Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-09-2013 03
Ran by Administrator (administrator) on COMPAQ-NC2400 on 03-09-2013 23:03:06
Running from C:\Documents and Settings\Administrator\Desktop\Fixitpc
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\WINDOWS\System32\SCardSvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Hewlett-Packard Corporation) C:\WINDOWS\system32\AccelerometerSt.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
() C:\WINDOWS\SMINST\Scheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqtgsvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\tv_w32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Broadcom Corporation.) C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MsmqIntCert] - regsvr32 /s mqrt.dll [x]
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [925696 2005-05-20] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAX] - C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [716800 2005-05-07] (Analog Devices, Inc.)
HKLM\...\Run: [AccelerometerSysTrayApplet] - C:\WINDOWS\system32\AccelerometerSt.exe [53248 2006-01-17] (Hewlett-Packard Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761946 2006-03-31] (Synaptics, Inc.)
HKLM\...\Run: [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe [77824 2006-03-14] (Intel Corporation)
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [118784 2006-03-14] (Intel Corporation)
HKLM\...\Run: [QlbCtrl] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [131072 2006-05-08] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Cpqset] - C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [40960 2006-05-02] ()
HKLM\...\Run: [Recguard] - C:\WINDOWS\Sminst\Recguard.exe [1187840 2005-12-21] ()
HKLM\...\Run: [Reminder] - C:\WINDOWS\Creator\Remind_XP.exe [806912 2006-03-10] ()
HKLM\...\Run: [Scheduler] - C:\WINDOWS\SMINST\Scheduler.exe [892928 2006-02-15] ()
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-08-30] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoDriveAutoRun] 3
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 0
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0
HKCU\...\Policies\Explorer: [NoDriveAutoRun] 3
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

ProxyServer: 10.10.30.40:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKCU - {AF47926E-C9F2-404E-B766-621693B45A2F} URL = http://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10267&src=crm&q={searchTerms}&locale=en_PL&apn_ptnrs=^AGY&apn_dtid=^YYYYYY^YY^PL&apn_uid=181f7b06-417c-4437-924f-0e4e754e971b&apn_sauid=7A015740-97EE-4B18-9143-97EB2F7F0CF1
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{CE60A2E6-D776-4D34-8770-A13B0015DD8B}: [NameServer]192.168.1.254

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qw3hioi9.default
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF Homepage: https://www.google.pl/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Extension: BPH Sign Plugin - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qw3hioi9.default\Extensions\SignPlugin@bph.pl
FF Extension: PEKAO S.A. Sign Plugin - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qw3hioi9.default\Extensions\SignPlugin@pekao.pl
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

========================== Services (Whitelisted) =================

S3 AddFiltr; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe [98304 2006-05-08] (Hewlett-Packard Development Company, L.P.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-08-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-30] (Avira Operations GmbH & Co. KG)
R2 MSMQ; C:\WINDOWS\system32\mqsvc.exe [4608 2008-04-14] (Microsoft Corporation)
R2 MSMQTriggers; C:\WINDOWS\system32\mqtgsvc.exe [117248 2008-04-14] (Microsoft Corporation)
S2 PCA; C:\WINDOWS\SMINST\PCAngel.exe [294912 2006-01-12] (SoftThinks)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

R3 AEAudioService; C:\Windows\System32\drivers\AEAudio.sys [152960 2005-06-07] (Andrea Electronics Corporation)
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [130432 2006-03-30] (AuthenTec, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-08-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-08-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-31] (Avira Operations GmbH & Co. KG)
R3 b57w2k; C:\Windows\System32\DRIVERS\b57xp32.sys [142720 2006-01-12] (Broadcom Corporation)
R3 BTKRNL; C:\Windows\System32\DRIVERS\btkrnl.sys [1342602 2006-02-27] (Broadcom Corporation.)
R3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [57096 2006-02-27] (Broadcom Corporation.)
S3 BulkUsb; C:\Windows\System32\Drivers\VoIPUSBDriver.sys [149504 2005-09-16] (Windows (R) Server 2003 DDK provider)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R1 eabfiltr; C:\Windows\System32\DRIVERS\eabfiltr.sys [7808 2005-09-19] (Hewlett-Packard Development Company, L.P.)
S3 eabusb; C:\Windows\System32\DRIVERS\eabusb.sys [5760 2005-09-19] (Hewlett-Packard Development Company, L.P.)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
R3 GTIPCI21; C:\Windows\System32\DRIVERS\gtipci21.sys [87808 2006-02-28] (Texas Instruments)
R3 HSFHWAZL; C:\Windows\System32\DRIVERS\HSFHWAZL.sys [201600 2006-01-30] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [1035008 2006-01-30] (Conexant Systems, Inc.)
R3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [1402559 2006-03-14] (Intel Corporation)
R3 IFXTPM; C:\Windows\System32\DRIVERS\IFXTPM.SYS [36608 2006-04-25] (Infineon Technologies AG)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
R3 MQAC; C:\WINDOWS\system32\drivers\mqac.sys [92544 2008-04-14] (Microsoft Corporation)
R3 NETwLx32; C:\Windows\System32\DRIVERS\NETwLx32.sys [6609920 2010-10-07] (Intel Corporation)
S3 PortTalk; C:\Windows\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic http://www.beyondlogic.org)
S3 prwntdrv; C:\WINDOWS\system32\prwntdrv.sys [13064 2010-08-25] ()
S3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 SMCIRDA; C:\Windows\System32\DRIVERS\smcirda.sys [35913 2001-08-17] (SMC)
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 w39n51; C:\Windows\System32\DRIVERS\w39n51.sys [1428096 2006-01-19] (Intel® Corporation)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-03 19:37 - 2013-09-03 19:41 - 00004743 _____ C:\UsbFix [Scan 1] COMPAQ-NC2400.txt
2013-09-03 19:30 - 2013-09-03 19:31 - 00004737 _____ C:\UsbFix [Listing 2 ] COMPAQ-NC2400.txt
2013-09-03 19:27 - 2013-09-03 19:27 - 00004659 _____ C:\UsbFix [Listing 1 ] COMPAQ-NC2400.txt
2013-09-03 19:26 - 2013-09-03 19:41 - 00000000 ____D C:\UsbFix
2013-09-03 19:23 - 2013-09-03 19:23 - 00000000 ____D C:\FRST
2013-08-28 08:40 - 2013-08-28 08:41 - 00004954 _____ C:\WINDOWS\KB2834902-v2.log
2013-08-28 08:40 - 2013-08-28 08:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834902-v2_WM10$
2013-08-20 21:29 - 2013-08-20 21:30 - 00020379 _____ C:\WINDOWS\KB2862772-IE8.log
2013-08-20 21:24 - 2013-08-20 21:24 - 00013178 _____ C:\WINDOWS\KB2863058.log
2013-08-20 21:24 - 2013-08-20 21:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-20 21:24 - 2013-08-20 21:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-20 21:24 - 2013-08-20 21:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-20 21:23 - 2013-08-20 21:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-19 01:45 - 2013-08-20 20:22 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-19 00:52 - 2013-08-20 21:24 - 00026431 _____ C:\WINDOWS\KB2859537.log
2013-08-19 00:52 - 2013-08-20 21:24 - 00025527 _____ C:\WINDOWS\KB2850869.log
2013-08-14 01:22 - 2013-08-14 01:22 - 06090842 _____ C:\Documents and Settings\Administrator\My Documents\2013-08-14_01_21_DRW_CR.rsf
2013-08-12 21:13 - 2013-08-12 21:13 - 00001026 _____ C:\Documents and Settings\All Users\Desktop\EaseUS Partition Recovery 5.6.1.lnk
2013-08-12 21:13 - 2012-11-13 09:41 - 00099400 _____ C:\WINDOWS\system32\setupprwdrv03.exe
2013-08-12 21:13 - 2010-08-25 19:39 - 00013064 _____ C:\WINDOWS\system32\prwntdrv.sys
2013-08-12 21:03 - 2013-08-13 07:37 - 00000000 ____D C:\Program Files\Recuva
2013-08-12 21:03 - 2013-08-12 21:03 - 00001512 _____ C:\Documents and Settings\All Users\Desktop\Recuva.lnk
2013-08-12 20:58 - 2013-08-12 20:58 - 00000975 _____ C:\Documents and Settings\Administrator\Desktop\PC Inspector File Recovery.lnk
2013-08-12 20:58 - 2013-08-12 20:58 - 00000000 ____D C:\Program Files\Convar
2013-08-12 20:58 - 2013-08-12 20:58 - 00000000 ____D C:\Documents and Settings\Administrator\Start Menu\Programs\Convar
2013-08-05 01:46 - 2013-08-05 01:46 - 00001703 _____ C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk
2013-08-05 01:46 - 2013-06-09 21:59 - 00216064 _____ C:\WINDOWS\system32\gcapi_dll.dll

==================== One Month Modified Files and Folders =======

2013-09-03 23:02 - 2013-09-03 22:35 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\Fixitpc
2013-09-03 23:02 - 2012-06-13 22:49 - 00000000 ____D C:\Documents and Settings\Administrator\My Documents\Pobieranie
2013-09-03 23:00 - 2012-11-03 14:01 - 00000424 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{096449AF-03CB-43F4-A146-141A58EEE1DB}.job
2013-09-03 23:00 - 2012-06-13 21:10 - 00000438 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{0529E6A0-E2E3-4B3B-B4CA-CDF602251560}.job
2013-09-03 22:29 - 2004-08-07 15:19 - 01769671 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-03 22:28 - 2004-08-07 15:19 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2013-09-03 22:26 - 2006-07-05 12:39 - 00000000 ____D C:\WINDOWS\SMINST
2013-09-03 22:26 - 2004-08-07 15:19 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-03 22:21 - 2004-08-07 15:19 - 00982221 _____ C:\WINDOWS\setupapi.log
2013-09-03 22:21 - 2004-08-07 15:19 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2013-09-03 22:08 - 2006-07-05 11:58 - 00000000 ____D C:\Documents and Settings\Administrator
2013-09-03 22:08 - 2004-08-07 15:19 - 00032480 _____ C:\WINDOWS\SchedLgU.Txt
2013-09-03 21:25 - 2012-06-14 00:01 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-09-03 19:41 - 2013-09-03 19:37 - 00004743 _____ C:\UsbFix [Scan 1] COMPAQ-NC2400.txt
2013-09-03 19:41 - 2013-09-03 19:26 - 00000000 ____D C:\UsbFix
2013-09-03 19:31 - 2013-09-03 19:30 - 00004737 _____ C:\UsbFix [Listing 2 ] COMPAQ-NC2400.txt
2013-09-03 19:27 - 2013-09-03 19:27 - 00004659 _____ C:\UsbFix [Listing 1 ] COMPAQ-NC2400.txt
2013-09-03 19:23 - 2013-09-03 19:23 - 00000000 ____D C:\FRST
2013-08-30 00:03 - 2012-11-03 13:55 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2013-08-30 00:03 - 2012-11-03 13:55 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2013-08-28 08:41 - 2013-08-28 08:40 - 00004954 _____ C:\WINDOWS\KB2834902-v2.log
2013-08-28 08:41 - 2004-08-07 15:18 - 01501170 _____ C:\WINDOWS\iis6.log
2013-08-28 08:41 - 2004-08-07 15:18 - 00623632 _____ C:\WINDOWS\tsoc.log
2013-08-28 08:41 - 2004-08-07 15:07 - 00462701 _____ C:\WINDOWS\comsetup.log
2013-08-28 08:41 - 2004-08-07 15:07 - 00280404 _____ C:\WINDOWS\ntdtcsetup.log
2013-08-28 08:41 - 2004-08-07 15:07 - 00074777 _____ C:\WINDOWS\ocmsn.log
2013-08-28 08:41 - 2004-08-07 15:07 - 00068315 _____ C:\WINDOWS\tabletoc.log
2013-08-28 08:41 - 2004-08-07 15:07 - 00001374 _____ C:\WINDOWS\imsins.log
2013-08-28 08:41 - 2004-08-07 15:00 - 01345764 _____ C:\WINDOWS\FaxSetup.log
2013-08-28 08:41 - 2004-08-07 15:00 - 00660043 _____ C:\WINDOWS\ocgen.log
2013-08-28 08:41 - 2004-08-07 15:00 - 00236387 _____ C:\WINDOWS\netfxocm.log
2013-08-28 08:41 - 2004-08-07 15:00 - 00094174 _____ C:\WINDOWS\MedCtrOC.log
2013-08-28 08:41 - 2004-08-07 15:00 - 00067718 _____ C:\WINDOWS\msgsocm.log
2013-08-28 08:41 - 2004-08-07 14:59 - 00372072 _____ C:\WINDOWS\msmqinst.log
2013-08-28 08:40 - 2013-08-28 08:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834902-v2_WM10$
2013-08-27 08:45 - 2013-05-07 21:10 - 00001720 ____H C:\Documents and Settings\Administrator\My Documents\Default.rdp
2013-08-23 17:36 - 2013-04-02 20:45 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\CallingID
2013-08-23 02:17 - 2012-09-24 02:45 - 00000793 _____ C:\Documents and Settings\Administrator\.Xauthority
2013-08-23 02:17 - 2012-09-24 02:43 - 00000000 ____D C:\Documents and Settings\Administrator\.nx
2013-08-20 21:47 - 2006-07-05 11:58 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-08-20 21:36 - 2012-06-13 19:06 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-20 21:30 - 2013-08-20 21:29 - 00020379 _____ C:\WINDOWS\KB2862772-IE8.log
2013-08-20 21:30 - 2006-07-05 12:19 - 00172579 _____ C:\WINDOWS\updspapi.log
2013-08-20 21:30 - 2004-08-07 15:07 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-08-20 21:29 - 2013-07-23 01:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-20 21:29 - 2012-06-13 22:08 - 00000000 ____D C:\WINDOWS\ie8updates
2013-08-20 21:25 - 2012-06-13 22:17 - 75778376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-20 21:24 - 2013-08-20 21:24 - 00013178 _____ C:\WINDOWS\KB2863058.log
2013-08-20 21:24 - 2013-08-20 21:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-20 21:24 - 2013-08-20 21:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-20 21:24 - 2013-08-20 21:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-20 21:24 - 2013-08-19 00:52 - 00026431 _____ C:\WINDOWS\KB2859537.log
2013-08-20 21:24 - 2013-08-19 00:52 - 00025527 _____ C:\WINDOWS\KB2850869.log
2013-08-20 21:24 - 2012-06-13 22:10 - 00023522 _____ C:\WINDOWS\system32\TZLog.log
2013-08-20 21:23 - 2013-08-20 21:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-20 21:21 - 2004-08-07 15:14 - 00516642 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-20 20:25 - 2012-06-14 00:01 - 00692104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-08-20 20:25 - 2012-06-14 00:01 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-08-20 20:22 - 2013-08-19 01:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-20 20:19 - 2013-03-24 16:55 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2013-08-20 20:18 - 2006-07-05 11:58 - 00000000 ____D C:\WINDOWS\Registration
2013-08-14 01:22 - 2013-08-14 01:22 - 06090842 _____ C:\Documents and Settings\Administrator\My Documents\2013-08-14_01_21_DRW_CR.rsf
2013-08-13 07:37 - 2013-08-12 21:03 - 00000000 ____D C:\Program Files\Recuva
2013-08-12 21:13 - 2013-08-12 21:13 - 00001026 _____ C:\Documents and Settings\All Users\Desktop\EaseUS Partition Recovery 5.6.1.lnk
2013-08-12 21:12 - 2013-07-18 19:17 - 00000000 ____D C:\Program Files\EaseUS
2013-08-12 21:03 - 2013-08-12 21:03 - 00001512 _____ C:\Documents and Settings\All Users\Desktop\Recuva.lnk
2013-08-12 20:58 - 2013-08-12 20:58 - 00000975 _____ C:\Documents and Settings\Administrator\Desktop\PC Inspector File Recovery.lnk
2013-08-12 20:58 - 2013-08-12 20:58 - 00000000 ____D C:\Program Files\Convar
2013-08-12 20:58 - 2013-08-12 20:58 - 00000000 ____D C:\Documents and Settings\Administrator\Start Menu\Programs\Convar
2013-08-12 20:28 - 2013-08-01 08:11 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\testdisk-6.14
2013-08-05 01:46 - 2013-08-05 01:46 - 00001703 _____ C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk

Files to move or delete:
====================
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Checkupdate.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Foxit Reader Updater.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gcapi_dll.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gtapi_signed.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================