Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-11-2013 02
Ran by USER (administrator) on USER-PC on 18-11-2013 04:33:30
Running from C:\Users\USER\Downloads
Microsoft Windows 7 Ultimate  (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Wsys Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files\CyberLink\Shared Files\brs.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\IBUpdaterService\ibsvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(WebConnect) C:\Program Files\WebConnect\updateWebConnect.exe
(WebConnect) C:\Program Files\WebConnect\bin\utilWebConnect.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [RemoteControl9] - C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-02-16] (CyberLink Corp.)
HKLM\...\Run: [PDVD9LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2008-10-13] (CyberLink Corp.)
HKLM\...\Run: [BDRegion] - C:\Program Files\CyberLink\Shared Files\brs.exe [75048 2009-02-28] (cyberlink)
HKLM\...\Run: [AdobeCS4ServiceManager] - C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM\...\Run: [Adobe_ID0ENQBO] - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7858720 2009-10-21] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [ArcSoft Connection Service] - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [snpstd] - C:\Windows\vsnpstd.exe [339968 2005-10-11] ()
HKLM\...\Run: [DATAMNGR] - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4767304 2013-03-07] (AVAST Software)
HKLM\...\Run: [ApnTBMon] - C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1673680 2013-10-23] (APN)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKCU\...\Run: [Facebook Update] - C:\Users\USER\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-10-08] (Facebook Inc.)
Startup: C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ritaglio schermata e avvio di OneNote 2007.lnk
ShortcutTarget: Ritaglio schermata e avvio di OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=WDCXWD2500AAJS-00VTA0_WD-WMART075820158201&ts=1380418408
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4A652FDB2702CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=WDCXWD2500AAJS-00VTA0_WD-WMART075820158201&ts=1380418408
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=WDCXWD2500AAJS-00VTA0_WD-WMART075820158201&ts=1380418408
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=WDCXWD2500AAJS-00VTA0_WD-WMART075820158201&ts=1380418408
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=sc&from=newgdp&uid=WDCXWD2500AAJS-00VTA0_WD-WMART075820158201&ts=1380418408
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=&utm_content=ds&from=cor&uid=WDCXWD2500AAJS-00VTA0_WD-WMART075820158201&ts=1377720625
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=&utm_content=ds&from=cor&uid=WDCXWD2500AAJS-00VTA0_WD-WMART075820158201&ts=1377720625
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=384&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} URL = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}
SearchScopes: HKCU - URL http://isearch.babylon.com/?q={searchTerms}&affID=121845&tt=gc_&babsrc=SP_ss_Btisdt4&mntrId=A40FE0CB4E268068
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://isearch.babylon.com/?q={searchTerms}&affID=121845&tt=gc_&babsrc=SP_ss_btis2&mntrId=A40FE0CB4E268068
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=UT2V5&o=15158&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=UG&apn_dtid=YYYYYYYYIT&apn_uid=F4189569-9094-448C-9635-0AAC52775A4E&apn_sauid=9265078D-4F82-48AA-94AC-EF271A271863
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=ds&from=newgdp&uid=WDCXWD2500AAJS-00VTA0_WD-WMART075820158201&ts=1380418410&type=default&q={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://badoo.com/startpage/?source=bsb&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=384&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} URL = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}
SearchScopes: HKCU - {A6722584-4A36-4956-B012-45CEE59D1929} URL = http://search.softonic.com/MOY00010/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=a40faadc000000000000e0cb4e268068&r=820
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll (Adobe Systems Incorporated.)
BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: WebConnect - {2316c625-b487-4410-a1a5-ff040b65245f} - C:\Program Files\WebConnect\WebConnectBHO.dll (Web Connect)
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Ginyas Browser Companion Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\GinyasBrowserCompanion\updatebhoWin32.dll ( )
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\USER\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll (Adobe Systems Incorporated.)
Toolbar: HKLM - Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks)
Toolbar: HKLM - MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} -  No File
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\08fr7o7x.default-1384743513831
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\USER\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\SearchTheWeb.xml
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
FF Extension: Iminent WebBooster - C:\Program Files\Mozilla Firefox\extensions\webbooster@iminent.com
FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Firefox\Extensions: [statuswinks@StatusWinks] - C:\Users\USER\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks
FF Extension: Smiley Bar for Facebook - C:\Users\USER\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [statuswinks@StatusWinks] - C:\Users\USER\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks
FF Extension: Smiley Bar for Facebook - C:\Users\USER\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks
FF HKCU\...\Firefox\Extensions: [superlrcs@svenyor.net] - C:\Program Files\SuperLyrics\FF\
FF Extension: SuperLyrics - C:\Program Files\SuperLyrics\FF\
FF HKCU\...\Firefox\Extensions: [LyricsArt@SternoC.co] - C:\Program Files\LyricsArt\116.xpi
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=sc&from=newgdp&uid=WDCXWD2500AAJS-00VTA0_WD-WMART075820158201&ts=1380418408

Chrome: 
=======
CHR Extension: ({"name":"Avira SearchFree Toolbar plus Web Protection","version":"25.62074","manifest_version":2,"description":"Convenient tools and links to make your browsing more enjoyable","icons":{"128":"config/skin/images/logo/logo_128x.png","32":"config/skin/images/logo/logo_32x.png","24":"config/skin/images/logo/logo_24x.png"},"browser_action":{"default_icon":"config/skin/images/logo/logo_19x.png","default_title":"Control the Avira SearchFree Toolbar","default_popup":"config/skin/chrome-options.html"},"background":{"page":"background/background.html"},"chrome_url_overrides":{"newtab":"config/skin/new-tab-page.html"},"content_scripts":[{"matches":["*://*/*"],"js":["lib/constant.js","lib/default-config.js","config/tb-config.js","lib/protocol.js","lib/tb-message.js","lib/widget-messaging.js","content_script/inline-html.js"],"all_frames":true,"run_at":"document_end"},{"matches":["*://*/*"],"js":["lib/jquery.js","lib/constant.js","lib/default-config.js","config/tb-config.js","config/widget-config.js","lib/protocol.js","lib/tb-message.js","lib/state-machine.js","lib/window-position.js","content_script/positioning.js","content_script/toolbar.js","content_script/widget.js","content_script/injector.js"],"run_at":"document_start"},{"matches":["*://*.facebook.com/*"],"css":["content_script/hack/facebook.css"]},{"matches":["*://*.google.com/*","*://*.ask.com/","*://*.bagsbuy.com/*","*://*.csaa.com/*","*://*.childrenschorus.org/*","*://*.wikipedia.org/*","*://*.mercurynews.com/*","*://*.usnews.com/*"],"css":["content_script/hack/relative.css"],"run_at":"document_start"},{"matches":["*://*.google.com/imgres*","*://images.google.com/*","*://codesearch.google.com/*"],"css":["content_script/hack/static.css"],"run_at":"document_start"}],"permissions":["bookmarks","contextMenus","contentSettings","cookies","geolocation","history","idle","management","notifications","tabs","unlimitedStorage","webRequest","webRequestBlocking","http://*/*","https://*/*","chrome://favicon/*","bookmarks","contextMenus","contentSettings","cookies","geolocation","history","idle","management","notifications","tabs","unlimitedStorage","http://*/*","https://*/*","chrome://favicon/*","webRequest","webRequestBlocking"],"plugins":[{"path":"background/ChromeUtilPlugin.dll","public":false}],"update_url":"http://apnmedia.ask.com/media/toolbar/everest/partners/AVIRA-V7/ZF/update.xml","web_accessible_resources":["config/skin/css/containers.css","config/skin/toolbar.html","widgets/search-suggestion/search-suggestion.html","widgets/options/options.html","widgets/templates/feed.html","widgets/templates/menu.html","config/skin/widgets/com.avira.dnt/widget/background.html","config/skin/widgets/com.avira.dnt/widget/button.html","config/skin/widgets/com.avira.dnt/widget/window.html","config/skin/widgets/com.avira.dnt/widget/blank.html","config/skin/widgets/com.avira.dnt/widget/blank.gif","config/skin/widgets/toolbar-options/options.html"]}) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\25.62074
CHR Extension: (AdBlock) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0
CHR Extension: (avast! WebRep) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0
CHR Extension: (WebConnect) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieakfmpjhljbpbfpldjkddkjmmgjmgon\1.0.0_0
CHR Extension: () - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\1.1.6.9_0
CHR Extension: (Google Wallet) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
CHR HKLM\...\Chrome\Extension: [ajcghoegamlabppilamagaddfdfamden] - C:\Program Files\LyricsArt\116.crx
CHR HKLM\...\Chrome\Extension: [bgnjcnjlaajofpendibcoodneacalfho] - C:\Program Files\SuperLyrics\Chrome.crx
CHR HKLM\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files\GinyasBrowserCompanion\blabbers-ch.crx
CHR HKLM\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files\OnlineHD.TV\onhd11.crx
CHR HKLM\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files\Softonic\Softonic\1.8.19.3\Softonic.crx
CHR HKLM\...\Chrome\Extension: [hgojaaaiddhmiiakpejiklijbalpckih] - C:\Users\USER\AppData\Roaming\StatusWinks\statuswinks.crx
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM\...\Chrome\Extension: [ieakfmpjhljbpbfpldjkddkjmmgjmgon] - C:\Program Files\WebConnect\ieakfmpjhljbpbfpldjkddkjmmgjmgon.crx
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM\...\Chrome\Extension: [ihflimipbcaljfnojhhknppphnnciiif] - C:\Program Files\facemoods.com\facemoods\1.4.17.9\facemoods.crx
CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit14.crx

========================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software)
R2 IBUpdaterService; C:\ProgramData\IBUpdaterService\ibsvc.exe [642464 2013-01-16] ()
R2 Update WebConnect; C:\Program Files\WebConnect\updateWebConnect.exe [65320 2013-10-04] (WebConnect)
R2 Util WebConnect; C:\Program Files\WebConnect\bin\utilWebConnect.exe [65320 2013-10-04] (WebConnect)
R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [303680 2013-08-28] (Wsys Co., Ltd.)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-03-07] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [60656 2013-03-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49248 2013-03-07] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765736 2013-03-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368176 2013-03-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [62376 2013-03-07] (AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [164736 2013-03-07] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-11-05] (DT Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
S3 snpstd; C:\Windows\System32\DRIVERS\snpstd.sys [390784 2006-05-03] ()
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-02-28] (CyberLink Corp.)
S3 andnetadb; System32\Drivers\lgandnetadb.sys [x]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [x]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [x]
S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [x]
S3 catchme; \??\C:\Users\USER\AppData\Local\Temp\catchme.sys [x]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 LgBttPort; system32\DRIVERS\lgbtport.sys [x]
S3 lgbusenum; system32\DRIVERS\lgbtbus.sys [x]
S3 LGVMODEM; system32\DRIVERS\lgvmodem.sys [x]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [x]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [x]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-18 04:33 - 2013-11-18 04:33 - 00028248 _____ C:\Users\USER\Downloads\FRST.txt
2013-11-18 04:33 - 2013-11-18 04:33 - 00000000 ____D C:\FRST
2013-11-18 04:32 - 2013-11-18 04:32 - 01090935 _____ (Farbar) C:\Users\USER\Downloads\FRST.exe
2013-11-18 04:31 - 2013-11-18 04:31 - 01958026 _____ (Farbar) C:\Users\USER\Downloads\FRST64.exe
2013-11-18 04:29 - 2013-11-18 04:29 - 00100258 _____ C:\Users\USER\Desktop\OTL.Txt
2013-11-18 04:29 - 2013-11-18 04:29 - 00077776 _____ C:\Users\USER\Desktop\Extras.Txt
2013-11-18 04:28 - 2013-11-18 04:28 - 00077776 _____ C:\Users\USER\Downloads\Extras.Txt
2013-11-18 04:26 - 2013-11-18 04:26 - 00100258 _____ C:\Users\USER\Downloads\OTL.Txt
2013-11-18 04:15 - 2013-11-18 04:15 - 00602112 _____ (OldTimer Tools) C:\Users\USER\Downloads\OTL.com
2013-11-18 04:15 - 2013-11-18 04:15 - 00602112 _____ (OldTimer Tools) C:\Users\USER\Downloads\OTL (1).exe
2013-11-18 04:12 - 2013-11-18 04:12 - 00602112 _____ (OldTimer Tools) C:\Users\USER\Downloads\OTL.exe
2013-11-18 03:58 - 2013-11-18 03:58 - 00000000 ____D C:\Users\USER\Desktop\Stare dane programu Firefox
2013-11-18 03:52 - 2013-11-18 03:52 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
2013-11-18 02:44 - 2013-11-18 02:44 - 00000000 ____D C:\Users\USER\AppData\Local\AskPartnerNetwork
2013-11-18 02:27 - 2013-11-18 02:27 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-11-18 02:27 - 2013-11-18 02:27 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-11-18 02:26 - 2013-11-18 02:26 - 00000000 ____D C:\ProgramData\APN
2013-11-18 01:59 - 2013-11-18 03:50 - 00000000 ____D C:\ProgramData\Avira
2013-11-18 01:52 - 2013-11-18 01:52 - 02092792 _____ C:\Users\USER\Downloads\avira_free_antivirus (1).exe
2013-11-18 01:50 - 2013-11-18 01:50 - 02296952 _____ C:\Users\USER\Downloads\avira_free_antivirus.exe
2013-11-14 14:24 - 2013-11-14 15:54 - 00000000 ____D C:\Users\USER\Desktop\crack attuale
2013-11-14 06:44 - 2013-11-14 06:45 - 00000000 ____D C:\Users\USER\Desktop\crack adesso
2013-11-14 06:00 - 2013-11-14 06:00 - 00000000 ____D C:\Users\USER\Desktop\crack season
2013-11-14 05:36 - 2013-11-14 05:38 - 1936850944 _____ C:\Users\USER\Desktop\Sims3EP10.iso
2013-11-14 05:23 - 2013-11-14 05:24 - 00000000 _____ C:\end
2013-11-14 05:13 - 2013-11-14 05:13 - 00000000 ____D C:\Users\USER\AppData\Roaming\NeroDigital(TM)
2013-11-14 02:28 - 2013-11-14 06:01 - 00000000 ____D C:\Users\USER\Desktop\crack
2013-11-13 02:23 - 2013-11-13 02:24 - 00000000 ____D C:\Users\USER\Downloads\Foto scaricate
2013-11-13 00:47 - 2013-11-14 06:09 - 00000000 ____D C:\Users\USER\Downloads\The Sims 3 Into The Future [MULTI20][PCDVD][EXPANSION][FLT][WwW.GamesTorrents.CoM]
2013-11-12 23:48 - 2013-11-14 14:51 - 00000000 ____D C:\Users\USER\Downloads\The Sims 3 Late Night [MULTI10][PCDVD][WwW.GamesTorrents.CoM]
2013-11-12 20:46 - 2010-09-07 20:23 - 04695312 _____ (Electronic Arts, Inc.) C:\Users\USER\Desktop\TSLHost.dll
2013-11-12 20:43 - 2010-09-07 20:23 - 12084496 _____ (Electronic Arts Inc.) C:\Users\USER\Desktop\TS3.exe
2013-10-29 14:16 - 2013-10-29 14:16 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
2013-10-28 02:05 - 2013-11-11 01:58 - 00000000 ____D C:\Users\USER\Downloads\Musica 2

==================== One Month Modified Files and Folders =======

2013-11-18 04:33 - 2013-11-18 04:33 - 00028248 _____ C:\Users\USER\Downloads\FRST.txt
2013-11-18 04:33 - 2013-11-18 04:33 - 00000000 ____D C:\FRST
2013-11-18 04:32 - 2013-11-18 04:32 - 01090935 _____ (Farbar) C:\Users\USER\Downloads\FRST.exe
2013-11-18 04:31 - 2013-11-18 04:31 - 01958026 _____ (Farbar) C:\Users\USER\Downloads\FRST64.exe
2013-11-18 04:29 - 2013-11-18 04:29 - 00100258 _____ C:\Users\USER\Desktop\OTL.Txt
2013-11-18 04:29 - 2013-11-18 04:29 - 00077776 _____ C:\Users\USER\Desktop\Extras.Txt
2013-11-18 04:28 - 2013-11-18 04:28 - 00077776 _____ C:\Users\USER\Downloads\Extras.Txt
2013-11-18 04:26 - 2013-11-18 04:26 - 00100258 _____ C:\Users\USER\Downloads\OTL.Txt
2013-11-18 04:15 - 2013-11-18 04:15 - 00602112 _____ (OldTimer Tools) C:\Users\USER\Downloads\OTL.com
2013-11-18 04:15 - 2013-11-18 04:15 - 00602112 _____ (OldTimer Tools) C:\Users\USER\Downloads\OTL (1).exe
2013-11-18 04:12 - 2013-11-18 04:12 - 00602112 _____ (OldTimer Tools) C:\Users\USER\Downloads\OTL.exe
2013-11-18 04:01 - 2009-07-14 05:34 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-18 04:01 - 2009-07-14 05:34 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-18 04:00 - 2010-08-31 17:23 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-18 03:58 - 2013-11-18 03:58 - 00000000 ____D C:\Users\USER\Desktop\Stare dane programu Firefox
2013-11-18 03:58 - 2010-06-02 14:06 - 01784230 _____ C:\Windows\WindowsUpdate.log
2013-11-18 03:53 - 2010-08-31 17:23 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-18 03:52 - 2013-11-18 03:52 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
2013-11-18 03:52 - 2013-09-01 02:09 - 00004760 _____ C:\Windows\setupact.log
2013-11-18 03:52 - 2013-09-01 02:08 - 00030592 _____ C:\Windows\PFRO.log
2013-11-18 03:52 - 2010-06-02 08:31 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-18 03:52 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-18 03:50 - 2013-11-18 01:59 - 00000000 ____D C:\ProgramData\Avira
2013-11-18 03:30 - 2012-10-08 20:25 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1424421345-115930411-479481771-1000UA.job
2013-11-18 03:15 - 2013-09-14 01:39 - 00000000 ____D C:\ProgramData\BitGuard
2013-11-18 03:10 - 2013-05-26 18:29 - 00000000 ____D C:\Users\USER\AppData\Roaming\Dealply
2013-11-18 03:05 - 2013-02-28 00:06 - 00000000 ____D C:\Program Files\SuperLyrics
2013-11-18 02:44 - 2013-11-18 02:44 - 00000000 ____D C:\Users\USER\AppData\Local\AskPartnerNetwork
2013-11-18 02:44 - 2010-06-02 08:41 - 10739744 _____ C:\Windows\system32\perfh010.dat
2013-11-18 02:44 - 2010-06-02 08:41 - 03546952 _____ C:\Windows\system32\perfc010.dat
2013-11-18 02:44 - 2010-06-02 08:21 - 00005946 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-18 02:43 - 2013-03-20 14:59 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-18 02:27 - 2013-11-18 02:27 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-11-18 02:27 - 2013-11-18 02:27 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-11-18 02:26 - 2013-11-18 02:26 - 00000000 ____D C:\ProgramData\APN
2013-11-18 02:20 - 2013-01-17 00:06 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
2013-11-18 02:20 - 2013-01-17 00:06 - 00000000 ____D C:\Program Files\FilesFrog Update Checker
2013-11-18 02:20 - 2012-04-10 23:38 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FoxTab FLV Player
2013-11-18 02:20 - 2012-04-10 23:38 - 00000000 ____D C:\Program Files\FoxTabFLVPlayer
2013-11-18 01:52 - 2013-11-18 01:52 - 02092792 _____ C:\Users\USER\Downloads\avira_free_antivirus (1).exe
2013-11-18 01:50 - 2013-11-18 01:50 - 02296952 _____ C:\Users\USER\Downloads\avira_free_antivirus.exe
2013-11-15 01:09 - 2013-07-03 19:00 - 00002385 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-14 21:30 - 2012-10-08 20:25 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1424421345-115930411-479481771-1000Core.job
2013-11-14 15:54 - 2013-11-14 14:24 - 00000000 ____D C:\Users\USER\Desktop\crack attuale
2013-11-14 15:48 - 2012-11-28 15:58 - 00000000 ____D C:\Program Files\Electronic Arts
2013-11-14 15:48 - 2010-06-02 10:16 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-11-14 14:51 - 2013-11-12 23:48 - 00000000 ____D C:\Users\USER\Downloads\The Sims 3 Late Night [MULTI10][PCDVD][WwW.GamesTorrents.CoM]
2013-11-14 14:06 - 2010-08-31 01:16 - 00000000 ____D C:\Users\USER\AppData\Roaming\uTorrent
2013-11-14 06:45 - 2013-11-14 06:44 - 00000000 ____D C:\Users\USER\Desktop\crack adesso
2013-11-14 06:09 - 2013-11-13 00:47 - 00000000 ____D C:\Users\USER\Downloads\The Sims 3 Into The Future [MULTI20][PCDVD][EXPANSION][FLT][WwW.GamesTorrents.CoM]
2013-11-14 06:01 - 2013-11-14 02:28 - 00000000 ____D C:\Users\USER\Desktop\crack
2013-11-14 06:00 - 2013-11-14 06:00 - 00000000 ____D C:\Users\USER\Desktop\crack season
2013-11-14 05:38 - 2013-11-14 05:36 - 1936850944 _____ C:\Users\USER\Desktop\Sims3EP10.iso
2013-11-14 05:24 - 2013-11-14 05:23 - 00000000 _____ C:\end
2013-11-14 05:13 - 2013-11-14 05:13 - 00000000 ____D C:\Users\USER\AppData\Roaming\NeroDigital(TM)
2013-11-14 03:31 - 2009-07-14 05:33 - 02368912 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-14 03:08 - 2010-06-02 09:49 - 00117248 _____ C:\Users\USER\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-13 03:00 - 2013-09-30 23:52 - 00000000 ____D C:\Users\USER\Downloads\Abiti
2013-11-13 02:58 - 2013-04-04 21:52 - 00000000 ____D C:\Users\USER\Desktop\do wyrobienia
2013-11-13 02:25 - 2013-01-18 00:31 - 00000000 ____D C:\Users\USER\Downloads\Musica scaricata
2013-11-13 02:24 - 2013-11-13 02:23 - 00000000 ____D C:\Users\USER\Downloads\Foto scaricate
2013-11-13 00:53 - 2010-11-05 22:39 - 00000000 ____D C:\Program Files\Dziobas Rar Player
2013-11-11 01:58 - 2013-10-28 02:05 - 00000000 ____D C:\Users\USER\Downloads\Musica 2
2013-11-10 19:43 - 2013-08-28 21:10 - 00000000 ____D C:\ProgramData\eSafe
2013-11-01 01:53 - 2013-08-19 00:57 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-10-31 02:30 - 2011-01-08 23:00 - 00000000 ____D C:\Users\USER\Desktop\.picasaoriginals
2013-10-29 17:59 - 2010-06-09 10:47 - 00000000 ____D C:\Users\USER\Desktop\EWA
2013-10-29 14:23 - 2012-01-29 18:35 - 00000000 ____D C:\Users\USER\AppData\Roaming\DAEMON Tools Lite
2013-10-29 14:16 - 2013-10-29 14:16 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
2013-10-28 18:14 - 2009-07-14 05:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-27 21:02 - 2012-07-21 12:30 - 00000000 ___HD C:\Users\USER\Downloads\.picasaoriginals
2013-10-27 21:02 - 2012-04-24 14:30 - 00001330 ____H C:\Users\USER\Downloads\.picasa.ini

Some content of TEMP:
====================
C:\Users\USER\AppData\Local\Temp\ICReinstall_ccleaner.exe
C:\Users\USER\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-12 05:01

==================== End Of Log ============================