Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2013
Ran by admin (administrator) on TATA on 22-09-2013 16:14:50
Running from C:\Users\admin\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

() C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
() C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(BitTorrent Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
() C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
(Microsoft Corporation) C:\Windows\syswow64\svchost.exe
() C:\Users\admin\AppData\Roaming\MSUpdate.exe
() C:\Users\admin\AppData\Roaming\AudioDriver.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Doctor Web, Ltd.) C:\Users\admin\AppData\Local\Temp\6E8FEC60-6BF792A0-49B3D820-4850A940\wg3z7qoq.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
() C:\Program Files (x86)\Opera\16.0.1196.73\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.73\opera.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [802136 2013-05-14] (BitTorrent Inc.)
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKCU\...\Run: [ALLUpdate] - "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep"
HKCU\...\Run: [OscarEditor] - C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [3340288 2012-03-20] ()
HKCU\...\Run: [MSConfig] - C:\Users\admin\AppData\Roaming\MSconfig.exe
HKCU\...\Run: [MSUpdate] - C:\Users\admin\AppData\Roaming\MSUpdate.exe [1099182 2013-09-14] ()
HKCU\...\Run: [AudioDrivers] - C:\Users\admin\AppData\Roaming\AudioDriver.exe [1079350 2013-09-17] ()
HKCU\...\CurrentVersion\Windows: [Load] C:\Users\admin\LOCALS~1\Temp\msbenov.com <===== ATTENTION
MountPoints2: {82ba29a1-aa9a-11e2-8549-5404a6a21426} - I:\Startme.exe
MountPoints2: {f9b5ceea-ec3c-11e1-b486-5404a6a21426} - I:\Startme.exe
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3521424 2012-03-31] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [ApnUpdater] - "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" [x]
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\config.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com/?babsrc=HP_ss&mntrId=245E5404A6A21426&affID=119357&tsp=5008
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www2.delta-search.com/?babsrc=HP_ss&mntrId=245E5404A6A21426&affID=119357&tsp=5008
URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} -  No File
SearchScopes: HKLM-x32 - DefaultScope {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20121224150743260&tb_oid=24-12-2012&tb_mrud=24-12-2012
SearchScopes: HKLM-x32 - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20121224150743260&tb_oid=24-12-2012&tb_mrud=24-12-2012
SearchScopes: HKCU - DefaultScope {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20121224150743260&tb_oid=24-12-2012&tb_mrud=24-12-2012
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=245E5404A6A21426&affID=119357&tsp=5008
SearchScopes: HKCU - {1DF7221F-7D5E-4BA1-8614-A91A676BC539} URL = http://websearch.ask.com/redirect?client=ie&tb=FXTV5&o=101699&src=kw&q={searchTerms}&locale=&apn_ptnrs=^F4&apn_dtid=^YYYYYY^YY^PL&apn_uid=97d1547d-adee-4e42-bfe8-f43e434b64d9&apn_sauid=61639FE7-1AF1-4AC6-8C2C-BA4FD546B18C
SearchScopes: HKCU - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20121224150743260&tb_oid=24-12-2012&tb_mrud=24-12-2012
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll (Delta-search.com)
BHO-x32: Foxit PDF Creator Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM-x32 - Foxit PDF Creator Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll (Delta-search.com)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 62.179.1.62 62.179.1.63
Tcpip\..\Interfaces\{689F192C-6C80-4538-8CFF-54A881450D36}: [NameServer]8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\ba29zmcn.default
FF user.js: detected! => C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\ba29zmcn.default\user.js
FF NewTab: user_pref("browser.newtab.url", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\ba29zmcn.default\searchplugins\askcom.xml
FF Extension: No Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\ba29zmcn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

Chrome: 
=======
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0
CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0
CHR HKLM-x32\...\Chrome\Extension: [aaaaoiagmlcohkmjodefppbmpjdiocmh] - C:\Users\admin\AppData\Local\APN\GoogleCRXs\aaaaoiagmlcohkmjodefppbmpjdiocmh_7.17.6.0.crx
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\admin\AppData\Roaming\BabSolution\CR\Delta.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

==================== Services (Whitelisted) =================

R2 BitGuard; C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2845152 2013-09-10] ()
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x]

==================== Drivers (Whitelisted) ====================

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc)
R3 CX88VID; C:\Windows\System32\drivers\cxavsvid.sys [469248 2007-09-19] (Leadtek Research Inc.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] ()
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2010-12-21] (MCCI Corporation)
S3 zghsdiag; C:\Windows\System32\DRIVERS\zghsdiag.sys [122624 2011-01-13] (ZTE Incorporated)
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [122624 2011-01-13] (ZTE Incorporated)
S3 zghsnmea; C:\Windows\System32\DRIVERS\zghsnmea.sys [122624 2011-01-13] (ZTE Incorporated)
S3 ALSysIO; \??\C:\Users\admin\AppData\Local\Temp\ALSysIO64.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-22 16:13 - 2013-09-22 16:13 - 00000000 ____D C:\FRST
2013-09-22 16:09 - 2013-09-22 16:09 - 00602112 _____ (OldTimer Tools) C:\Users\admin\Downloads\OTL.exe
2013-09-22 16:09 - 2013-09-22 16:09 - 00377856 _____ C:\Users\admin\Downloads\t2lyfcd5.exe
2013-09-22 16:08 - 2013-09-22 16:08 - 01956670 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2013-09-22 15:58 - 2013-09-22 15:58 - 00187792 _____ (Kaspersky Lab) C:\Users\admin\Downloads\kss12.0.1.340_pl.exe
2013-09-18 15:07 - 2013-09-22 14:39 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-09-18 08:58 - 2013-09-18 08:58 - 00685248 _____ C:\Users\admin\Downloads\Dr.WEB-CureIt(12976) (2).exe
2013-09-18 08:22 - 2013-09-18 08:22 - 00685248 _____ C:\Users\admin\Downloads\Dr.WEB-CureIt(12976) (1).exe
2013-09-18 08:21 - 2013-09-18 08:21 - 00685248 _____ C:\Users\admin\Downloads\Dr.WEB-CureIt(12976).exe
2013-09-17 17:00 - 2013-09-17 17:00 - 00001139 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-17 17:00 - 2013-09-17 17:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-17 16:13 - 2013-09-17 16:13 - 00594864 _____ C:\Users\admin\Downloads\firefox.exe
2013-09-17 16:04 - 2013-09-17 16:04 - 00000000 ____D C:\Nowy folder
2013-09-17 14:13 - 2013-09-17 14:13 - 01079350 ___SH C:\Users\admin\AppData\Roaming\AudioDriver.exe
2013-09-17 13:06 - 2013-09-17 13:06 - 00000000 ____D C:\Users\admin\AppData\Local\avgchrome
2013-09-15 17:55 - 2013-09-17 13:08 - 00000000 ____D C:\Program Files (x86)\Opera
2013-09-15 17:55 - 2013-09-15 17:55 - 00001121 _____ C:\Users\Public\Desktop\Opera.lnk
2013-09-15 17:55 - 2013-09-15 17:55 - 00000000 ____D C:\Users\admin\AppData\Roaming\Opera Software
2013-09-15 17:55 - 2013-09-15 17:55 - 00000000 ____D C:\Users\admin\AppData\Local\Opera Software
2013-09-15 17:54 - 2013-09-17 16:14 - 00000000 ____D C:\Users\admin\AppData\Roaming\0F1F1C2Y1H1P1C0I0T
2013-09-15 17:54 - 2013-09-17 16:13 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-15 17:54 - 2013-09-15 17:54 - 31126536 _____ (Opera Software ASA) C:\Users\admin\Downloads\opera [1].exe
2013-09-15 17:54 - 2013-09-15 17:54 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-09-15 17:54 - 2013-09-15 17:54 - 00000000 ____D C:\Users\admin\AppData\Roaming\Delta
2013-09-15 17:54 - 2013-09-15 17:54 - 00000000 ____D C:\Users\admin\AppData\Roaming\Babylon
2013-09-15 17:54 - 2013-09-15 17:54 - 00000000 ____D C:\Users\admin\AppData\Roaming\BabSolution
2013-09-15 17:54 - 2013-09-15 17:54 - 00000000 ____D C:\ProgramData\BitGuard
2013-09-15 17:54 - 2013-09-15 17:54 - 00000000 ____D C:\ProgramData\Babylon
2013-09-15 17:54 - 2013-09-15 17:54 - 00000000 ____D C:\Program Files (x86)\Delta
2013-09-15 17:53 - 2013-09-15 17:53 - 00600048 _____ C:\Users\admin\Downloads\opera.exe
2013-09-14 17:05 - 2013-09-14 17:05 - 01099182 ___SH C:\Users\admin\AppData\Roaming\MSUpdate.exe
2013-09-14 17:05 - 2013-09-14 17:05 - 00000000 ____D C:\adfsadjfosag
2013-09-11 20:28 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 20:28 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 20:28 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 20:28 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 20:28 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 20:28 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 20:28 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 20:28 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 20:28 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 20:28 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 20:28 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 20:28 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 20:28 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 20:28 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 20:28 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 20:28 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-11 20:28 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 20:28 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 20:28 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 20:28 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 20:28 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 20:28 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 20:28 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 20:27 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 20:27 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 20:27 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 20:27 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 20:27 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 20:27 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 20:27 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 20:27 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 19:31 - 2013-09-18 08:23 - 130333632 _____ C:\Users\admin\Downloads\launch.exe
2013-09-11 18:39 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 18:38 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 18:38 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 18:38 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 18:38 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 18:38 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 18:38 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 18:38 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 18:38 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 18:38 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 18:38 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 18:38 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 18:38 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 18:38 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 18:38 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 18:38 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 18:38 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 18:38 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 18:38 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 18:38 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 18:38 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 18:38 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 18:37 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 18:37 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 18:37 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 18:37 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 18:37 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll

==================== One Month Modified Files and Folders =======

2013-09-22 16:13 - 2013-09-22 16:13 - 00000000 ____D C:\FRST
2013-09-22 16:11 - 2012-03-18 19:32 - 00000000 ____D C:\Users\admin\AppData\Roaming\uTorrent
2013-09-22 16:11 - 2009-07-14 06:45 - 00021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-22 16:11 - 2009-07-14 06:45 - 00021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-22 16:09 - 2013-09-22 16:09 - 00602112 _____ (OldTimer Tools) C:\Users\admin\Downloads\OTL.exe
2013-09-22 16:09 - 2013-09-22 16:09 - 00377856 _____ C:\Users\admin\Downloads\t2lyfcd5.exe
2013-09-22 16:08 - 2013-09-22 16:08 - 01956670 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2013-09-22 16:08 - 2012-07-19 10:17 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-22 16:06 - 2012-03-29 21:00 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-22 16:06 - 2012-03-29 20:59 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-22 15:58 - 2013-09-22 15:58 - 00187792 _____ (Kaspersky Lab) C:\Users\admin\Downloads\kss12.0.1.340_pl.exe
2013-09-22 15:08 - 2012-07-19 10:17 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-22 15:08 - 2012-07-19 10:17 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-22 15:08 - 2012-03-18 19:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-22 15:07 - 2012-03-19 02:00 - 02077944 _____ C:\Windows\WindowsUpdate.log
2013-09-22 15:05 - 2012-03-18 19:22 - 00000000 ____D C:\Users\admin\AppData\Local\Mozilla
2013-09-22 15:01 - 2013-04-23 18:30 - 00000276 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-09-22 14:56 - 2012-03-29 20:59 - 00001042 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-22 14:48 - 2011-02-04 19:55 - 00697896 _____ C:\Windows\system32\perfh015.dat
2013-09-22 14:48 - 2011-02-04 19:55 - 00135006 _____ C:\Windows\system32\perfc015.dat
2013-09-22 14:48 - 2009-07-14 07:13 - 01569162 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-22 14:39 - 2013-09-18 15:07 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-09-22 14:39 - 2012-03-18 19:01 - 00000000 ___RD C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-22 14:38 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-22 14:38 - 2009-07-14 06:51 - 00094202 _____ C:\Windows\setupact.log
2013-09-19 19:12 - 2010-11-21 05:47 - 00534686 _____ C:\Windows\PFRO.log
2013-09-18 08:58 - 2013-09-18 08:58 - 00685248 _____ C:\Users\admin\Downloads\Dr.WEB-CureIt(12976) (2).exe
2013-09-18 08:23 - 2013-09-11 19:31 - 130333632 _____ C:\Users\admin\Downloads\launch.exe
2013-09-18 08:22 - 2013-09-18 08:22 - 00685248 _____ C:\Users\admin\Downloads\Dr.WEB-CureIt(12976) (1).exe
2013-09-18 08:21 - 2013-09-18 08:21 - 00685248 _____ C:\Users\admin\Downloads\Dr.WEB-CureIt(12976).exe
2013-09-18 08:11 - 2006-03-19 02:42 - 00000000 ___HD C:\Users\admin\AppData\Roaming\245E05C3
2013-09-17 18:54 - 2012-04-05 18:54 - 00000000 ____D C:\TATA  EROTYKA
2013-09-17 17:00 - 2013-09-17 17:00 - 00001139 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-17 17:00 - 2013-09-17 17:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-17 17:00 - 2013-08-17 11:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-17 16:14 - 2013-09-15 17:54 - 00000000 ____D C:\Users\admin\AppData\Roaming\0F1F1C2Y1H1P1C0I0T
2013-09-17 16:13 - 2013-09-17 16:13 - 00594864 _____ C:\Users\admin\Downloads\firefox.exe
2013-09-17 16:13 - 2013-09-15 17:54 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-17 16:04 - 2013-09-17 16:04 - 00000000 ____D C:\Nowy folder
2013-09-17 14:13 - 2013-09-17 14:13 - 01079350 ___SH C:\Users\admin\AppData\Roaming\AudioDriver.exe
2013-09-17 13:08 - 2013-09-15 17:55 - 00000000 ____D C:\Program Files (x86)\Opera
2013-09-17 13:06 - 2013-09-17 13:06 - 00000000 ____D C:\Users\admin\AppData\Local\avgchrome
2013-09-15 19:13 - 2013-06-15 16:27 - 00000000 ____D C:\Windows\rescache
2013-09-15 17:55 - 2013-09-15 17:55 - 00001121 _____ C:\Users\Public\Desktop\Opera.lnk
2013-09-15 17:55 - 2013-09-15 17:55 - 00000000 ____D C:\Users\admin\AppData\Roaming\Opera Software
2013-09-15 17:55 - 2013-09-15 17:55 - 00000000 ____D C:\Users\admin\AppData\Local\Opera Software
2013-09-15 17:54 - 2013-09-15 17:54 - 31126536 _____ (Opera Software ASA) C:\Users\admin\Downloads\opera [1].exe
2013-09-15 17:54 - 2013-09-15 17:54 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-09-15 17:54 - 2013-09-15 17:54 - 00000000 ____D C:\Users\admin\AppData\Roaming\Delta
2013-09-15 17:54 - 2013-09-15 17:54 - 00000000 ____D C:\Users\admin\AppData\Roaming\Babylon
2013-09-15 17:54 - 2013-09-15 17:54 - 00000000 ____D C:\Users\admin\AppData\Roaming\BabSolution
2013-09-15 17:54 - 2013-09-15 17:54 - 00000000 ____D C:\ProgramData\BitGuard
2013-09-15 17:54 - 2013-09-15 17:54 - 00000000 ____D C:\ProgramData\Babylon
2013-09-15 17:54 - 2013-09-15 17:54 - 00000000 ____D C:\Program Files (x86)\Delta
2013-09-15 17:53 - 2013-09-15 17:53 - 00600048 _____ C:\Users\admin\Downloads\opera.exe
2013-09-15 17:12 - 2010-09-27 13:25 - 00000000 ____D C:\MAMA FILMY
2013-09-14 17:05 - 2013-09-14 17:05 - 01099182 ___SH C:\Users\admin\AppData\Roaming\MSUpdate.exe
2013-09-14 17:05 - 2013-09-14 17:05 - 00000000 ____D C:\adfsadjfosag
2013-09-13 18:55 - 2012-03-18 19:01 - 00000000 ___RD C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 18:55 - 2009-07-14 06:45 - 00417016 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 20:27 - 2012-04-24 19:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-11 18:30 - 2013-04-23 18:30 - 00000284 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-08-29 20:31 - 2012-03-18 19:00 - 00000000 ____D C:\Users\admin
2013-08-23 20:37 - 2012-05-16 18:32 - 00000000 ____D C:\faktury  za prąd i  gaz

Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\0000d6fd.exe
C:\Users\admin\AppData\Local\Temp\0000de2d.exe
C:\Users\admin\AppData\Local\Temp\0000e09d.exe
C:\Users\admin\AppData\Local\Temp\0000e5bc.exe
C:\Users\admin\AppData\Local\Temp\0000fe2c.exe
C:\Users\admin\AppData\Local\Temp\000157b0.exe
C:\Users\admin\AppData\Local\Temp\003aae78.exe
C:\Users\admin\AppData\Local\Temp\004a840e.exe
C:\Users\admin\AppData\Local\Temp\004b1065.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-15 19:05

==================== End Of Log ============================