Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by padi1_000 (administrator) on MATEUSZ on 04-01-2014 18:58:21
Running from C:\Users\padi1_000\Downloads
Windows 8 Enterprise (X64) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(AVG Technologies CZ, s.r.o.) G:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) G:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) G:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) G:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) G:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) G:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\loggingserver.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) G:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(AVG Technologies CZ, s.r.o.) G:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(OldTimer Tools) C:\Users\padi1_000\Downloads\OTL (1).exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [AVG_UI] - G:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2471448 2013-12-25] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
HKCU\...\Run: [AVG-Secure-Search-Update_1213b] - C:\Users\padi1_000\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=450f47dc5d2547d39dcdd16f2a8adea0-5003bce94a18cdedda00ce292bc523e1417ad39c /CMPID=1213b
HKCU\...\Run: [GG] - C:\Users\padi1_000\AppData\Local\GG\Application\gghub.exe [4047424 2013-12-11] (GG Network S.A.)
MountPoints2: {0b5e0af0-3434-11e3-be69-00266c6e3753} - "H:\autorun.EXE" 
MountPoints2: {0b5e0ca0-3434-11e3-be69-00266c6e3753} - "I:\SETUP.EXE" 
MountPoints2: {7698b4d0-6640-11e3-be77-00266c6e3753} - "H:\autorun.EXE" 
Startup: C:\Users\padi1_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wysyłanie do programu OneNote.lnk
ShortcutTarget: Wysyłanie do programu OneNote.lnk -> G:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mysearch.avg.com?cid={DD4A545F-EBB2-482F-9BCE-66E57B1EB857}&mid=450f47dc5d2547d39dcdd16f2a8adea0-5003bce94a18cdedda00ce292bc523e1417ad39c&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2013-12-25 10:34:37&v=17.2.0.38&pid=safeguard&sg=&sap=hp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x74AE0A4F46C8CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1383416345&from=amt&uid=WDCXWD5000BPVT-00HXZT3_WD-WX71C22M4436M4436
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://start.qone8.com/web/?type=ds&ts=1383416345&from=amt&uid=WDCXWD5000BPVT-00HXZT3_WD-WX71C22M4436M4436&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1383416345&from=amt&uid=WDCXWD5000BPVT-00HXZT3_WD-WX71C22M4436M4436
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.qone8.com/?type=hp&ts=1383416345&from=amt&uid=WDCXWD5000BPVT-00HXZT3_WD-WX71C22M4436M4436
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://start.qone8.com/web/?type=ds&ts=1383416345&from=amt&uid=WDCXWD5000BPVT-00HXZT3_WD-WX71C22M4436M4436&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://start.qone8.com/web/?type=ds&ts=1383416345&from=amt&uid=WDCXWD5000BPVT-00HXZT3_WD-WX71C22M4436M4436&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1383416345&from=amt&uid=WDCXWD5000BPVT-00HXZT3_WD-WX71C22M4436M4436
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.qone8.com/?type=hp&ts=1383416345&from=amt&uid=WDCXWD5000BPVT-00HXZT3_WD-WX71C22M4436M4436
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://start.qone8.com/web/?type=ds&ts=1383416345&from=amt&uid=WDCXWD5000BPVT-00HXZT3_WD-WX71C22M4436M4436&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1383416345&from=amt&uid=WDCXWD5000BPVT-00HXZT3_WD-WX71C22M4436M4436
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1383416345&from=amt&uid=WDCXWD5000BPVT-00HXZT3_WD-WX71C22M4436M4436&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1383416345&from=amt&uid=WDCXWD5000BPVT-00HXZT3_WD-WX71C22M4436M4436&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1383416345&from=amt&uid=WDCXWD5000BPVT-00HXZT3_WD-WX71C22M4436M4436&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1383416345&from=amt&uid=WDCXWD5000BPVT-00HXZT3_WD-WX71C22M4436M4436&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1383416345&from=amt&uid=WDCXWD5000BPVT-00HXZT3_WD-WX71C22M4436M4436&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1383416345&from=amt&uid=WDCXWD5000BPVT-00HXZT3_WD-WX71C22M4436M4436&q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={DD4A545F-EBB2-482F-9BCE-66E57B1EB857}&mid=450f47dc5d2547d39dcdd16f2a8adea0-5003bce94a18cdedda00ce292bc523e1417ad39c&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2013-12-25 10:34:37&v=17.2.0.38&pid=safeguard&sg=&sap=dsp&q={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - G:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - G:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Better-Surf - {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - C:\Program Files (x86)\Better-Surf\ie\BetterSrf.dll No File
BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.2.0.38\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.2.0.38\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - G:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 77.242.226.251 77.242.226.226
Tcpip\..\Interfaces\{FF56DBD0-8230-4B5A-871D-49C8977E18CA}: [NameServer]8.8.8.8,8.8.4.4

Chrome: 
=======
CHR HomePage: hxxp://start.qone8.com/?type=hp&ts=1383416345&from=amt&uid=WDCXWD5000BPVT-00HXZT3_WD-WX71C22M4436M4436
CHR RestoreOnStartup: "hxxp://start.qone8.com/?type=hp&ts=1383416345&from=amt&uid=WDCXWD5000BPVT-00HXZT3_WD-WX71C22M4436M4436", "
CHR Extension: (Google Docs) - C:\Users\padi1_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\padi1_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\padi1_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Extended Protection) - C:\Users\padi1_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0
CHR Extension: (Adblock Plus) - C:\Users\padi1_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0
CHR Extension: (Google Search) - C:\Users\padi1_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Lightning Newtab) - C:\Users\padi1_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\1.1.8.4_0
CHR Extension: (AVG SafeGuard) - C:\Users\padi1_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.2.0.38_0
CHR Extension: (Google Wallet) - C:\Users\padi1_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\padi1_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\padi1_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\17.2.0.38\avg.crx
CHR HKLM-x32\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files (x86)\Better-Surf\ch\Chrome.crx

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; G:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; G:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 vToolbarUpdater17.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [1771544 2013-12-25] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-10-21] (AVG Technologies CZ, s.r.o.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-12-17] (Disc Soft Ltd)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [31120 2013-11-01] (Windows (R) Win 7 DDK provider)
R5 SynTP; C:\Windows\System32\Drivers\SynTP.sys [524528 2013-08-28] (Synaptics Incorporated)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-04 18:55 - 2014-01-04 18:58 - 00027164 _____ C:\Users\padi1_000\Downloads\Addition.txt
2014-01-04 18:54 - 2014-01-04 18:58 - 00014543 _____ C:\Users\padi1_000\Downloads\FRST.txt
2014-01-04 18:53 - 2014-01-04 18:53 - 00000000 ____D C:\FRST
2014-01-04 18:52 - 2014-01-04 18:52 - 01931368 _____ (Farbar) C:\Users\padi1_000\Downloads\FRST64.exe
2014-01-04 18:51 - 2014-01-04 18:51 - 00602112 _____ (OldTimer Tools) C:\Users\padi1_000\Downloads\OTL.exe
2014-01-04 18:51 - 2014-01-04 18:51 - 00602112 _____ (OldTimer Tools) C:\Users\padi1_000\Downloads\OTL (1).exe
2014-01-04 18:51 - 2014-01-04 18:51 - 00001168 _____ C:\Users\padi1_000\Desktop\Kontynuuj instalację OTL by OldTimer.lnk
2014-01-04 18:50 - 2014-01-04 18:50 - 00694016 _____ C:\Users\padi1_000\Downloads\otl-by-oldtimer_setup.exe
2014-01-03 22:39 - 2014-01-03 22:39 - 00000000 ____D C:\Users\padi1_000\AppData\Roaming\TeamViewer
2014-01-03 20:07 - 2014-01-03 20:07 - 06075512 _____ (TeamViewer GmbH) C:\Users\padi1_000\Downloads\TeamViewer_Setup_pl.exe
2014-01-03 20:07 - 2014-01-03 20:07 - 00001166 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-01-03 20:07 - 2014-01-03 20:07 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2014-01-03 16:54 - 2014-01-03 16:54 - 00000710 _____ C:\Users\Public\Desktop\Winamp.lnk
2014-01-03 16:53 - 2014-01-03 17:34 - 00000000 ____D C:\Users\padi1_000\AppData\Roaming\Winamp
2014-01-03 16:52 - 2014-01-03 16:52 - 12892432 _____ (Nullsoft, Inc.) C:\Users\padi1_000\Downloads\winamp5666_full_pl-pl.exe
2014-01-02 20:27 - 2014-01-02 20:27 - 00028672 ___SH C:\Users\padi1_000\Desktop\Thumbs.db
2014-01-02 20:06 - 2014-01-02 20:07 - 00000000 ___SD C:\Users\padi1_000\GG dysk
2014-01-02 20:06 - 2014-01-02 20:06 - 00001639 _____ C:\Users\padi1_000\Desktop\GG dysk.lnk
2014-01-02 20:06 - 2014-01-02 20:06 - 00001152 _____ C:\Users\padi1_000\Desktop\GG.lnk
2014-01-02 20:06 - 2014-01-02 20:06 - 00000000 ____D C:\Users\padi1_000\AppData\Roaming\Mozilla
2014-01-02 20:05 - 2014-01-04 17:52 - 00000000 ____D C:\Users\padi1_000\AppData\Roaming\GG
2014-01-02 20:05 - 2014-01-02 20:06 - 00000000 ____D C:\Users\padi1_000\AppData\Local\GG
2014-01-02 20:05 - 2014-01-02 20:05 - 00001160 _____ C:\Users\padi1_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk
2014-01-02 20:03 - 2014-01-02 20:03 - 00389952 _____ C:\Users\padi1_000\Downloads\gg-install.exe
2013-12-29 18:37 - 2013-12-29 18:37 - 00454053 _____ C:\Users\padi1_000\Downloads\onyksowa 9 lublin - Mapy Google.htm
2013-12-29 18:37 - 2013-12-29 18:37 - 00000000 ____D C:\Users\padi1_000\Downloads\onyksowa 9 lublin - Mapy Google_files
2013-12-29 12:46 - 2013-12-29 12:46 - 00053760 _____ (Tolunay Orkun) C:\Users\padi1_000\Downloads\DRTCP021.exe
2013-12-28 14:04 - 2013-12-28 14:04 - 00021504 ___SH C:\Users\padi1_000\Downloads\Thumbs.db
2013-12-25 10:34 - 2013-12-25 10:34 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-12-25 10:34 - 2013-12-25 10:34 - 00000000 ____D C:\Users\padi1_000\AppData\Local\AVG SafeGuard toolbar
2013-12-25 10:34 - 2013-12-25 10:34 - 00000000 ____D C:\ProgramData\AVG Security Toolbar
2013-12-25 10:34 - 2013-12-25 10:34 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2013-12-25 10:34 - 2013-12-25 10:34 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-12-22 16:43 - 2013-12-22 16:43 - 00000000 ____D C:\Users\padi1_000\AppData\Roaming\AVG2014
2013-12-22 16:42 - 2013-12-22 16:42 - 00000790 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-12-22 16:42 - 2013-12-22 16:42 - 00000000 ____D C:\Users\padi1_000\AppData\Roaming\TuneUp Software
2013-12-22 16:40 - 2013-12-22 16:40 - 00000000 ___HD C:\$AVG
2013-12-22 16:39 - 2013-12-22 16:42 - 00000000 ____D C:\ProgramData\AVG2014
2013-12-22 16:38 - 2014-01-04 17:20 - 00000000 ____D C:\ProgramData\MFAData
2013-12-22 16:38 - 2013-12-22 16:44 - 00000000 ____D C:\Users\padi1_000\AppData\Local\Avg2014
2013-12-22 16:38 - 2013-12-22 16:38 - 00000000 ____D C:\Users\padi1_000\AppData\Local\MFAData
2013-12-22 16:30 - 2013-12-22 16:37 - 149157408 _____ (AVG Technologies) C:\Users\padi1_000\Downloads\avg_free_x64_all_2014_4259a6848.exe
2013-12-22 16:24 - 2013-12-22 16:24 - 00003376 _____ C:\Windows\System32\Tasks\Odkurzacz
2013-12-22 16:24 - 2013-12-22 16:24 - 00000778 _____ C:\Users\padi1_000\Desktop\Odkurzacz.lnk
2013-12-22 16:23 - 2013-12-22 16:24 - 03841551 _____ (FranmoSoftware                                              ) C:\Users\padi1_000\Downloads\odk13.4.0.1685setup.exe
2013-12-22 16:17 - 2013-12-22 16:17 - 00000588 _____ C:\Windows\SynInst.log
2013-12-22 16:17 - 2013-12-22 16:17 - 00000000 ____D C:\ProgramData\Synaptics
2013-12-22 12:12 - 2013-12-22 16:17 - 00000000 ____D C:\Program Files (x86)\WebexpEnhancedV1
2013-12-17 18:25 - 2013-12-17 18:25 - 00000000 ____D C:\Users\padi1_000\AppData\Roaming\WSPWNOUP2007
2013-12-17 18:06 - 2013-12-17 18:06 - 00001648 _____ C:\Users\padi1_000\Desktop\Wielki słownik PWN-OXFORD.lnk
2013-12-17 18:02 - 2013-12-17 18:02 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-12-17 18:02 - 2013-12-17 18:02 - 00001090 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-12-17 18:01 - 2013-12-17 18:03 - 00000000 ____D C:\Users\padi1_000\AppData\Roaming\DAEMON Tools Lite
2013-12-17 17:55 - 2013-12-17 18:02 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-12-16 11:54 - 2013-12-16 11:55 - 00422192 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-15 13:40 - 2013-12-15 13:40 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-12-15 13:40 - 2013-12-15 13:40 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-12-12 20:56 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 20:56 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 20:56 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 20:56 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 21:48 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 21:48 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 21:47 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 21:47 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 21:47 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 21:47 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 21:47 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 21:46 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 21:46 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 21:46 - 2013-10-25 07:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-12-11 21:46 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 21:46 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 21:46 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 21:46 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 21:46 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 21:46 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 21:46 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 21:46 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 21:46 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-11 21:46 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 21:46 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 21:46 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2013-12-11 21:46 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 21:46 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-12-11 21:46 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-12-11 21:46 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-12-11 21:46 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-12-11 21:46 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-12-11 21:46 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-12-11 21:46 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-12-11 21:46 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-12-11 21:46 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-12-11 21:46 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-12-11 21:46 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-12-11 21:46 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-12-11 21:46 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-12-11 21:46 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-12-11 21:46 - 2013-10-03 23:09 - 00385528 _____ C:\Windows\system32\ApnDatabase.xml
2013-12-11 21:46 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-12-11 21:46 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-12-11 21:46 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-12-11 21:46 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-12-11 21:46 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2013-12-11 21:46 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2013-12-11 21:46 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2013-12-11 21:46 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2013-12-11 21:45 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 21:45 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2013-12-11 21:45 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 21:45 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 21:43 - 2013-11-07 00:18 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 21:43 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 14:04 - 2013-12-22 12:13 - 00000161 _____ C:\extensions.ini
2013-12-10 14:03 - 2013-12-22 16:16 - 00000000 ____D C:\Program Files (x86)\BetterSurf

==================== One Month Modified Files and Folders =======

2014-01-04 18:58 - 2014-01-04 18:55 - 00027164 _____ C:\Users\padi1_000\Downloads\Addition.txt
2014-01-04 18:58 - 2014-01-04 18:54 - 00014543 _____ C:\Users\padi1_000\Downloads\FRST.txt
2014-01-04 18:53 - 2014-01-04 18:53 - 00000000 ____D C:\FRST
2014-01-04 18:52 - 2014-01-04 18:52 - 01931368 _____ (Farbar) C:\Users\padi1_000\Downloads\FRST64.exe
2014-01-04 18:51 - 2014-01-04 18:51 - 00602112 _____ (OldTimer Tools) C:\Users\padi1_000\Downloads\OTL.exe
2014-01-04 18:51 - 2014-01-04 18:51 - 00602112 _____ (OldTimer Tools) C:\Users\padi1_000\Downloads\OTL (1).exe
2014-01-04 18:51 - 2014-01-04 18:51 - 00001168 _____ C:\Users\padi1_000\Desktop\Kontynuuj instalację OTL by OldTimer.lnk
2014-01-04 18:50 - 2014-01-04 18:50 - 00694016 _____ C:\Users\padi1_000\Downloads\otl-by-oldtimer_setup.exe
2014-01-04 18:02 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2014-01-04 17:52 - 2014-01-02 20:05 - 00000000 ____D C:\Users\padi1_000\AppData\Roaming\GG
2014-01-04 17:50 - 2013-11-13 20:21 - 00000000 ___RD C:\Users\padi1_000\Dysk Google
2014-01-04 17:29 - 2013-10-13 18:33 - 01163179 _____ C:\Windows\WindowsUpdate.log
2014-01-04 17:20 - 2013-12-22 16:38 - 00000000 ____D C:\ProgramData\MFAData
2014-01-03 22:39 - 2014-01-03 22:39 - 00000000 ____D C:\Users\padi1_000\AppData\Roaming\TeamViewer
2014-01-03 20:07 - 2014-01-03 20:07 - 06075512 _____ (TeamViewer GmbH) C:\Users\padi1_000\Downloads\TeamViewer_Setup_pl.exe
2014-01-03 20:07 - 2014-01-03 20:07 - 00001166 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-01-03 20:07 - 2014-01-03 20:07 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2014-01-03 17:34 - 2014-01-03 16:53 - 00000000 ____D C:\Users\padi1_000\AppData\Roaming\Winamp
2014-01-03 16:54 - 2014-01-03 16:54 - 00000710 _____ C:\Users\Public\Desktop\Winamp.lnk
2014-01-03 16:53 - 2012-07-26 10:50 - 00758316 _____ C:\Windows\system32\perfh015.dat
2014-01-03 16:53 - 2012-07-26 10:50 - 00151750 _____ C:\Windows\system32\perfc015.dat
2014-01-03 16:53 - 2012-07-26 08:28 - 01703652 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-03 16:52 - 2014-01-03 16:52 - 12892432 _____ (Nullsoft, Inc.) C:\Users\padi1_000\Downloads\winamp5666_full_pl-pl.exe
2014-01-02 23:35 - 2013-10-17 16:39 - 00000000 ____D C:\Users\padi1_000\AppData\Roaming\Skype
2014-01-02 20:27 - 2014-01-02 20:27 - 00028672 ___SH C:\Users\padi1_000\Desktop\Thumbs.db
2014-01-02 20:07 - 2014-01-02 20:06 - 00000000 ___SD C:\Users\padi1_000\GG dysk
2014-01-02 20:06 - 2014-01-02 20:06 - 00001639 _____ C:\Users\padi1_000\Desktop\GG dysk.lnk
2014-01-02 20:06 - 2014-01-02 20:06 - 00001152 _____ C:\Users\padi1_000\Desktop\GG.lnk
2014-01-02 20:06 - 2014-01-02 20:06 - 00000000 ____D C:\Users\padi1_000\AppData\Roaming\Mozilla
2014-01-02 20:06 - 2014-01-02 20:05 - 00000000 ____D C:\Users\padi1_000\AppData\Local\GG
2014-01-02 20:06 - 2013-10-13 18:33 - 00000000 ____D C:\Users\padi1_000
2014-01-02 20:05 - 2014-01-02 20:05 - 00001160 _____ C:\Users\padi1_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk
2014-01-02 20:03 - 2014-01-02 20:03 - 00389952 _____ C:\Users\padi1_000\Downloads\gg-install.exe
2014-01-02 19:54 - 2012-07-26 08:21 - 00028477 _____ C:\Windows\setupact.log
2013-12-29 18:37 - 2013-12-29 18:37 - 00454053 _____ C:\Users\padi1_000\Downloads\onyksowa 9 lublin - Mapy Google.htm
2013-12-29 18:37 - 2013-12-29 18:37 - 00000000 ____D C:\Users\padi1_000\Downloads\onyksowa 9 lublin - Mapy Google_files
2013-12-29 17:37 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-12-29 12:46 - 2013-12-29 12:46 - 00053760 _____ (Tolunay Orkun) C:\Users\padi1_000\Downloads\DRTCP021.exe
2013-12-28 14:04 - 2013-12-28 14:04 - 00021504 ___SH C:\Users\padi1_000\Downloads\Thumbs.db
2013-12-25 10:34 - 2013-12-25 10:34 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-12-25 10:34 - 2013-12-25 10:34 - 00000000 ____D C:\Users\padi1_000\AppData\Local\AVG SafeGuard toolbar
2013-12-25 10:34 - 2013-12-25 10:34 - 00000000 ____D C:\ProgramData\AVG Security Toolbar
2013-12-25 10:34 - 2013-12-25 10:34 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2013-12-25 10:34 - 2013-12-25 10:34 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-12-22 16:44 - 2013-12-22 16:38 - 00000000 ____D C:\Users\padi1_000\AppData\Local\Avg2014
2013-12-22 16:43 - 2013-12-22 16:43 - 00000000 ____D C:\Users\padi1_000\AppData\Roaming\AVG2014
2013-12-22 16:42 - 2013-12-22 16:42 - 00000790 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-12-22 16:42 - 2013-12-22 16:42 - 00000000 ____D C:\Users\padi1_000\AppData\Roaming\TuneUp Software
2013-12-22 16:42 - 2013-12-22 16:39 - 00000000 ____D C:\ProgramData\AVG2014
2013-12-22 16:42 - 2012-07-26 09:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-12-22 16:40 - 2013-12-22 16:40 - 00000000 ___HD C:\$AVG
2013-12-22 16:38 - 2013-12-22 16:38 - 00000000 ____D C:\Users\padi1_000\AppData\Local\MFAData
2013-12-22 16:37 - 2013-12-22 16:30 - 149157408 _____ (AVG Technologies) C:\Users\padi1_000\Downloads\avg_free_x64_all_2014_4259a6848.exe
2013-12-22 16:30 - 2013-10-17 16:38 - 00000000 ____D C:\ProgramData\Skype
2013-12-22 16:24 - 2013-12-22 16:24 - 00003376 _____ C:\Windows\System32\Tasks\Odkurzacz
2013-12-22 16:24 - 2013-12-22 16:24 - 00000778 _____ C:\Users\padi1_000\Desktop\Odkurzacz.lnk
2013-12-22 16:24 - 2013-12-22 16:23 - 03841551 _____ (FranmoSoftware                                              ) C:\Users\padi1_000\Downloads\odk13.4.0.1685setup.exe
2013-12-22 16:17 - 2013-12-22 16:17 - 00000588 _____ C:\Windows\SynInst.log
2013-12-22 16:17 - 2013-12-22 16:17 - 00000000 ____D C:\ProgramData\Synaptics
2013-12-22 16:17 - 2013-12-22 12:12 - 00000000 ____D C:\Program Files (x86)\WebexpEnhancedV1
2013-12-22 16:17 - 2013-10-18 20:24 - 00000000 ____D C:\Users\padi1_000\AppData\Local\Unity
2013-12-22 16:16 - 2013-12-10 14:03 - 00000000 ____D C:\Program Files (x86)\BetterSurf
2013-12-22 12:13 - 2013-12-10 14:04 - 00000161 _____ C:\extensions.ini
2013-12-18 21:36 - 2013-10-13 18:33 - 00000000 ____D C:\Users\padi1_000\AppData\Local\Packages
2013-12-18 18:27 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-12-17 18:25 - 2013-12-17 18:25 - 00000000 ____D C:\Users\padi1_000\AppData\Roaming\WSPWNOUP2007
2013-12-17 18:06 - 2013-12-17 18:06 - 00001648 _____ C:\Users\padi1_000\Desktop\Wielki słownik PWN-OXFORD.lnk
2013-12-17 18:03 - 2013-12-17 18:01 - 00000000 ____D C:\Users\padi1_000\AppData\Roaming\DAEMON Tools Lite
2013-12-17 18:02 - 2013-12-17 18:02 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-12-17 18:02 - 2013-12-17 18:02 - 00001090 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-12-17 18:02 - 2013-12-17 17:55 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-12-16 14:36 - 2013-10-17 16:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-16 11:55 - 2013-12-16 11:54 - 00422192 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-16 11:55 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-15 23:42 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-12-15 13:40 - 2013-12-15 13:40 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-12-15 13:40 - 2013-12-15 13:40 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-12-15 13:40 - 2013-11-13 20:20 - 00002042 _____ C:\Users\Public\Desktop\Google Slides.lnk
2013-12-15 13:40 - 2013-11-13 20:20 - 00002040 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2013-12-15 13:40 - 2013-11-13 20:20 - 00002030 _____ C:\Users\Public\Desktop\Google Docs.lnk
2013-12-14 22:08 - 2013-10-15 20:49 - 00000000 ____D C:\Windows\system32\MRT
2013-12-14 22:03 - 2013-10-15 20:49 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-13 13:57 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2013-12-13 11:57 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\oobe
2013-12-13 11:56 - 2013-10-13 19:27 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-13 11:56 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2013-12-09 17:48 - 2013-10-18 11:31 - 00000000 ____D C:\Users\padi1_000\AppData\Roaming\BitTorrent
2013-12-07 15:36 - 2013-10-14 20:24 - 00002395 _____ C:\Users\Public\Desktop\Google Chrome.lnk

Some content of TEMP:
====================
C:\Users\padi1_000\AppData\Local\Temp\ICReinstall_otl-by-oldtimer_setup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-19 16:49

==================== End Of Log ============================