Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-04-2014
Ran by johny (administrator) on JOHNY-16841E98D on 20-04-2014 15:26:42
Running from C:\Documents and Settings\johny\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 6
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Agere Systems) C:\WINDOWS\AGRSMMSG.exe
(ELANTECH Devices Corp.) C:\Program Files\Elantech\ktp.exe
() C:\WINDOWS\system32\tsnp2std.exe
(Sonix) C:\WINDOWS\vsnp2std.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(GG Network S.A.) C:\Documents and Settings\johny\Local Settings\Application Data\GG\Application\gghub.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
(GG Network S.A.) C:\Documents and Settings\johny\Local Settings\Application Data\GG\Application\ggapp.exe
(GG Network S.A.) C:\Documents and Settings\johny\Local Settings\Application Data\GG\Application\ggdrive\ggdrive.exe
(GG Network S.A.) C:\Documents and Settings\johny\Local Settings\Application Data\GG\Application\xulrunner\gghub.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] => C:\WINDOWS\system32\NvCpl.dll [7405568 2006-02-08] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16143872 2006-04-17] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2005-08-25] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AGRSMMSG] => C:\WINDOWS\AGRSMMSG.exe [88204 2005-12-12] (Agere Systems)
HKLM\...\Run: [KTPWare] => C:\Program Files\Elantech\ktp.exe [512000 2006-03-28] (ELANTECH Devices Corp.)
HKLM\...\Run: [tsnp2std] => C:\WINDOWS\system32\tsnp2std.exe [331776 2006-06-14] ()
HKLM\...\Run: [snp2std] => C:\WINDOWS\vsnp2std.exe [675840 2006-05-15] (Sonix)
HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [667718 2006-04-14] (Intel Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [602182 2006-04-14] (Intel Corporation)
HKLM\...\Run: [EOUApp] => C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [569413 2006-04-14] (Intel Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-10-14] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2007-08-22] (Hewlett-Packard)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Run: [SpyHunter Security Suite] => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe [6320000 2014-04-13] (Enigma Software Group USA, LLC.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-789336058-113007714-725345543-1004\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20724384 2014-01-14] (Skype Technologies S.A.)
HKU\S-1-5-21-789336058-113007714-725345543-1004\...\Run: [GG] => C:\Documents and Settings\johny\Local Settings\Application Data\GG\Application\gghub.exe [4023360 2014-04-13] (GG Network S.A.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope value is missing.
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.6.6 192.168.1.1

FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

========================== Services (Whitelisted) =================

R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745 2006-04-14] (Intel Corporation )
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [769920 2013-01-14] (Enigma Software Group USA, LLC.)

==================== Drivers (Whitelisted) ====================

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21275 2014-02-01] (Meetinghouse Data Communications)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-04] (Microsoft Corporation)
R3 EMSCR; C:\WINDOWS\System32\DRIVERS\EMS7SK.sys [61056 2006-03-23] (ENE Technology Inc.)
R3 ESDCR; C:\WINDOWS\System32\DRIVERS\ESD7SK.sys [37888 2006-03-23] (ENE Technology Inc.)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13904 2011-05-06] ()
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
R3 Ktp; C:\WINDOWS\System32\DRIVERS\Ktp.sys [27904 2006-03-17] (ELANTECH Devices Corp.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-04] (Microsoft Corporation)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [13568 2006-04-14] (Intel Corporation)
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2004-08-04] ()
R3 SNP2STD; C:\WINDOWS\System32\DRIVERS\snp2sxp.sys [10304384 2006-05-23] ()
R3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1429632 2006-04-04] (Intel® Corporation)
S4 IntelIde; No ImagePath
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-20 15:26 - 2014-04-20 15:26 - 00000000 ____D () C:\FRST
2014-04-15 20:58 - 2014-04-15 20:58 - 00000000 ____D () C:\Documents and Settings\johny\Start Menu\Programs\Google Chrome
2014-04-13 22:58 - 2014-04-13 22:59 - 00000000 ____D () C:\AdwCleaner
2014-04-13 22:12 - 2014-04-13 22:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\GG
2014-04-13 22:10 - 2014-04-13 22:10 - 00000923 _____ () C:\WINDOWS\spupdsvc.log
2014-04-13 22:06 - 2014-04-13 22:07 - 00000000 ____D () C:\WINDOWS\46B04D534E344388B6EE80FAB66AEF9B.TMP
2014-04-13 22:06 - 2014-04-13 22:07 - 00000000 ____D () C:\sh4ldr
2014-04-13 22:06 - 2014-04-13 22:06 - 00001973 _____ () C:\Documents and Settings\johny\Desktop\SpyHunter.lnk
2014-04-13 22:06 - 2014-04-13 22:06 - 00000000 ____D () C:\Documents and Settings\johny\Start Menu\Programs\SpyHunter
2014-04-13 22:05 - 2014-04-13 22:07 - 00000000 ____D () C:\Documents and Settings\johny\Desktop\SpyHunter 4.12.13.4202
2014-04-13 22:05 - 2014-04-13 22:05 - 00000000 ____D () C:\Documents and Settings\johny\Application Data\WinRAR
2014-04-13 22:04 - 2014-04-13 22:04 - 00000000 ____D () C:\Program Files\WinRAR
2014-04-13 22:04 - 2014-04-13 22:04 - 00000000 ____D () C:\Documents and Settings\johny\Start Menu\Programs\WinRAR
2014-04-13 22:04 - 2014-04-13 22:04 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
2014-04-13 21:56 - 2004-08-04 14:00 - 00000734 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20140413-215611.backup
2014-04-13 21:51 - 2014-04-20 15:13 - 00000644 _____ () C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-04-13 21:51 - 2014-04-20 15:12 - 00065536 _____ () C:\WINDOWS\system32\config\SpybotSD.evt
2014-04-13 21:51 - 2014-04-13 21:51 - 00001842 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-04-13 21:51 - 2014-04-13 21:51 - 00001836 _____ () C:\Documents and Settings\All Users\Desktop\Spybot-S&D Start Center.lnk
2014-04-13 21:51 - 2014-04-13 21:51 - 00000616 _____ () C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-04-13 21:51 - 2014-04-13 21:51 - 00000446 _____ () C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-04-13 21:51 - 2014-04-13 21:51 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy 2
2014-04-13 21:50 - 2014-04-13 21:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2014-04-13 21:50 - 2014-04-13 21:51 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-04-13 21:50 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean.exe
2014-04-13 21:44 - 2014-04-13 21:45 - 00000970 _____ () C:\WINDOWS\MSCompPackV1Uninst.log
2014-04-13 21:35 - 2014-04-13 21:35 - 00012328 _____ () C:\Documents and Settings\johny\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-04-13 21:34 - 2014-04-13 22:06 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-04-13 21:34 - 2014-04-13 22:04 - 00000000 ____D () C:\WINDOWS\455F074C814E4520B69B5584BD90400C.TMP
2014-04-13 21:34 - 2014-04-13 21:34 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-11 19:06 - 2014-04-11 19:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
2014-04-11 19:06 - 2013-08-02 19:29 - 00217176 _____ () C:\WINDOWS\system32\unrar.dll
2014-04-11 19:05 - 2014-04-11 19:06 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack
2014-04-11 19:00 - 2014-04-11 19:00 - 00001044 _____ () C:\WINDOWS\updspapi.log
2014-04-11 18:59 - 2014-04-11 19:00 - 00009266 _____ () C:\WINDOWS\KB926239.log
2014-04-11 18:59 - 2014-04-11 18:59 - 00019672 _____ () C:\WINDOWS\wmp11.log
2014-04-11 18:59 - 2014-04-11 18:59 - 00006758 _____ () C:\WINDOWS\MSCompPackV1.log
2014-04-11 18:59 - 2014-04-11 18:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallwmp11$
2014-04-11 18:59 - 2014-04-11 18:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallMSCompPackV1$
2014-04-11 18:59 - 2014-04-11 18:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB926239$
2014-04-11 18:59 - 2014-04-11 18:59 - 00000000 ____D () C:\Program Files\Windows Media Connect 2
2014-04-11 18:59 - 2006-09-25 17:58 - 00014640 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg.dll
2014-04-11 18:58 - 2014-04-11 18:59 - 00029942 _____ () C:\WINDOWS\WMFDist11.log
2014-04-11 18:58 - 2014-04-11 18:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWudf01000$
2014-04-11 18:58 - 2014-04-11 18:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWMFDist11$
2014-04-11 18:58 - 2014-04-11 18:58 - 00000000 ____D () C:\WINDOWS\system32\LogFiles
2014-04-11 18:57 - 2014-04-11 18:58 - 00011013 _____ () C:\WINDOWS\Wudf01000Inst.log
2014-04-11 18:55 - 2014-04-11 18:55 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-04-11 18:21 - 2014-04-18 16:42 - 00000000 ____D () C:\Documents and Settings\johny\Desktop\foto

==================== One Month Modified Files and Folders =======

2014-04-20 15:26 - 2014-04-20 15:26 - 00000000 ____D () C:\FRST
2014-04-20 15:19 - 2014-02-01 22:33 - 00296620 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-20 15:15 - 2014-02-01 22:58 - 00000884 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-20 15:14 - 2014-02-01 23:28 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-04-20 15:14 - 2014-02-01 23:19 - 00000000 ____D () C:\Documents and Settings\johny\Application Data\GG
2014-04-20 15:14 - 2014-02-01 22:44 - 00045378 _____ () C:\WINDOWS\system32\nvapps.xml
2014-04-20 15:13 - 2014-04-13 21:51 - 00000644 _____ () C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-04-20 15:13 - 2014-02-01 23:28 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-04-20 15:13 - 2014-02-01 22:58 - 00000880 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-20 15:13 - 2014-02-01 22:38 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-20 15:12 - 2014-04-13 21:51 - 00065536 _____ () C:\WINDOWS\system32\config\SpybotSD.evt
2014-04-20 15:12 - 2014-02-01 22:39 - 00000178 ___SH () C:\Documents and Settings\johny\ntuser.ini
2014-04-20 15:12 - 2014-02-01 22:39 - 00000000 ____D () C:\Documents and Settings\johny
2014-04-20 15:12 - 2014-02-01 22:38 - 00032640 _____ () C:\WINDOWS\SchedLgU.Txt
2014-04-19 23:00 - 2004-08-04 14:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-04-18 16:42 - 2014-04-11 18:21 - 00000000 ____D () C:\Documents and Settings\johny\Desktop\foto
2014-04-15 20:58 - 2014-04-15 20:58 - 00000000 ____D () C:\Documents and Settings\johny\Start Menu\Programs\Google Chrome
2014-04-13 23:06 - 2014-03-01 17:56 - 00000000 ____D () C:\Program Files\ePub Reader for Windows
2014-04-13 22:59 - 2014-04-13 22:58 - 00000000 ____D () C:\AdwCleaner
2014-04-13 22:13 - 2014-02-01 23:19 - 00000000 ____D () C:\Documents and Settings\johny\Local Settings\Application Data\GG
2014-04-13 22:12 - 2014-04-13 22:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\GG
2014-04-13 22:10 - 2014-04-13 22:10 - 00000923 _____ () C:\WINDOWS\spupdsvc.log
2014-04-13 22:07 - 2014-04-13 22:06 - 00000000 ____D () C:\WINDOWS\46B04D534E344388B6EE80FAB66AEF9B.TMP
2014-04-13 22:07 - 2014-04-13 22:06 - 00000000 ____D () C:\sh4ldr
2014-04-13 22:07 - 2014-04-13 22:05 - 00000000 ____D () C:\Documents and Settings\johny\Desktop\SpyHunter 4.12.13.4202
2014-04-13 22:07 - 2014-02-01 23:24 - 00538832 _____ () C:\WINDOWS\setupapi.log
2014-04-13 22:06 - 2014-04-13 22:06 - 00001973 _____ () C:\Documents and Settings\johny\Desktop\SpyHunter.lnk
2014-04-13 22:06 - 2014-04-13 22:06 - 00000000 ____D () C:\Documents and Settings\johny\Start Menu\Programs\SpyHunter
2014-04-13 22:06 - 2014-04-13 21:34 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-04-13 22:05 - 2014-04-13 22:05 - 00000000 ____D () C:\Documents and Settings\johny\Application Data\WinRAR
2014-04-13 22:04 - 2014-04-13 22:04 - 00000000 ____D () C:\Program Files\WinRAR
2014-04-13 22:04 - 2014-04-13 22:04 - 00000000 ____D () C:\Documents and Settings\johny\Start Menu\Programs\WinRAR
2014-04-13 22:04 - 2014-04-13 22:04 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
2014-04-13 22:04 - 2014-04-13 21:34 - 00000000 ____D () C:\WINDOWS\455F074C814E4520B69B5584BD90400C.TMP
2014-04-13 21:54 - 2014-04-13 21:50 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2014-04-13 21:51 - 2014-04-13 21:51 - 00001842 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-04-13 21:51 - 2014-04-13 21:51 - 00001836 _____ () C:\Documents and Settings\All Users\Desktop\Spybot-S&D Start Center.lnk
2014-04-13 21:51 - 2014-04-13 21:51 - 00000616 _____ () C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-04-13 21:51 - 2014-04-13 21:51 - 00000446 _____ () C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-04-13 21:51 - 2014-04-13 21:51 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy 2
2014-04-13 21:51 - 2014-04-13 21:50 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-04-13 21:45 - 2014-04-13 21:44 - 00000970 _____ () C:\WINDOWS\MSCompPackV1Uninst.log
2014-04-13 21:45 - 2014-02-01 23:25 - 00029990 _____ () C:\WINDOWS\comsetup.log
2014-04-13 21:45 - 2014-02-01 23:25 - 00024839 _____ () C:\WINDOWS\tsoc.log
2014-04-13 21:45 - 2014-02-01 23:25 - 00016425 _____ () C:\WINDOWS\ntdtcsetup.log
2014-04-13 21:45 - 2014-02-01 23:25 - 00007594 _____ () C:\WINDOWS\iis6.log
2014-04-13 21:45 - 2014-02-01 23:25 - 00003279 _____ () C:\WINDOWS\ocmsn.log
2014-04-13 21:45 - 2014-02-01 23:25 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-04-13 21:44 - 2014-02-01 23:25 - 00054815 _____ () C:\WINDOWS\FaxSetup.log
2014-04-13 21:44 - 2014-02-01 23:25 - 00035097 _____ () C:\WINDOWS\ocgen.log
2014-04-13 21:44 - 2014-02-01 23:25 - 00003034 _____ () C:\WINDOWS\msgsocm.log
2014-04-13 21:43 - 2014-02-01 22:39 - 00001599 _____ () C:\Documents and Settings\johny\Start Menu\Programs\Remote Assistance.lnk
2014-04-13 21:41 - 2014-02-01 22:35 - 00001607 _____ () C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2014-04-13 21:41 - 2014-02-01 22:35 - 00001599 _____ () C:\Documents and Settings\Default User\Start Menu\Programs\Remote Assistance.lnk
2014-04-13 21:41 - 2014-02-01 22:35 - 00001507 _____ () C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2014-04-13 21:35 - 2014-04-13 21:35 - 00012328 _____ () C:\Documents and Settings\johny\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-04-13 21:34 - 2014-04-13 21:34 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-12 15:51 - 2014-02-01 23:02 - 00000000 ____D () C:\Program Files\Yahoo!
2014-04-12 15:41 - 2014-02-01 23:05 - 00001819 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-04-12 15:41 - 2014-02-01 22:39 - 00000767 _____ () C:\Documents and Settings\johny\Start Menu\Programs\Internet Explorer.lnk
2014-04-11 19:06 - 2014-04-11 19:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
2014-04-11 19:06 - 2014-04-11 19:05 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack
2014-04-11 19:00 - 2014-04-11 19:00 - 00001044 _____ () C:\WINDOWS\updspapi.log
2014-04-11 19:00 - 2014-04-11 18:59 - 00009266 _____ () C:\WINDOWS\KB926239.log
2014-04-11 19:00 - 2014-02-01 23:25 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-04-11 19:00 - 2014-02-01 22:39 - 00000788 _____ () C:\Documents and Settings\johny\Start Menu\Programs\Windows Media Player.lnk
2014-04-11 19:00 - 2014-02-01 22:31 - 00018075 _____ () C:\WINDOWS\wmsetup.log
2014-04-11 18:59 - 2014-04-11 18:59 - 00019672 _____ () C:\WINDOWS\wmp11.log
2014-04-11 18:59 - 2014-04-11 18:59 - 00006758 _____ () C:\WINDOWS\MSCompPackV1.log
2014-04-11 18:59 - 2014-04-11 18:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallwmp11$
2014-04-11 18:59 - 2014-04-11 18:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallMSCompPackV1$
2014-04-11 18:59 - 2014-04-11 18:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB926239$
2014-04-11 18:59 - 2014-04-11 18:59 - 00000000 ____D () C:\Program Files\Windows Media Connect 2
2014-04-11 18:59 - 2014-04-11 18:58 - 00029942 _____ () C:\WINDOWS\WMFDist11.log
2014-04-11 18:59 - 2014-02-01 23:16 - 00000000 ____D () C:\WINDOWS\Help
2014-04-11 18:59 - 2014-02-01 22:34 - 00023392 _____ () C:\WINDOWS\system32\nscompat.tlb
2014-04-11 18:59 - 2014-02-01 22:34 - 00016832 _____ () C:\WINDOWS\system32\amcompat.tlb
2014-04-11 18:59 - 2014-02-01 22:34 - 00000000 __SHD () C:\Documents and Settings\All Users\DRM
2014-04-11 18:59 - 2004-08-04 14:00 - 00000507 _____ () C:\WINDOWS\win.ini
2014-04-11 18:58 - 2014-04-11 18:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWudf01000$
2014-04-11 18:58 - 2014-04-11 18:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWMFDist11$
2014-04-11 18:58 - 2014-04-11 18:58 - 00000000 ____D () C:\WINDOWS\system32\LogFiles
2014-04-11 18:58 - 2014-04-11 18:57 - 00011013 _____ () C:\WINDOWS\Wudf01000Inst.log
2014-04-11 18:55 - 2014-04-11 18:55 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-04-01 17:53 - 2014-02-01 23:25 - 00356120 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

Some content of TEMP:
====================
C:\Documents and Settings\johny\Local Settings\Temp\ggdrive-menu.exe
C:\Documents and Settings\johny\Local Settings\Temp\ggdrive-overlay.exe
C:\Documents and Settings\johny\Local Settings\Temp\installstats.exe
C:\Documents and Settings\johny\Local Settings\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe
[2004-08-04 14:00] - [2004-08-04 14:00] - 0108032 ____A (Microsoft Corporation) c6ce6eec82f187615d1002bb3bb50ed4 

C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================