktop\spacesniffer_1_1_4_0
2013-12-07 17:58 - 2013-12-07 17:58 - 00000000 ____D C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-07 17:56 - 2013-12-07 17:56 - 01536858 _____ C:\Users\A\Desktop\spacesniffer_1_1_4_0.zip
2013-12-05 14:34 - 2013-12-07 11:08 - 00014595 _____ C:\Windows\IE11_main.log
2013-11-16 23:13 - 2013-12-07 15:07 - 269448462 _____ C:\Windows\MEMORY.DMP
2013-11-15 15:02 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-15 15:02 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-15 15:02 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-15 15:02 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-15 15:02 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-15 15:02 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-15 15:02 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-15 15:02 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-15 15:02 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-15 15:02 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-15 15:02 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-15 15:02 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-15 15:02 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-15 15:02 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-15 15:02 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-15 15:02 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-15 15:02 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-15 15:02 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-15 15:02 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-15 15:02 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-15 15:02 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-15 15:02 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-15 15:02 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-15 15:01 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-15 15:01 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-15 15:01 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-15 15:01 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-15 15:01 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-15 15:01 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-15 15:01 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-15 15:01 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-14 17:57 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 17:57 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 17:57 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 17:57 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 17:57 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 17:57 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 17:55 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 17:55 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 17:55 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 17:55 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 17:55 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 17:54 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 17:54 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 17:54 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 17:54 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 17:54 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 17:54 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 17:54 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 17:54 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 17:54 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 17:54 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 17:54 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 17:54 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 17:54 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 17:54 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 17:54 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 17:54 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 17:54 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 17:54 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 17:54 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

==================== One Month Modified Files and Folders =======

2013-12-07 18:19 - 2013-12-07 18:18 - 00019517 _____ C:\Users\A\Desktop\FRST.txt
2013-12-07 18:19 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-07 18:19 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-07 18:18 - 2013-12-07 18:18 - 00000000 ____D C:\FRST
2013-12-07 18:16 - 2013-12-07 18:16 - 00602112 _____ (OldTimer Tools) C:\Users\A\Desktop\OTL.exe
2013-12-07 18:16 - 2013-12-07 18:16 - 00377856 _____ C:\Users\A\Desktop\fz4yf5ro.exe
2013-12-07 18:16 - 2013-12-07 18:15 - 01927514 _____ (Farbar) C:\Users\A\Desktop\FRST64.exe
2013-12-07 18:06 - 2011-08-07 01:11 - 00001038 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-07 18:01 - 2012-11-24 14:56 - 00000912 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3422323343-4066893411-3898213353-1000UA.job
2013-12-07 17:58 - 2013-12-07 17:58 - 00000000 ____D C:\Users\A\Desktop\spacesniffer_1_1_4_0
2013-12-07 17:58 - 2013-12-07 17:58 - 00000000 ____D C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-07 17:58 - 2012-11-23 23:42 - 00000000 ____D C:\Program Files\WinRAR
2013-12-07 17:56 - 2013-12-07 17:56 - 01536858 _____ C:\Users\A\Desktop\spacesniffer_1_1_4_0.zip
2013-12-07 17:55 - 2009-11-08 02:49 - 01253248 _____ C:\Windows\WindowsUpdate.log
2013-12-07 16:18 - 2009-08-03 20:55 - 00698146 _____ C:\Windows\system32\perfh015.dat
2013-12-07 16:18 - 2009-08-03 20:55 - 00135224 _____ C:\Windows\system32\perfc015.dat
2013-12-07 16:18 - 2009-07-14 06:13 - 01549932 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-07 15:39 - 2011-07-02 11:58 - 00000000 ____D C:\Users\A\AppData\Roaming\Skype
2013-12-07 15:38 - 2011-07-02 11:53 - 00000000 ____D C:\ProgramData\Skype
2013-12-07 15:37 - 2013-03-09 13:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-07 15:22 - 2011-08-07 01:11 - 00001034 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-07 15:20 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-07 15:20 - 2009-07-14 05:51 - 00228765 _____ C:\Windows\setupact.log
2013-12-07 15:07 - 2013-11-16 23:13 - 269448462 _____ C:\Windows\MEMORY.DMP
2013-12-07 15:01 - 2012-11-24 14:56 - 00000890 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3422323343-4066893411-3898213353-1000Core.job
2013-12-07 11:08 - 2013-12-05 14:34 - 00014595 _____ C:\Windows\IE11_main.log
2013-11-19 15:01 - 2012-11-11 21:19 - 00000000 ____D C:\ProgramData\architekt3d
2013-11-16 23:13 - 2011-04-24 18:19 - 00000000 ____D C:\Windows\Minidump
2013-11-16 03:19 - 2009-11-08 03:47 - 00174072 _____ C:\Windows\PFRO.log
2013-11-15 15:01 - 2009-11-08 03:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-15 14:55 - 2013-08-15 02:05 - 00000000 ____D C:\Windows\system32\MRT
2013-11-15 14:47 - 2011-06-03 07:36 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\A\AppData\Local\Temp\atl80.dll
C:\Users\A\AppData\Local\Temp\contentDATs.exe
C:\Users\A\AppData\Local\Temp\EAD1016.exe
C:\Users\A\AppData\Local\Temp\EAD1286.exe
C:\Users\A\AppData\Local\Temp\EAD1322.exe
C:\Users\A\AppData\Local\Temp\EAD188E.exe
C:\Users\A\AppData\Local\Temp\EAD189E.exe
C:\Users\A\AppData\Local\Temp\EAD1978.exe
C:\Users\A\AppData\Local\Temp\EAD1B7B.exe
C:\Users\A\AppData\Local\Temp\EAD1DFB.exe
C:\Users\A\AppData\Local\Temp\EAD225E.exe
C:\Users\A\AppData\Local\Temp\EAD24ED.exe
C:\Users\A\AppData\Local\Temp\EAD28C4.exe
C:\Users\A\AppData\Local\Temp\EAD2D75.exe
C:\Users\A\AppData\Local\Temp\EAD2EC.exe
C:\Users\A\AppData\Local\Temp\EAD2FA7.exe
C:\Users\A\AppData\Local\Temp\EAD30C.exe
C:\Users\A\AppData\Local\Temp\EAD318A.exe
C:\Users\A\AppData\Local\Temp\EAD3496.exe
C:\Users\A\AppData\Local\Temp\EAD364B.exe
C:\Users\A\AppData\Local\Temp\EAD3928.exe
C:\Users\A\AppData\Local\Temp\EAD3996.exe
C:\Users\A\AppData\Local\Temp\EAD3A12.exe
C:\Users\A\AppData\Local\Temp\EAD3C06.exe
C:\Users\A\AppData\Local\Temp\EAD3D2E.exe
C:\Users\A\AppData\Local\Temp\EAD3F02.exe
C:\Users\A\AppData\Local\Temp\EAD3F03.exe
C:\Users\A\AppData\Local\Temp\EAD3FBD.exe
C:\Users\A\AppData\Local\Temp\EAD4308.exe
C:\Users\A\AppData\Local\Temp\EAD434.exe
C:\Users\A\AppData\Local\Temp\EAD494F.exe
C:\Users\A\AppData\Local\Temp\EAD4EAB.exe
C:\Users\A\AppData\Local\Temp\EAD5060.exe
C:\Users\A\AppData\Local\Temp\EAD5494.exe
C:\Users\A\AppData\Local\Temp\EAD5984.exe
C:\Users\A\AppData\Local\Temp\EAD59E2.exe
C:\Users\A\AppData\Local\Temp\EAD5D99.exe
C:\Users\A\AppData\Local\Temp\EAD5DA9.exe
C:\Users\A\AppData\Local\Temp\EAD5DC8.exe
C:\Users\A\AppData\Local\Temp\EAD5E26.exe
C:\Users\A\AppData\Local\Temp\EAD5E55.exe
C:\Users\A\AppData\Local\Temp\EAD5E93.exe
C:\Users\A\AppData\Local\Temp\EAD5EE1.exe
C:\Users\A\AppData\Local\Temp\EAD65D3.exe
C:\Users\A\AppData\Local\Temp\EAD6621.exe
C:\Users\A\AppData\Local\Temp\EAD6769.exe
C:\Users\A\AppData\Local\Temp\EAD696C.exe
C:\Users\A\AppData\Local\Temp\EAD6CE5.exe
C:\Users\A\AppData\Local\Temp\EAD6F45.exe
C:\Users\A\AppData\Local\Temp\EAD6F65.exe
C:\Users\A\AppData\Local\Temp\EAD70AC.exe
C:\Users\A\AppData\Local\Temp\EAD731C.exe
C:\Users\A\AppData\Local\Temp\EAD734B.exe
C:\Users\A\AppData\Local\Temp\EAD759C.exe
C:\Users\A\AppData\Local\Temp\EAD75F9.exe
C:\Users\A\AppData\Local\Temp\EAD7925.exe
C:\Users\A\AppData\Local\Temp\EAD7C9E.exe
C:\Users\A\AppData\Local\Temp\EAD7FD9.exe
C:\Users\A\AppData\Local\Temp\EAD80A3.exe
C:\Users\A\AppData\Local\Temp\EAD8111.exe
C:\Users\A\AppData\Local\Temp\EAD848A.exe
C:\Users\A\AppData\Local\Temp\EAD84F7.exe
C:\Users\A\AppData\Local\Temp\EAD86EA.exe
C:\Users\A\AppData\Local\Temp\EAD8A15.exe
C:\Users\A\AppData\Local\Temp\EAD8A44.exe
C:\Users\A\AppData\Local\Temp\EAD90E9.exe
C:\Users\A\AppData\Local\Temp\EAD94EE.exe
C:\Users\A\AppData\Local\Temp\EAD96B3.exe
C:\Users\A\AppData\Local\Temp\EAD974F.exe
C:\Users\A\AppData\Local\Temp\EAD978D.exe
C:\Users\A\AppData\Local\Temp\EAD9819.exe
C:\Users\A\AppData\Local\Temp\EAD98E4.exe
C:\Users\A\AppData\Local\Temp\EAD9CBB.exe
C:\Users\A\AppData\Local\Temp\EAD9DF.exe
C:\Users\A\AppData\Local\Temp\EADA1AB.exe
C:\Users\A\AppData\Local\Temp\EADA237.exe
C:\Users\A\AppData\Local\Temp\EADA321.exe
C:\Users\A\AppData\Local\Temp\EADA3CD.exe
C:\Users\A\AppData\Local\Temp\EADA3FB.exe
C:\Users\A\AppData\Local\Temp\EADA505.exe
C:\Users\A\AppData\Local\Temp\EADA591.exe
C:\Users\A\AppData\Local\Temp\EADA63D.exe
C:\Users\A\AppData\Local\Temp\EADA784.exe
C:\Users\A\AppData\Local\Temp\EADA85F.exe
C:\Users\A\AppData\Local\Temp\EADA90A.exe
C:\Users\A\AppData\Local\Temp\EADAC07.exe
C:\Users\A\AppData\Local\Temp\EADAD8.exe
C:\Users\A\AppData\Local\Temp\EADB25D.exe
C:\Users\A\AppData\Local\Temp\EADB3A5.exe
C:\Users\A\AppData\Local\Temp\EADB559.exe
C:\Users\A\AppData\Local\Temp\EADBD55.exe
C:\Users\A\AppData\Local\Temp\EADC225.exe
C:\Users\A\AppData\Local\Temp\EADC7F0.exe
C:\Users\A\AppData\Local\Temp\EADC87C.exe
C:\Users\A\AppData\Local\Temp\EADCB78.exe
C:\Users\A\AppData\Local\Temp\EADCE65.exe
C:\Users\A\AppData\Local\Temp\EADCFEB.exe
C:\Users\A\AppData\Local\Temp\EADD7F6.exe
C:\Users\A\AppData\Local\Temp\EADD95D.exe
C:\Users\A\AppData\Local\Temp\EADE0AD.exe
C:\Users\A\AppData\Local\Temp\EADE407.exe
C:\Users\A\AppData\Local\Temp\EADE446.exe
C:\Users\A\AppData\Local\Temp\EADE6A6.exe
C:\Users\A\AppData\Local\Temp\EADEA4E.exe
C:\Users\A\AppData\Local\Temp\EADEE54.exe
C:\Users\A\AppData\Local\Temp\EADF066.exe
C:\Users\A\AppData\Local\Temp\EADF640.exe
C:\Users\A\AppData\Local\Temp\EADF64F.exe
C:\Users\A\AppData\Local\Temp\EADF768.exe
C:\Users\A\AppData\Local\Temp\EADF8CF.exe
C:\Users\A\AppData\Local\Temp\EADFD70.exe
C:\Users\A\AppData\Local\Temp\EADFE0C.exe
C:\Users\A\AppData\Local\Temp\EADFFC1.exe
C:\Users\A\AppData\Local\Temp\gg10.upgr.exe
C:\Users\A\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\A\AppData\Local\Temp\mfc80.dll
C:\Users\A\AppData\Local\Temp\mfc80u.dll
C:\Users\A\AppData\Local\Temp\mfcm80.dll
C:\Users\A\AppData\Local\Temp\mfcm80u.dll
C:\Users\A\AppData\Local\Temp\msvcm80.dll
C:\Users\A\AppData\Local\Temp\msvcp80.dll
C:\Users\A\AppData\Local\Temp\msvcr80.dll
C:\Users\A\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\A\AppData\Local\Temp\setup.exe
C:\Users\A\AppData\Local\Temp\SkypeSetup.exe
C:\Users\A\AppData\Local\Temp\TmDbg32.dll
C:\Users\A\AppData\Local\Temp\TmDbg64.dll
C:\Users\A\AppData\Local\Temp\uninst1.exe
C:\Users\A\AppData\Local\Temp\UninstallEADM.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-01 16:05

==================== End Of Log ============================