Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013
Ran by Administrator (administrator) on COMPAQ-NC2400 on 14-10-2013 12:03:28
Running from C:\Documents and Settings\Administrator\Desktop\FixItPc3
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\WINDOWS\System32\SCardSvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Whilokii) C:\Program Files\Whilokii\updateWhilokii.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Hewlett-Packard Corporation) C:\WINDOWS\system32\AccelerometerSt.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
() C:\WINDOWS\SMINST\Scheduler.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Impacct) C:\Program Files\Plustek\OpticPro ST64+\Am32Plus.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
(Whilokii) C:\Program Files\Whilokii\bin\utilWhilokii.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqtgsvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\tv_w32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MsmqIntCert] - regsvr32 /s mqrt.dll
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [925696 2005-05-20] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAX] - C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [716800 2005-05-07] (Analog Devices, Inc.)
HKLM\...\Run: [AccelerometerSysTrayApplet] - C:\WINDOWS\system32\AccelerometerSt.exe [53248 2006-01-17] (Hewlett-Packard Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761946 2006-03-31] (Synaptics, Inc.)
HKLM\...\Run: [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [118784 2006-03-14] (Intel Corporation)
HKLM\...\Run: [QlbCtrl] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [131072 2006-05-08] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Cpqset] - C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [40960 2006-05-02] ()
HKLM\...\Run: [Recguard] - C:\WINDOWS\Sminst\Recguard.exe [1187840 2005-12-21] ()
HKLM\...\Run: [Reminder] - C:\WINDOWS\Creator\Remind_XP.exe [806912 2006-03-10] ()
HKLM\...\Run: [Scheduler] - C:\WINDOWS\SMINST\Scheduler.exe [892928 2006-02-15] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-11] (Avira Operations GmbH & Co. KG)
AppInit_DLLs: c:\docume~1\alluse~1\applic~1\bitguard\261694~1.246\{c16c1~1\bitguard.dll  [ ] ()
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Action Express (OpticPro ST64+).lnk
ShortcutTarget: Action Express (OpticPro ST64+).lnk -> C:\Program Files\Plustek\OpticPro ST64+\Am32Plus.exe (Impacct)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Whilokii - {204df522-9a96-4a72-abb0-60f7a216d6d2} - C:\Program Files\Whilokii\Whilokiibho.dll (Whilokii)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 24 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.2

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\q63hkmob.default-1378313367906
FF NewTab: hxxp://www.searchgol.com/?babsrc=NT_ss&mntrId=30D1001CBF31031D&affID=119357&tt=240913_246&tsp=5018
FF Homepage: https://www.google.pl/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

========================== Services (Whitelisted) =================

S3 AddFiltr; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe [98304 2006-05-08] (Hewlett-Packard Development Company, L.P.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-11] (Avira Operations GmbH & Co. KG)
R2 MSMQ; C:\WINDOWS\system32\mqsvc.exe [4608 2008-04-14] (Microsoft Corporation)
R2 MSMQTriggers; C:\WINDOWS\system32\mqtgsvc.exe [117248 2008-04-14] (Microsoft Corporation)
S2 PCA; C:\WINDOWS\SMINST\PCAngel.exe [294912 2006-01-12] (SoftThinks)
R2 Update Whilokii; C:\Program Files\Whilokii\updateWhilokii.exe [65304 2013-10-07] (Whilokii)
R2 Util Whilokii; C:\Program Files\Whilokii\bin\utilWhilokii.exe [65304 2013-10-07] (Whilokii)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

R3 AEAudioService; C:\Windows\System32\drivers\AEAudio.sys [152960 2005-06-07] (Andrea Electronics Corporation)
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [130432 2006-03-30] (AuthenTec, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-09-11] (Avira Operations GmbH & Co. KG)
R3 b57w2k; C:\Windows\System32\DRIVERS\b57xp32.sys [142720 2006-01-12] (Broadcom Corporation)
R3 BTKRNL; C:\Windows\System32\DRIVERS\btkrnl.sys [1342602 2006-02-27] (Broadcom Corporation.)
R3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [57096 2006-02-27] (Broadcom Corporation.)
S3 BulkUsb; C:\Windows\System32\Drivers\VoIPUSBDriver.sys [149504 2005-09-16] (Windows (R) Server 2003 DDK provider)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R1 eabfiltr; C:\Windows\System32\DRIVERS\eabfiltr.sys [7808 2005-09-19] (Hewlett-Packard Development Company, L.P.)
S3 eabusb; C:\Windows\System32\DRIVERS\eabusb.sys [5760 2005-09-19] (Hewlett-Packard Development Company, L.P.)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
R3 GTIPCI21; C:\Windows\System32\DRIVERS\gtipci21.sys [87808 2006-02-28] (Texas Instruments)
R3 HSFHWAZL; C:\Windows\System32\DRIVERS\HSFHWAZL.sys [201600 2006-01-30] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [1035008 2006-01-30] (Conexant Systems, Inc.)
R3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [1402559 2006-03-14] (Intel Corporation)
R3 IFXTPM; C:\Windows\System32\DRIVERS\IFXTPM.SYS [36608 2006-04-25] (Infineon Technologies AG)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
R3 MQAC; C:\WINDOWS\system32\drivers\mqac.sys [92544 2008-04-14] (Microsoft Corporation)
R3 NETwLx32; C:\Windows\System32\DRIVERS\NETwLx32.sys [6609920 2010-10-07] (Intel Corporation)
S3 PortTalk; C:\Windows\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic http://www.beyondlogic.org)
S3 prwntdrv; C:\WINDOWS\system32\prwntdrv.sys [13064 2010-08-25] ()
S3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 SMCIRDA; C:\Windows\System32\DRIVERS\smcirda.sys [35913 2001-08-17] (SMC)
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-11] (Avira GmbH)
S3 w39n51; C:\Windows\System32\DRIVERS\w39n51.sys [1428096 2006-01-19] (Intel® Corporation)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-14 11:58 - 2013-10-14 12:03 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\FixItPc3
2013-10-14 11:00 - 2013-10-14 11:00 - 00000228 _____ C:\WINDOWS\BE8U.ini
2013-10-14 11:00 - 2004-08-13 11:07 - 00311808 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\Camsdkr.dll
2013-10-14 11:00 - 2004-08-13 11:07 - 00079360 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\Camsdkct.ocx
2013-10-14 10:58 - 2013-10-14 10:59 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Plustek OpticPro ST64+ Beta4.0.1.2
2013-10-14 10:58 - 2013-10-14 10:58 - 00000000 ____D C:\Program Files\Plustek
2013-10-14 10:58 - 2013-10-14 10:58 - 00000000 ____D C:\Program Files\Common Files\iMpacct
2013-10-14 10:58 - 2013-10-14 10:58 - 00000000 ____D C:\Program Files\Common Files\Comscan
2013-10-14 10:48 - 2013-10-14 11:00 - 100838232 _____ C:\WINDOWS\system32\㇓⩲咤7
2013-10-08 23:52 - 2013-10-08 23:52 - 00009678 _____ C:\WINDOWS\KB2862335.log
2013-10-08 23:52 - 2013-10-08 23:52 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-08 23:52 - 2013-10-08 23:52 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-08 23:47 - 2013-10-08 23:47 - 00011669 _____ C:\WINDOWS\KB2868038.log
2013-10-08 23:47 - 2013-10-08 23:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-08 23:46 - 2013-10-08 23:47 - 00011622 _____ C:\WINDOWS\KB2879017-IE8.log
2013-10-08 23:46 - 2013-10-08 23:46 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-08 23:45 - 2013-10-08 23:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-08 23:33 - 2013-10-08 23:52 - 00014358 _____ C:\WINDOWS\KB2847311.log
2013-10-08 23:33 - 2013-07-17 02:58 - 00123008 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2013-10-08 23:33 - 2013-07-17 02:58 - 00046848 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys
2013-10-08 23:33 - 2013-07-03 04:12 - 00025088 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2013-10-08 23:33 - 2013-07-03 03:59 - 00014976 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2013-10-08 23:31 - 2013-08-09 02:55 - 00144128 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2013-10-08 23:31 - 2013-08-09 02:55 - 00005376 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2013-10-08 23:31 - 2009-03-18 13:02 - 00030336 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2013-10-07 00:19 - 2013-10-07 00:19 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 8
2013-10-03 19:49 - 2013-10-03 19:49 - 99131034 _____ C:\WINDOWS\system32\���蔂咤7
2013-10-01 02:33 - 2013-10-02 01:36 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-01 01:22 - 2013-10-01 01:22 - 98602865 _____ C:\WINDOWS\system32\ᙉ쯤咤7
2013-09-30 00:28 - 2013-10-03 00:53 - 00000000 ____D C:\AdwCleaner
2013-09-30 00:28 - 2013-09-30 00:26 - 01042066 _____ C:\Documents and Settings\Administrator\Desktop\AdwCleaner.exe
2013-09-30 00:17 - 2013-09-30 00:17 - 98466785 _____ C:\WINDOWS\system32\骕밲咤7
2013-09-27 17:45 - 2013-09-27 17:45 - 00001694 _____ C:\Documents and Settings\Administrator\Desktop\JDownloader.lnk
2013-09-27 17:44 - 2013-09-27 17:44 - 00001658 _____ C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader.lnk
2013-09-27 17:44 - 2013-09-27 17:44 - 00001602 _____ C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader Uninstaller.lnk
2013-09-27 17:44 - 2013-09-27 17:44 - 00001581 _____ C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader Update.lnk
2013-09-27 17:43 - 2013-09-27 18:18 - 00000000 ____D C:\Program Files\JDownloader
2013-09-27 17:38 - 2013-10-07 00:22 - 00000000 ____D C:\Program Files\Whilokii
2013-09-17 01:58 - 2013-09-17 01:58 - 97872530 _____ C:\WINDOWS\system32\皸鴿咜7

==================== One Month Modified Files and Folders =======

2013-10-14 12:03 - 2013-10-14 11:58 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\FixItPc3
2013-10-14 12:03 - 2012-06-13 21:10 - 00000438 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{0529E6A0-E2E3-4B3B-B4CA-CDF602251560}.job
2013-10-14 12:02 - 2012-06-13 22:49 - 00000000 ____D C:\Documents and Settings\Administrator\My Documents\Pobieranie
2013-10-14 12:00 - 2012-11-03 14:01 - 00000424 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{096449AF-03CB-43F4-A146-141A58EEE1DB}.job
2013-10-14 11:30 - 2004-08-07 15:19 - 00031770 _____ C:\WINDOWS\SchedLgU.Txt
2013-10-14 11:25 - 2012-06-14 00:01 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-14 11:05 - 2004-08-07 15:19 - 01208881 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-14 11:04 - 2004-08-07 15:19 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2013-10-14 11:02 - 2006-07-05 12:39 - 00000000 ____D C:\WINDOWS\SMINST
2013-10-14 11:01 - 2004-08-07 15:19 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-14 11:00 - 2013-10-14 11:00 - 00000228 _____ C:\WINDOWS\BE8U.ini
2013-10-14 11:00 - 2013-10-14 10:48 - 100838232 _____ C:\WINDOWS\system32\㇓⩲咤7
2013-10-14 11:00 - 2006-07-05 11:58 - 00000000 ____D C:\Documents and Settings\Administrator
2013-10-14 11:00 - 2004-08-07 15:19 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2013-10-14 10:59 - 2013-10-14 10:58 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Plustek OpticPro ST64+ Beta4.0.1.2
2013-10-14 10:58 - 2013-10-14 10:58 - 00000000 ____D C:\Program Files\Plustek
2013-10-14 10:58 - 2013-10-14 10:58 - 00000000 ____D C:\Program Files\Common Files\iMpacct
2013-10-14 10:58 - 2013-10-14 10:58 - 00000000 ____D C:\Program Files\Common Files\Comscan
2013-10-14 10:58 - 2006-07-05 12:10 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-10-14 10:58 - 2006-07-05 11:58 - 00000000 ____D C:\WINDOWS\twain_32
2013-10-13 22:51 - 2006-07-05 11:58 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-13 21:47 - 2013-06-30 01:51 - 00005632 _____ C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-11 01:25 - 2012-06-14 00:01 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-11 01:25 - 2012-06-14 00:01 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-10-09 08:09 - 2004-08-07 15:07 - 00160344 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-08 23:57 - 2004-08-07 15:14 - 00516642 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-08 23:52 - 2013-10-08 23:52 - 00009678 _____ C:\WINDOWS\KB2862335.log
2013-10-08 23:52 - 2013-10-08 23:52 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-08 23:52 - 2013-10-08 23:52 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-08 23:52 - 2013-10-08 23:33 - 00014358 _____ C:\WINDOWS\KB2847311.log
2013-10-08 23:52 - 2013-07-23 01:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-08 23:52 - 2006-07-05 12:19 - 00178793 _____ C:\WINDOWS\updspapi.log
2013-10-08 23:52 - 2004-08-07 15:19 - 00000896 _____ C:\WINDOWS\setupapi.log
2013-10-08 23:52 - 2004-08-07 15:18 - 01567842 _____ C:\WINDOWS\iis6.log
2013-10-08 23:52 - 2004-08-07 15:18 - 00651832 _____ C:\WINDOWS\tsoc.log
2013-10-08 23:52 - 2004-08-07 15:07 - 00483453 _____ C:\WINDOWS\comsetup.log
2013-10-08 23:52 - 2004-08-07 15:07 - 00292961 _____ C:\WINDOWS\ntdtcsetup.log
2013-10-08 23:52 - 2004-08-07 15:07 - 00078197 _____ C:\WINDOWS\ocmsn.log
2013-10-08 23:52 - 2004-08-07 15:07 - 00071425 _____ C:\WINDOWS\tabletoc.log
2013-10-08 23:52 - 2004-08-07 15:07 - 00001374 _____ C:\WINDOWS\imsins.log
2013-10-08 23:52 - 2004-08-07 15:07 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-10-08 23:52 - 2004-08-07 15:00 - 01407596 _____ C:\WINDOWS\FaxSetup.log
2013-10-08 23:52 - 2004-08-07 15:00 - 00689603 _____ C:\WINDOWS\ocgen.log
2013-10-08 23:52 - 2004-08-07 15:00 - 00247217 _____ C:\WINDOWS\netfxocm.log
2013-10-08 23:52 - 2004-08-07 15:00 - 00098424 _____ C:\WINDOWS\MedCtrOC.log
2013-10-08 23:52 - 2004-08-07 15:00 - 00070808 _____ C:\WINDOWS\msgsocm.log
2013-10-08 23:52 - 2004-08-07 14:59 - 00388280 _____ C:\WINDOWS\msmqinst.log
2013-10-08 23:48 - 2012-06-13 22:17 - 78106760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-08 23:47 - 2013-10-08 23:47 - 00011669 _____ C:\WINDOWS\KB2868038.log
2013-10-08 23:47 - 2013-10-08 23:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-08 23:47 - 2013-10-08 23:46 - 00011622 _____ C:\WINDOWS\KB2879017-IE8.log
2013-10-08 23:47 - 2004-08-07 15:19 - 01024382 _____ C:\WINDOWS\setupapi.log.0.old
2013-10-08 23:46 - 2013-10-08 23:46 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-08 23:46 - 2012-06-13 22:08 - 00000000 ____D C:\WINDOWS\ie8updates
2013-10-08 23:45 - 2013-10-08 23:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-08 22:21 - 2013-05-07 21:10 - 00001720 ____H C:\Documents and Settings\Administrator\My Documents\Default.rdp
2013-10-08 10:37 - 2012-09-24 02:43 - 00000000 ____D C:\Documents and Settings\Administrator\.nx
2013-10-08 10:36 - 2012-09-24 02:45 - 00000891 _____ C:\Documents and Settings\Administrator\.Xauthority
2013-10-07 00:22 - 2013-09-27 17:38 - 00000000 ____D C:\Program Files\Whilokii
2013-10-07 00:19 - 2013-10-07 00:19 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 8
2013-10-07 00:19 - 2013-09-11 08:35 - 00000815 _____ C:\Documents and Settings\All Users\Desktop\TeamViewer 8.lnk
2013-10-03 19:49 - 2013-10-03 19:49 - 99131034 _____ C:\WINDOWS\system32\���蔂咤7
2013-10-03 00:54 - 2012-06-13 19:06 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-03 00:53 - 2013-09-30 00:28 - 00000000 ____D C:\AdwCleaner
2013-10-02 01:36 - 2013-10-01 02:33 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-01 01:22 - 2013-10-01 01:22 - 98602865 _____ C:\WINDOWS\system32\ᙉ쯤咤7
2013-09-30 00:31 - 2004-08-07 07:57 - 00000216 _____ C:\WINDOWS\wiadebug.log
2013-09-30 00:26 - 2013-09-30 00:28 - 01042066 _____ C:\Documents and Settings\Administrator\Desktop\AdwCleaner.exe
2013-09-30 00:17 - 2013-09-30 00:17 - 98466785 _____ C:\WINDOWS\system32\骕밲咤7
2013-09-27 19:18 - 2012-06-13 19:12 - 00028960 _____ C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-09-27 18:18 - 2013-09-27 17:43 - 00000000 ____D C:\Program Files\JDownloader
2013-09-27 17:45 - 2013-09-27 17:45 - 00001694 _____ C:\Documents and Settings\Administrator\Desktop\JDownloader.lnk
2013-09-27 17:44 - 2013-09-27 17:44 - 00001658 _____ C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader.lnk
2013-09-27 17:44 - 2013-09-27 17:44 - 00001602 _____ C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader Uninstaller.lnk
2013-09-27 17:44 - 2013-09-27 17:44 - 00001581 _____ C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader Update.lnk
2013-09-23 23:36 - 2009-03-08 04:32 - 00174592 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2013-09-23 23:36 - 2004-08-04 10:00 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-09-23 20:33 - 2012-06-13 21:47 - 02006016 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2013-09-23 20:33 - 2012-06-13 21:47 - 00743424 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2013-09-23 20:33 - 2012-06-13 21:47 - 00630272 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2013-09-23 20:33 - 2012-06-13 21:47 - 00522240 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2013-09-23 20:33 - 2012-06-13 21:47 - 00247808 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2013-09-23 20:33 - 2012-06-13 21:47 - 00055296 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2013-09-23 20:33 - 2012-06-13 21:47 - 00012800 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2013-09-23 20:33 - 2012-05-11 20:12 - 11113472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2013-09-23 20:33 - 2009-03-08 14:09 - 00387584 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2013-09-23 20:33 - 2009-03-08 04:41 - 06017536 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2013-09-23 20:33 - 2009-03-08 04:39 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-09-23 20:33 - 2009-03-08 04:34 - 01469440 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2013-09-23 20:33 - 2009-03-08 04:34 - 01215488 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2013-09-23 20:33 - 2009-03-08 04:34 - 00920064 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2013-09-23 20:33 - 2009-03-08 04:34 - 00206848 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2013-09-23 20:33 - 2009-03-08 04:34 - 00105984 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2013-09-23 20:33 - 2009-03-08 04:34 - 00043520 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2013-09-23 20:33 - 2009-03-08 04:33 - 00759296 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2013-09-23 20:33 - 2009-03-08 04:33 - 00025600 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2013-09-23 20:33 - 2009-03-08 04:33 - 00018944 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2013-09-23 20:33 - 2009-03-08 04:32 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-09-23 20:33 - 2009-03-08 04:32 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-09-23 20:33 - 2009-03-08 04:32 - 00611840 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2013-09-23 20:33 - 2009-03-08 04:31 - 00184320 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2013-09-23 20:33 - 2009-03-08 04:31 - 00067072 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2013-09-23 20:33 - 2009-03-08 04:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2013-09-23 20:33 - 2004-08-04 10:00 - 06017536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-09-23 20:33 - 2004-08-04 10:00 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-09-23 20:33 - 2004-08-04 10:00 - 01215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-09-23 20:33 - 2004-08-04 10:00 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-09-23 20:33 - 2004-08-04 10:00 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2013-09-23 20:33 - 2004-08-04 10:00 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2013-09-23 20:33 - 2004-08-04 10:00 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2013-09-23 20:33 - 2004-08-04 10:00 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2013-09-23 20:33 - 2004-08-04 10:00 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2013-09-23 20:33 - 2004-08-04 10:00 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2013-09-23 20:33 - 2004-08-04 10:00 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2013-09-23 20:33 - 2004-08-04 10:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-09-23 20:33 - 2004-08-04 10:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2013-09-23 20:06 - 2004-08-04 10:00 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2013-09-18 22:55 - 2013-08-12 21:03 - 00000000 ____D C:\Program Files\Recuva
2013-09-18 22:10 - 2004-08-07 07:57 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-09-18 21:50 - 2013-07-29 23:47 - 00000000 ____D C:\Documents and Settings\All Users\Documents\FreeBurner
2013-09-18 21:12 - 2013-09-11 15:57 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\Fixitpc2
2013-09-17 02:01 - 2012-10-16 12:15 - 00000000 _____ C:\Documents and Settings\Administrator\Local Settings\Application Data\FnF4.txt
2013-09-17 01:58 - 2013-09-17 01:58 - 97872530 _____ C:\WINDOWS\system32\皸鴿咜7

Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\Checkupdate.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\Foxit Reader Updater.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\gcapi_dll.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\gtapi_signed.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================