Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-01-2014 02
Ran by ms_user (ATTENTION: The logged in user is not administrator) on USER-PC on 15-01-2014 09:32:23
Running from C:\Users\ms_user\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Polish
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\ASUS\ATK Media\DMedia.exe
() C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
(Microsoft Corporation) C:\Program Files\EMET 4.0\EMET_Agent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HControlUser] - C:\Program Files\ATK Hotkey\HcontrolUser.exe [98304 2008-01-12] ()
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ATKOSD2\ATKOSD2.exe [7766016 2008-01-24] ()
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SMSERIAL] - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [1466368 2009-03-13] (Motorola Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-12-07] (Synaptics, Inc.)
HKLM\...\Run: [ATKMEDIA] - C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [61440 2008-02-01] ()
HKLM\...\Run: [SpyShelter] - C:\Program Files\SpyShelter Personal Free\SpyShelter.exe [4174176 2013-12-24] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [HTC Sync Loader] - C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [651264 2012-04-17] ()
HKLM\...\Run: [] - [x]
HKLM\...\Run: [SearchSettings] - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [1297728 2013-02-23] (Spigot, Inc.)
HKLM\...\Run: [EMET Agent] - C:\Program Files\EMET 4.0\EMET_agent.exe [78496 2013-06-14] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-08] (AVAST Software)
HKLM\...\Run: [Smart File Advisor] - C:\Program Files\Smart File Advisor\sfa.exe [283712 2013-10-30] (Filefacts.net)
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [217088 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [AlcoholAutomount] - C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKCU\...\Run: [PeerBlock] - C:\Program Files\PeerBlock\peerblock.exe [1866864 2010-11-06] (PeerBlock, LLC)
HKCU\...\Run: [ABBYY Screenshot Reader Retail] - [x]
Startup: C:\Users\ms_user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\peerblock.lnk
ShortcutTarget: peerblock.lnk -> C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=OIE9MSE&PC=UP09
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9MSE&PC=UP09
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
URLSearchHook: HKCU - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll (Spigot, Inc.)
SearchScopes: HKCU - DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=668083&p={searchTerms}
SearchScopes: HKCU - {38478907-5877-4451-A976-63C0699B6F96} URL = http://websearch.ask.com/redirect?client=ie&tb=NDV&o=15765&src=kw&q={searchTerms}&locale=&apn_ptnrs=NY&apn_dtid=YYYYYYYYPL&apn_uid=901E04A5-A641-42B4-BC98-DBDC7C618A3E&apn_sauid=02593E28-F8EA-403D-8279-748118552CF1
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=668083&p={searchTerms}
BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll (Spigot, Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll (Spigot, Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab

FireFox:
========
FF ProfilePath: C:\Users\ms_user\AppData\Roaming\Mozilla\Firefox\Profiles\dqm3qlcd.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @IObit.com/np_Asc_Plugin - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll (IObit)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandasecurity.com/activescan - C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF Plugin: @videolan.org/vlc,version=1.1.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\ms_user\AppData\Roaming\Mozilla\Firefox\Profiles\dqm3qlcd.default\Extensions\ascsurfingprotection@iobit.com [2013-03-12]
FF Extension: Flagfox - C:\Users\ms_user\AppData\Roaming\Mozilla\Firefox\Profiles\dqm3qlcd.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2013-12-15]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\ms_user\AppData\Roaming\Mozilla\Firefox\Profiles\dqm3qlcd.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-28]
FF Extension: WOT - C:\Users\ms_user\AppData\Roaming\Mozilla\Firefox\Profiles\dqm3qlcd.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-29]
FF Extension: DownloadHelper - C:\Users\ms_user\AppData\Roaming\Mozilla\Firefox\Profiles\dqm3qlcd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-11-13]
FF Extension: Ghostery - C:\Users\ms_user\AppData\Roaming\Mozilla\Firefox\Profiles\dqm3qlcd.default\Extensions\firefox@ghostery.com.xpi [2013-08-20]
FF Extension: TrackMeNot - C:\Users\ms_user\AppData\Roaming\Mozilla\Firefox\Profiles\dqm3qlcd.default\Extensions\trackmenot@mrl.nyu.edu.xpi [2011-08-07]
FF Extension: NoScript - C:\Users\ms_user\AppData\Roaming\Mozilla\Firefox\Profiles\dqm3qlcd.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-05-22]
FF Extension: Adblock Plus - C:\Users\ms_user\AppData\Roaming\Mozilla\Firefox\Profiles\dqm3qlcd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-14]
FF Extension: BetterPrivacy - C:\Users\ms_user\AppData\Roaming\Mozilla\Firefox\Profiles\dqm3qlcd.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2011-08-07]
FF HKLM\...\Firefox\Extensions: [{09F060FA-566D-42D7-BF79-97AB30863433}] - C:\Program Files\Steganos Privacy Suite 2012\pfplugin
FF HKLM\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files\Steganos Privacy Suite 2012\spmplugin3
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-22]

========================== Services (Whitelisted) =================

R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [528192 2013-02-25] (IObit)
R2 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [805752 2013-02-23] (Spigot, Inc.)
R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-10-03] ()
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-08] (AVAST Software)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 Backupper Service; C:\Program Files\AOMEI Backupper\ABService.exe [29912 2013-08-26] (AOMEI Tech Co., Ltd.)
S2 BootlogService; C:\Program Files\Greatis\BootLog XP\BootLogService.exe [65248 2009-12-04] (Greatis Software (c))
S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.)
R2 iphlpsvc; C:\Windows\System32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 MSSQL$PLATNIK2005; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$RESET2; C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] ()
R2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)

==================== Drivers (Whitelisted) ====================

R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [26424 2013-05-07] ()
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [129720 2013-05-07] ()
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [14392 2013-02-06] ()
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-09] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-01-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-12-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2014-01-09] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-01-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-09] ()
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146824 2007-06-17] (AuthenTec, Inc.)
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [163616 2013-12-30] (Digiarty Software, Inc.)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [20936 2007-08-03] ()
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2005-02-11] (MCCI)
S3 k750mdfl; C:\Windows\System32\DRIVERS\k750mdfl.sys [6576 2005-07-07] (MCCI)
S3 k750mdm; C:\Windows\System32\DRIVERS\k750mdm.sys [89872 2005-07-07] (MCCI)
S3 k750mgmt; C:\Windows\System32\DRIVERS\k750mgmt.sys [81728 2005-07-07] (MCCI)
S3 k750obex; C:\Windows\System32\DRIVERS\k750obex.sys [79488 2005-07-07] (MCCI)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [5632 2007-01-25] ( )
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
R0 nhcDriverDevice; C:\Windows\System32\drivers\nhcDriver.sys [71680 2011-10-12] (Notebook Hardware Control)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [20080 2010-11-06] ()
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [15576 2013-07-01] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10200 2013-07-01] ()
R1 SBRE; C:\Windows\system32\drivers\SBREdrv.sys [101112 2012-05-25] (GFI Software)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [15672 2010-11-26] ()
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1769984 2007-10-01] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2013-12-26] (Duplex Secure Ltd.)
R1 Spyshelter; C:\Program Files\SpyShelter Personal Free\SpyShelter.sys [363872 2013-12-24] (SpyShelter)
R3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2010-03-11] (TeamViewer GmbH)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [81232 2013-02-18] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IM.sys [452816 2013-02-18] (Paragon)
R1 Uim_Vim; C:\Windows\System32\Drivers\Uim_Vim.sys [283600 2013-02-18] (Paragon)
U3 au59gs1y; No ImagePath
U3 aylj1qal; No ImagePath
S3 cleanhlp; \??\C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
U4 vsserv; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-15 09:32 - 2014-01-15 09:32 - 00014830 _____ C:\Users\ms_user\Downloads\FRST.txt
2014-01-15 09:31 - 2014-01-15 09:31 - 00000000 ____D C:\FRST
2014-01-15 09:30 - 2014-01-15 09:31 - 00082744 _____ C:\Users\ms_user\Downloads\Extras.Txt
2014-01-15 09:28 - 2014-01-15 09:31 - 00110212 _____ C:\Users\ms_user\Downloads\OTL.Txt
2014-01-14 19:24 - 2014-01-14 19:24 - 460103296 _____ C:\Windows\MEMORY.DMP
2014-01-14 19:24 - 2014-01-14 19:24 - 00000000 ____D C:\Windows\Minidump
2014-01-14 00:27 - 2014-01-14 00:27 - 00602112 _____ (OldTimer Tools) C:\Users\ms_user\Downloads\OTL.exe
2014-01-14 00:16 - 2014-01-14 00:16 - 01219584 _____ (Farbar) C:\Users\ms_user\Downloads\FRST.exe
2014-01-14 00:13 - 2014-01-14 00:13 - 00377856 _____ C:\Users\ms_user\Downloads\9gqpi5s5.exe
2014-01-13 20:29 - 2014-01-13 20:35 - 00000000 ____D C:\ProgramData\boost_interprocess
2014-01-13 20:25 - 2014-01-13 20:26 - 03928632 _____ (PortableApps.com) C:\Users\ms_user\Downloads\Toucan_3.1.0.paf.exe
2014-01-13 20:14 - 2014-01-13 20:15 - 03307552 _____ (PortableApps.com) C:\Users\ms_user\Downloads\PortableApps.com_Platform_Setup_11.2.exe
2014-01-13 20:05 - 2014-01-13 20:06 - 19709440 _____ (Luis Cobian, CobianSoft) C:\Users\ms_user\Downloads\cbSetup.exe
2014-01-13 19:15 - 2014-01-13 19:17 - 13150720 _____ C:\Users\ms_user\Downloads\PuzzleDemo.msi
2014-01-11 13:41 - 2014-01-11 13:47 - 00000000 ____D C:\Users\user\AppData\Roaming\Free Download Manager
2014-01-11 11:21 - 2014-01-11 11:22 - 11502328 _____ (IPS Przedsiębiorstwo Informatyczne                          ) C:\Users\Public\pity2013ngsetup.exe
2014-01-09 20:12 - 2014-01-09 20:12 - 00000000 ____D C:\Users\user\AppData\Roaming\AVAST Software
2014-01-09 19:38 - 2014-01-13 23:39 - 00023218 _____ C:\Windows\PFRO.log
2014-01-09 19:36 - 2014-01-09 19:36 - 00000000 _____ C:\asc_rdflag
2014-01-03 22:03 - 2014-01-03 22:03 - 00000962 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-01-03 21:33 - 2014-01-03 23:39 - 00000000 ____D C:\Users\ms_user\AppData\Roaming\Free Download Manager
2014-01-03 21:32 - 2014-01-03 21:32 - 00000000 ____D C:\Program Files\Free Download Manager
2013-12-26 15:20 - 2013-12-26 15:20 - 00000973 _____ C:\Users\Public\Desktop\Alcohol 52%.lnk
2013-12-26 15:20 - 2013-12-26 15:20 - 00000000 ____D C:\Program Files\Smart File Advisor
2013-12-19 21:20 - 2013-12-19 21:20 - 00000000 ____D C:\Users\ms_user\AppData\Roaming\PC Suite
2013-12-17 22:25 - 2013-12-17 22:32 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-12-16 22:38 - 2013-12-16 22:38 - 00000000 ____D C:\Program Files\ConvertHelper

==================== One Month Modified Files and Folders =======

2014-01-15 09:32 - 2014-01-15 09:32 - 00014830 _____ C:\Users\ms_user\Downloads\FRST.txt
2014-01-15 09:31 - 2014-01-15 09:31 - 00000000 ____D C:\FRST
2014-01-15 09:31 - 2014-01-15 09:30 - 00082744 _____ C:\Users\ms_user\Downloads\Extras.Txt
2014-01-15 09:31 - 2014-01-15 09:28 - 00110212 _____ C:\Users\ms_user\Downloads\OTL.Txt
2014-01-15 09:31 - 2010-04-13 19:39 - 00000466 ____H C:\Windows\Tasks\User_Feed_Synchronization-{F6279DFE-9E54-4CB6-9D88-A5A06F83DA6F}.job
2014-01-15 09:12 - 2013-01-25 18:41 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-15 09:10 - 2012-09-15 07:55 - 01132311 _____ C:\Windows\WindowsUpdate.log
2014-01-15 09:08 - 2011-12-27 22:22 - 00000000 ____D C:\Users\ms_user\AppData\Local\Htc
2014-01-15 09:06 - 2013-11-05 21:24 - 00000000 ____D C:\ProgramData\AomeiBR
2014-01-15 09:06 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-15 09:06 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-15 09:06 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-14 19:24 - 2014-01-14 19:24 - 460103296 _____ C:\Windows\MEMORY.DMP
2014-01-14 19:24 - 2014-01-14 19:24 - 00000000 ____D C:\Windows\Minidump
2014-01-14 00:35 - 2012-03-17 19:32 - 00000000 ____D C:\Users\ms_user\AppData\Local\CrashDumps
2014-01-14 00:32 - 2012-04-19 07:00 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps
2014-01-14 00:27 - 2014-01-14 00:27 - 00602112 _____ (OldTimer Tools) C:\Users\ms_user\Downloads\OTL.exe
2014-01-14 00:16 - 2014-01-14 00:16 - 01219584 _____ (Farbar) C:\Users\ms_user\Downloads\FRST.exe
2014-01-14 00:13 - 2014-01-14 00:13 - 00377856 _____ C:\Users\ms_user\Downloads\9gqpi5s5.exe
2014-01-13 23:47 - 2008-04-18 01:01 - 02802842 _____ C:\Windows\system32\perfh015.dat
2014-01-13 23:47 - 2008-04-18 01:01 - 00907430 _____ C:\Windows\system32\perfc015.dat
2014-01-13 23:47 - 2006-11-02 11:33 - 00007218 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-13 23:39 - 2014-01-09 19:38 - 00023218 _____ C:\Windows\PFRO.log
2014-01-13 23:39 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\ShellNew
2014-01-13 23:38 - 2010-02-23 10:24 - 00000012 _____ C:\Windows\bthservsdp.dat
2014-01-13 23:38 - 2006-11-02 14:01 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-13 20:35 - 2014-01-13 20:29 - 00000000 ____D C:\ProgramData\boost_interprocess
2014-01-13 20:26 - 2014-01-13 20:25 - 03928632 _____ (PortableApps.com) C:\Users\ms_user\Downloads\Toucan_3.1.0.paf.exe
2014-01-13 20:15 - 2014-01-13 20:14 - 03307552 _____ (PortableApps.com) C:\Users\ms_user\Downloads\PortableApps.com_Platform_Setup_11.2.exe
2014-01-13 20:06 - 2014-01-13 20:05 - 19709440 _____ (Luis Cobian, CobianSoft) C:\Users\ms_user\Downloads\cbSetup.exe
2014-01-13 19:17 - 2014-01-13 19:15 - 13150720 _____ C:\Users\ms_user\Downloads\PuzzleDemo.msi
2014-01-12 20:38 - 2012-02-01 19:33 - 00000000 ____D C:\Program Files\PeerBlock
2014-01-12 14:05 - 2011-12-12 22:19 - 00000000 ____D C:\Users\ms_user\.smplayer
2014-01-11 20:06 - 2011-04-17 12:36 - 00000000 ____D C:\Users\ms_user\.VirtualBox
2014-01-11 14:18 - 2010-04-15 21:49 - 00138752 _____ C:\Users\ms_user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-11 14:17 - 2013-11-05 21:21 - 00000000 ____D C:\Program Files\AOMEI Backupper
2014-01-11 14:16 - 2013-11-05 21:24 - 00001024 ____H C:\SYSTAG.BIN
2014-01-11 13:47 - 2014-01-11 13:41 - 00000000 ____D C:\Users\user\AppData\Roaming\Free Download Manager
2014-01-11 13:20 - 2012-02-21 18:53 - 00000000 ____D C:\Users\user\AppData\Local\Htc
2014-01-11 13:20 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Public
2014-01-11 11:22 - 2014-01-11 11:21 - 11502328 _____ (IPS Przedsiębiorstwo Informatyczne                          ) C:\Users\Public\pity2013ngsetup.exe
2014-01-09 20:12 - 2014-01-09 20:12 - 00000000 ____D C:\Users\user\AppData\Roaming\AVAST Software
2014-01-09 20:12 - 2010-02-23 10:20 - 00067144 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-09 19:39 - 2006-11-02 13:47 - 00305120 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-09 19:36 - 2014-01-09 19:36 - 00000000 _____ C:\asc_rdflag
2014-01-09 19:36 - 2011-11-27 20:19 - 00000000 ____D C:\Users\Gościuwa
2014-01-09 19:36 - 2010-11-09 11:34 - 00000000 ____D C:\Users\openpgsvc
2014-01-09 18:21 - 2013-09-22 20:07 - 00001880 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-09 18:20 - 2013-09-22 20:07 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-09 18:20 - 2013-09-22 20:07 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-09 18:20 - 2013-09-22 20:07 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-09 18:20 - 2013-09-22 20:07 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-01-09 18:20 - 2013-09-22 20:07 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-01-09 18:20 - 2013-09-22 20:06 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-09 18:20 - 2013-09-22 20:06 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-09 18:20 - 2013-09-22 20:06 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-08 19:47 - 2010-04-19 20:10 - 00007052 _____ C:\Users\ms_user\AppData\Local\d3d9caps.dat
2014-01-05 17:37 - 2010-04-12 22:08 - 00067144 _____ C:\Users\ms_user\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 23:39 - 2014-01-03 21:33 - 00000000 ____D C:\Users\ms_user\AppData\Roaming\Free Download Manager
2014-01-03 22:03 - 2014-01-03 22:03 - 00000962 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-01-03 22:03 - 2010-06-24 21:03 - 00000000 ____D C:\Program Files\TeamViewer
2014-01-03 21:32 - 2014-01-03 21:32 - 00000000 ____D C:\Program Files\Free Download Manager
2014-01-03 20:54 - 2012-10-14 08:22 - 00000622 _____ C:\Windows\Tasks\Scheduled scanning task.job
2013-12-30 19:28 - 2012-04-19 06:18 - 00000000 ____D C:\Users\user\AppData\Roaming\dvdcss
2013-12-30 19:26 - 2011-12-27 23:04 - 00163616 _____ (Digiarty Software, Inc.) C:\Windows\system32\Drivers\DigiartyVirtualCDBus.sys
2013-12-26 15:23 - 2010-02-23 10:20 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2013-12-26 15:20 - 2013-12-26 15:20 - 00000973 _____ C:\Users\Public\Desktop\Alcohol 52%.lnk
2013-12-26 15:20 - 2013-12-26 15:20 - 00000000 ____D C:\Program Files\Smart File Advisor
2013-12-26 15:19 - 2010-06-07 06:38 - 00000000 ____D C:\Program Files\Alcohol Soft
2013-12-26 15:17 - 2013-07-10 20:33 - 00000933 _____ C:\Users\Public\Desktop\SpyShelter Personal Free.lnk
2013-12-26 15:17 - 2012-02-18 08:08 - 00000000 ____D C:\Program Files\SpyShelter Personal Free
2013-12-26 15:12 - 2012-09-14 21:43 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-26 14:36 - 2010-06-07 06:24 - 00320120 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2013-12-26 13:29 - 2013-09-21 14:45 - 00001657 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2013-12-19 21:20 - 2013-12-19 21:20 - 00000000 ____D C:\Users\ms_user\AppData\Roaming\PC Suite
2013-12-17 22:32 - 2013-12-17 22:25 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-12-16 22:38 - 2013-12-16 22:38 - 00000000 ____D C:\Program Files\ConvertHelper
2013-12-16 18:58 - 2011-03-12 11:59 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR

Files to move or delete:
====================
C:\Users\user\AppData\Roaming\options.ini
C:\Users\user\AppData\Roaming\options_pdfcombine.ini
C:\Users\user\AppData\Roaming\options_pdfrotator.ini
C:\Users\user\AppData\Roaming\setup.ini
C:\Users\user\AppData\Roaming\setup_pdfcombine.ini
C:\Users\user\AppData\Roaming\setup_pdfrotator.ini
C:\Users\Public\pity2013ngsetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================