Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by aim (administrator) on AIM-KOMPUTER on 08-10-2013 09:33:44
Running from C:\Users\aim\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(Microsoft Corporation) C:\windows\System32\lpksetup.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
() C:\windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
(cake bake) C:\Program Files (x86)\Betcat\WBDesktop.Updater.1.0.0.16.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Bake Cake) C:\Users\aim\AppData\Roaming\Betcat\WebCakeDesktop.exe
(Huawei Technologies Co., Ltd.) C:\Users\aim\AppData\Roaming\PLAY ONLINE\ouc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
() C:\Program Files (x86)\AVG Nation toolbar\vprot.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-06-25] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-13] (ELAN Microelectronics Corp.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [HW_OPENEYE_OUC_PLAY ONLINE] - C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [110592 2009-04-14] (Huawei Technologies Co., Ltd.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKCU\...\Run: [Facebook Update] - C:\Users\aim\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-28] (Facebook Inc.)
HKCU\...\Run: [WebCake Desktop] - C:\Users\aim\AppData\Roaming\Betcat\WebCakeDesktop.exe [52504 2013-08-10] (Bake Cake)
HKCU\...\Run: [AVG-Secure-Search-Update_0913b] - C:\Users\aim\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 04cc74ce812347d3b2000de037d39e2f-15829789e7e4b7edf624e1274554b05741fdd2b1 --CMPID 0913b
MountPoints2: F - F:\AutoRun.exe
MountPoints2: {30da75eb-fa52-11e0-9b9a-dca9713777dc} - F:\AutoRun.exe
MountPoints2: {30da7600-fa52-11e0-9b9a-dca9713777dc} - F:\AutoRun.exe
MountPoints2: {769e484a-3614-11e1-85b4-dca9713777dc} - F:\AutoRun.exe
MountPoints2: {8535edc7-3dd2-11e1-b6a9-dca9713777dc} - F:\AutoRun.exe
MountPoints2: {8d6c6146-000b-11e1-b0a2-dca9713777dc} - F:\AutoRun.exe
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-08-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Nation toolbar\vprot.exe [2403144 2013-10-01] ()
AppInit_DLLs: C:\windows\system32\nvinitx.dll [226920 2011-05-04] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll c:\windows\syswow64\nvinit.dll [192616 2011-05-04] (NVIDIA Corporation)
Startup: C:\Users\aim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=121845&babsrc=HP_ss_gin2g&mntrId=2E3BDCA9713777D9
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=121845&babsrc=HP_ss_gin2g&mntrId=2E3BDCA9713777D9
URLSearchHook: (No Name) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} -  No File
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&affID=109217&tt=280612_7_&babsrc=SP_ss&mntrId=2e3be964000000000000dca9713777d9
SearchScopes: HKCU - {4137C066-F994-4BA7-9EB3-8C8CD1A7B86A} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3225826
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {602A48DB-70AE-479C-ADC6-F69CF35AF48C} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=E6E1EBAB-0AE3-40F6-80BE-98C58F2BA4D2&apn_sauid=E183CBC8-E395-42D6-B57D-4E52931F9EB3
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://avg.nation.com/avgtbavg/search/web?cid={98BC009D-B781-43CB-83CE-28A41AEB793A}&mid=04cc74ce812347d3b2000de037d39e2f-15829789e7e4b7edf624e1274554b05741fdd2b1&lang=pl&ds=AVG&coid=avgtbavg&pr=fr&d=2013-09-28 09:00:48&v=17.0.1.12&pid=nation&sg=0&sap=dsp&q={searchTerms}&cmpid=0913b
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: WebCake - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\Betcat\WebCakeIEClient.dll (Bake-Cake)
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG Nation toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Nation toolbar\17.0.1.12\AVG Nation toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Samsung BHO Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - AVG Nation toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Nation toolbar\17.0.1.12\AVG Nation toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKCU -  No Name - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} -  No File
Toolbar: HKCU -  No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 95.160.170.92 88.156.222.92 82.139.8.40
Tcpip\..\Interfaces\{3DE158B7-AAED-4F4C-8546-059DF64F893B}: [NameServer]89.108.195.20 217.17.34.10
Tcpip\..\Interfaces\{4777209A-C734-4A58-AA62-B6AFFD95A1BC}: [NameServer]89.108.195.20 217.17.34.10
Tcpip\..\Interfaces\{958D5DDE-4702-4B75-BFE1-C9229BE5E607}: [NameServer]89.108.195.20 217.17.34.10
Tcpip\..\Interfaces\{AAFD8BC4-5423-49F8-8025-D62E6CB71EA6}: [NameServer]89.108.195.21 217.17.34.10
Tcpip\..\Interfaces\{C4134C15-B7FB-4FA7-8FAC-1F7534B2A9EA}: [NameServer]89.108.195.20 217.17.34.10

FireFox:
========
FF ProfilePath: C:\Users\aim\AppData\Roaming\Mozilla\Firefox\Profiles\yki3k81p.default
FF user.js: detected! => C:\Users\aim\AppData\Roaming\Mozilla\Firefox\Profiles\yki3k81p.default\user.js
FF NewTab: hxxp://www.delta-search.com/?affID=121845&babsrc=NT_ss&mntrId=2E3BDCA9713777D9
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Delta Search
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @idsoftware.com/QuakeLive - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\aim\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\aim\AppData\Roaming\Mozilla\Firefox\Profiles\yki3k81p.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\aim\AppData\Roaming\Mozilla\Firefox\Profiles\yki3k81p.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\aim\AppData\Roaming\Mozilla\Firefox\Profiles\yki3k81p.default\searchplugins\delta.xml
FF Extension: Delta Toolbar - C:\Users\aim\AppData\Roaming\Mozilla\Firefox\Profiles\yki3k81p.default\Extensions\ffxtlbr@delta.com
FF Extension: WebCake - C:\Users\aim\AppData\Roaming\Mozilla\Firefox\Profiles\yki3k81p.default\Extensions\plugin@getwebcake.com
FF Extension: BitTorrentControl_v12  - C:\Users\aim\AppData\Roaming\Mozilla\Firefox\Profiles\yki3k81p.default\Extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
FF Extension: No Name - C:\Users\aim\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions
FF Extension: OneClickDownloader - C:\Users\aim\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com
FF Extension: No Name - C:\Users\aim\AppData\Roaming\Mozilla\Firefox\profiles\extensions\user.js
FF Extension: Babylon - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\
FF Extension: Symantec IPS - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2

Chrome: 
=======
CHR HomePage: hxxp://search.babylon.com/?affID=121845&babsrc=HP_ss_gin2g&mntrId=2E3BDCA9713777D9
CHR RestoreOnStartup: "hxxp://search.babylon.com/?affID=121845&babsrc=HP_ss_gin2g&mntrId=2E3BDCA9713777D9",  "hxxp://www.delta-search.com/?affID=121845&babsrc=HP_ss&mntrId=2E3BDCA9713777D9"
CHR DefaultSearchURL: (Babylon) - http://search.babylon.com/?q={searchTerms}&affID=121845&babsrc=SP_ss_gin2g&mntrId=2E3BDCA9713777D9
CHR DefaultSuggestURL: (Babylon) -         "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll No File
CHR Plugin: (Babylon ToolBar) - C:\Users\aim\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll No File
CHR Plugin: (Conduit Chrome Plugin) - C:\Users\aim\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Live0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (QUAKE LIVE) - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\aim\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (YouTube) - C:\Users\aim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\aim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (BitTorrentControl_v12) - C:\Users\aim\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf\2.3.19.11_0
CHR Extension: (Delta Toolbar) - C:\Users\aim\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0
CHR Extension: (WebCake) - C:\Users\aim\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0
CHR Extension: (Gmail) - C:\Users\aim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\aim\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\aim\AppData\Roaming\BabSolution\CR\Delta.crx
CHR HKLM-x32\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files (x86)\Betcat\WebCakeLayers.crx
CHR HKLM-x32\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files (x86)\1ClickDownload\oneclickdownloader10.crx

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-06-28] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] ()
R2 vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1733448 2013-10-01] (AVG Secure Search)
R2 WebCake Desktop Updater; C:\Program Files (x86)\Betcat\WBDesktop.Updater.1.0.0.16.exe [51992 2013-08-23] (cake bake)

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-09-05] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [46368 2013-10-01] (AVG Technologies)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20100810.004\BHDrvx64.sys [945200 2010-08-09] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20100810.004\BHDrvx64.sys [945200 2010-08-09] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-11-14] (DT Soft Ltd)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20100706.002\IDSVia64.sys [463408 2010-06-27] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20100706.002\IDSVia64.sys [463408 2010-06-27] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20100813.009\ENG64.SYS [117808 2010-08-13] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20100813.009\ENG64.SYS [117808 2010-08-13] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20100813.009\EX64.SYS [1791536 2010-08-13] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20100813.009\EX64.SYS [1791536 2010-08-13] (Symantec Corporation)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-09-16] (Windows (R) 2003 DDK 3790 provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-09-16] (Windows (R) 2003 DDK 3790 provider)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-15] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2013-07-03] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-21] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-08 09:32 - 2013-10-08 09:32 - 00000000 ____D C:\FRST
2013-10-08 09:31 - 2013-10-08 09:31 - 01954124 _____ (Farbar) C:\Users\aim\Desktop\FRST64.exe
2013-10-03 11:01 - 2013-10-03 11:01 - 00000000 ____D C:\Users\aim\AppData\Local\Avg2014
2013-09-28 09:00 - 2013-10-01 22:34 - 00000000 ____D C:\Program Files (x86)\AVG Nation toolbar
2013-09-28 09:00 - 2013-10-01 22:33 - 00046368 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx64.sys
2013-09-28 09:00 - 2013-09-28 20:22 - 00000000 ____D C:\ProgramData\AVG Security Toolbar
2013-09-28 09:00 - 2013-09-28 09:00 - 00000000 ____D C:\Users\aim\AppData\Local\AVG Nation toolbar
2013-09-28 09:00 - 2013-09-28 09:00 - 00000000 ____D C:\ProgramData\AVG Nation toolbar
2013-09-17 19:54 - 2013-09-17 19:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-13 20:35 - 2013-09-14 12:26 - 00000000 ____D C:\Users\aim\Documents\StarCraft II
2013-09-13 20:35 - 2013-09-13 21:02 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-09-13 20:35 - 2013-09-13 20:48 - 00000976 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2013-09-11 21:36 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-09-11 21:36 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-09-11 21:36 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-09-11 21:36 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-09-11 21:36 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-09-11 21:36 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-09-11 21:36 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-09-11 21:36 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-09-11 21:36 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-09-11 21:36 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-09-11 21:36 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-09-11 21:36 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-09-11 21:36 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-09-11 21:36 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-09-11 21:36 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-09-11 21:36 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-09-11 21:36 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-09-11 21:36 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-09-11 21:36 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-09-11 21:36 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-09-11 21:36 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-09-11 21:36 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-09-11 21:36 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-09-11 21:36 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-09-11 21:36 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-09-11 21:36 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-09-11 21:36 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-09-11 21:36 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-09-11 21:36 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-09-11 21:36 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-09-11 21:36 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 12:09 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-09-11 12:09 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys
2013-09-11 12:09 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-09-11 12:09 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2013-09-11 12:09 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2013-09-11 12:09 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2013-09-11 12:09 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2013-09-11 12:09 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2013-09-11 12:09 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2013-09-11 12:09 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2013-09-11 12:09 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2013-09-11 12:09 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2013-09-11 12:09 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2013-09-11 12:09 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2013-09-11 12:09 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2013-09-11 12:09 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2013-09-11 12:09 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2013-09-11 12:09 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2013-09-11 12:09 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2013-09-11 12:09 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2013-09-11 12:09 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2013-09-11 12:09 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 12:09 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 12:09 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2013-09-11 12:09 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2013-09-11 12:09 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2013-09-11 12:09 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll

==================== One Month Modified Files and Folders =======

2013-10-08 09:33 - 2009-07-14 06:45 - 00021200 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-08 09:33 - 2009-07-14 06:45 - 00021200 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-08 09:32 - 2013-10-08 09:32 - 00000000 ____D C:\FRST
2013-10-08 09:32 - 2011-10-19 15:01 - 00000000 ____D C:\Users\aim
2013-10-08 09:31 - 2013-10-08 09:31 - 01954124 _____ (Farbar) C:\Users\aim\Desktop\FRST64.exe
2013-10-08 09:30 - 2011-09-06 18:19 - 01652571 _____ C:\windows\WindowsUpdate.log
2013-10-08 09:25 - 2013-08-10 22:12 - 00000000 ____D C:\Users\aim\AppData\Roaming\Betcat
2013-10-08 09:24 - 2013-05-21 20:34 - 00022650 _____ C:\windows\setupact.log
2013-10-08 09:24 - 2012-06-23 22:33 - 00001038 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-08 09:24 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-10-08 09:22 - 2012-06-23 22:33 - 00000930 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-10-08 09:15 - 2012-06-23 22:33 - 00001042 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-08 09:10 - 2013-03-17 18:36 - 00000000 ____D C:\ProgramData\MFAData
2013-10-08 08:49 - 2012-08-28 20:44 - 00000920 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-251638132-866889896-205452805-1001UA.job
2013-10-07 20:51 - 2011-10-27 23:16 - 00000000 ____D C:\Users\aim\AppData\Local\CrashDumps
2013-10-07 20:49 - 2012-08-28 20:44 - 00000898 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-251638132-866889896-205452805-1001Core.job
2013-10-05 17:42 - 2011-09-06 07:01 - 00698598 _____ C:\windows\system32\perfh015.dat
2013-10-05 17:42 - 2011-09-06 07:01 - 00135418 _____ C:\windows\system32\perfc015.dat
2013-10-05 17:42 - 2009-07-14 07:13 - 01551484 _____ C:\windows\system32\PerfStringBackup.INI
2013-10-05 15:08 - 2013-05-09 22:46 - 00002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-03 11:01 - 2013-10-03 11:01 - 00000000 ____D C:\Users\aim\AppData\Local\Avg2014
2013-10-02 20:18 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2013-10-02 13:58 - 2013-08-13 23:44 - 00000000 ____D C:\Program Files (x86)\Betcat
2013-10-01 22:34 - 2013-09-28 09:00 - 00000000 ____D C:\Program Files (x86)\AVG Nation toolbar
2013-10-01 22:33 - 2013-09-28 09:00 - 00046368 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx64.sys
2013-09-28 20:22 - 2013-09-28 09:00 - 00000000 ____D C:\ProgramData\AVG Security Toolbar
2013-09-28 09:00 - 2013-09-28 09:00 - 00000000 ____D C:\Users\aim\AppData\Local\AVG Nation toolbar
2013-09-28 09:00 - 2013-09-28 09:00 - 00000000 ____D C:\ProgramData\AVG Nation toolbar
2013-09-20 10:22 - 2012-06-23 22:33 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-09-20 10:22 - 2012-06-23 22:33 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-20 10:22 - 2012-06-23 22:33 - 00003868 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-09-20 00:14 - 2012-07-09 12:07 - 00000000 ____D C:\Users\aim\AppData\Roaming\SoftGrid Client
2013-09-19 23:21 - 2012-06-20 17:59 - 00018391 _____ C:\Users\aim\Desktop\cv-magda2.odt
2013-09-19 22:25 - 2012-07-09 19:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-19 09:56 - 2012-07-09 19:30 - 00000000 ____D C:\Users\aim\AppData\Local\Mozilla
2013-09-17 19:54 - 2013-09-17 19:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-14 12:26 - 2013-09-13 20:35 - 00000000 ____D C:\Users\aim\Documents\StarCraft II
2013-09-14 08:11 - 2013-05-21 20:34 - 00228606 _____ C:\windows\PFRO.log
2013-09-13 21:02 - 2013-09-13 20:35 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-09-13 20:48 - 2013-09-13 20:35 - 00000976 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2013-09-13 20:30 - 2011-11-14 19:39 - 00000000 ____D C:\Users\aim\AppData\Roaming\DAEMON Tools Lite
2013-09-13 13:58 - 2013-03-17 18:40 - 00000955 _____ C:\Users\Public\Desktop\AVG 2013.lnk
2013-09-12 07:38 - 2011-10-19 15:12 - 00000000 ___RD C:\Users\aim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-12 07:38 - 2011-10-19 15:12 - 00000000 ___RD C:\Users\aim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-12 07:37 - 2009-07-14 06:45 - 00295120 _____ C:\windows\system32\FNTCACHE.DAT
2013-09-11 21:36 - 2013-07-13 20:07 - 00000000 ____D C:\windows\system32\MRT
2013-09-11 21:36 - 2012-07-09 12:06 - 01576642 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-09-11 21:36 - 2012-07-09 12:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-09-11 21:32 - 2011-10-25 10:40 - 79143768 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

Files to move or delete:
====================
C:\Users\aim\FLVPlayerSetup.exe
C:\Users\aim\winamp565_full_emusic-7plus_pl-pl.exe


Some content of TEMP:
====================
C:\Users\aim\AppData\Local\Temp\tbBitT.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-01 23:00

==================== End Of Log ============================