Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-11-2013 02
Ran by Rafal3 (administrator) on RAFAŁ-KOMPUTER on 18-11-2013 17:45:15
Running from E:\pobranie
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Polish
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(IObit) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk) C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTDevSrv.exe
(http://libusb-win32.sourceforge.net) C:\Windows\system32\libusbd-nt.exe
( ) C:\Windows\system32\lxczcoms.exe
() D:\3d\mentalray\satellite\raysat_3dsmax9_32server.exe
() C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
() C:\Windows\system32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC207\Monitor.exe
() C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files\NapiProjekt\napisy.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Google Inc.) C:\Users\Rafał\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rafał\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rafał\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rafał\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rafał\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rafał\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rafał\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rafał\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rafał\AppData\Local\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\Safari\Safari.exe
(Google Inc.) C:\Users\Rafał\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rafał\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rafał\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rafał\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rafał\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rafał\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rafał\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [PAC207_Monitor] - C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [Monitor] - C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [BCSSync] - E:\office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2420248 2013-11-10] ()
HKLM\...\Run: [] - [x]
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [153672 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\winampa.exe [74752 2011-03-22] (Nullsoft, Inc.)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1618488 2013-10-31] (Bitdefender)
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2349392 2013-11-11] (LogMeIn Inc.)
HKCU\...\Run: [Spotify] - C:\Users\Rafal3\AppData\Roaming\Spotify\spotify.exe [4752384 2013-10-13] (Spotify Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Rafal3\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-13] (Spotify Ltd)
MountPoints2: {1fa9186b-4eff-11e1-a209-df239a9b3f79} - G:\Install.exe
HKU\Rafal1\...\Run: [RGSC] - E:\Grand theft auto IV\Rockstar Games Social Club\RGSCLauncher.exe [ 2008-11-14] (Take-Two Interactive Software, Inc.)
HKU\Rafal1\...\Run: [NTRedirect] - C:\Windows\system32\rundll32.exe "C:\Users\Rafal1\AppData\Roaming\BabSolution\Shared\EnhancedNT.dll",Run
HKU\Rafal1\...\Run: [pdiface] - C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe -noshow
HKU\TEMP\...\Run: [SpeedUpMyPC] - C:\Program Files\Uniblue\SpeedUpMyPC\Launcher.exe [ 2012-04-16] (Uniblue Systems Ltd)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.holasearch.com/?babsrc=HP_ss&mntrId=5ECAF8D1110B2F6E&affID=121962&tsp=5005
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM - (No Name) - {94817c02-feac-4aa8-99d8-1cb47bf4d4c0} -  No File
SearchScopes: HKLM - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzu0Fzz0DtCtCtCtD0BtB0FyC0EzzyC0EtAtN0D0Tzu0CtByBzytN1L2XzutBtFtBtFtDtFtAyEyE&cr=15099290
SearchScopes: HKLM - {21790C57-60EC-0E93-496B-5FD3E5EC7A3B} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={99B1B452-E00D-11E1-89B5-82236B3FAC94}
SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://search.appsarefun.info/?l=1&q={searchTerms}
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzu0Fzz0DtCtCtCtD0BtB0FyC0EzzyC0EtAtN0D0Tzu0CtByBzytN1L2XzutBtFtBtFtDtFtAyEyE&cr=15099290
SearchScopes: HKCU - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = 
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.holasearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=5ECAF8D1110B2F6E&affID=121962&tsp=5005
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = 
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.24.5\bh\delta.dll (Delta-search.com)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: WinToFlash Suggestor - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - No Name - {94817c02-feac-4aa8-99d8-1cb47bf4d4c0} -  No File
Toolbar: HKLM - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.24.5\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll (AVG Secure Search)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Rafal3\AppData\Roaming\Mozilla\Firefox\Profiles\35n3imfc.default
FF NewTab: hxxp://www.holasearch.com/?babsrc=NT_ss&mntrId=5ECAF8D1110B2F6E&affID=121962&tsp=5005
FF DefaultSearchEngine: Hola Search
FF SelectedSearchEngine: Hola Search
FF Homepage: \r\nhxxp://www.ceneo.pl/?utm_source=pcworld&utm_medium=cpi&utm_campaign=api\r\n
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll (AVG Technologies)
FF Plugin: @esn.me/esnsonar,version=0.70.4 - C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin: @esn/esnlaunch,version=1.110.0 - C:\Program Files\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin: @esn/esnlaunch,version=1.118.0 - C:\Program Files\Battlelog Web Plugins\1.118.0\npesnlaunch.dll No File
FF Plugin: @esn/esnlaunch,version=1.138.0 - C:\Program Files\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin: @esn/esnlaunch,version=2.1.2 - C:\Program Files\Battlelog Web Plugins\2.1.2\npesnlaunch.dll No File
FF Plugin: @esn/npbattlelog,version=2.3.1 - C:\Program Files\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - E:\office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - E:\office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @soe.sony.com/installer,version=1.0.3 - C:\Users\Rafał\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF SearchPlugin: C:\Users\Rafal3\AppData\Roaming\Mozilla\Firefox\Profiles\35n3imfc.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: SurF oand keep - C:\Users\Rafal3\AppData\Roaming\Mozilla\Firefox\Profiles\35n3imfc.default\Extensions\b.k@fqacgqkl.com
FF Extension: defaults - C:\Users\Rafal3\AppData\Roaming\Mozilla\Firefox\Profiles\35n3imfc.default\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.1.2.1
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\17.1.2.1
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext

Chrome: 
=======
CHR Extension: (Ask Toolbar) - C:\Users\Rafal3\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaakfopmidbfddimafofbdngbkidf\7.13.0.0_0
CHR Extension: (WinToFlash Suggestor) - C:\Users\Rafal3\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.5_0
CHR Extension: (Przelewy24) - C:\Users\Rafal3\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiicmmpkicnndkhlnnloilpgncbpkbjj\6.7_0
CHR Extension: (Google Docs) - C:\Users\Rafal3\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Rafal3\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Funmoods) - C:\Users\Rafal3\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.1.3_0
CHR Extension: (YouTube) - C:\Users\Rafal3\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Rafal3\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Claro Toolbar) - C:\Users\Rafal3\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl\1.4_0
CHR Extension: (Babylon Toolbar) - C:\Users\Rafal3\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.11_0
CHR Extension: (Delta Toolbar) - C:\Users\Rafal3\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.5.2_0
CHR Extension: (hola Toolbar) - C:\Users\Rafal3\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagpjgjmoaccgkkpjeoinehnoaimnbla\1.1_0
CHR Extension: (SweetIM for Facebook) - C:\Users\Rafal3\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0
CHR Extension: (Skype Click to Call) - C:\Users\Rafal3\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (AVG Secure Search) - C:\Users\Rafal3\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.1.2.1_0
CHR Extension: (SurF oand keep) - C:\Users\Rafal3\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpcgagknfponhfnbejckndfpjlfilai\2.19
CHR Extension: (Gmail) - C:\Users\Rafal3\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [aaaaaakfopmidbfddimafofbdngbkidf] - C:\Users\Rafał\AppData\Local\APN\GoogleCRXs\aaaaaakfopmidbfddimafofbdngbkidf_7.13.0.0.crx
CHR HKLM\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.crx
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\RAFA~1\AppData\Local\funmoods.crx
CHR HKLM\...\Chrome\Extension: [dcillohgikpecbmgioknapdpcjofaafl] - C:\Users\Rafał\AppData\Roaming\Claro\claro.crx
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\Rafał\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Rafal1\AppData\Roaming\BabSolution\CR\Delta.crx
CHR HKLM\...\Chrome\Extension: [fagpjgjmoaccgkkpjeoinehnoaimnbla] - C:\Users\Rafal3\AppData\Roaming\BabSolution\CR\hola.crx
CHR HKLM\...\Chrome\Extension: [hcjaeiailpjnnejagcokpljldgapdgef] - C:\ProgramData\Download and Sa\hcjaeiailpjnnejagcokpljldgapdgef.crx
CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Rafał\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx
CHR HKLM\...\Chrome\Extension: [jplinpmadfkdgipabgcdchbdikologlh] - C:\Program Files\1ClickDownload\1click12.crx
CHR HKLM\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files\DefaultTab\DefaultTab.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.1.2.1\avg.crx
CHR HKLM\...\Chrome\Extension: [opjkhengjjbmdokikpljnbckmgigndeg] - C:\Users\RAFA~1\AppData\Local\Temp\opjkhengjjbmdokikpljnbckmgigndeg.crx
CHR HKLM\...\Chrome\Extension: [opnkkfjdnhgkjefnnohgfackfninikjo] - C:\ProgramData\TheBflix\opnkkfjdnhgkjefnnohgfackfninikjo.crx
CHR HKLM\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files\1ClickDownload\oneclickdownloader10.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Rafał\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 AdvancedSystemCareService5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [913752 2012-03-14] (IObit)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [62688 2013-10-31] (Bitdefender)
R2 CTDevice_Srv; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [135584 2012-04-26] (Futuremark Corporation)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1616208 2013-11-11] (LogMeIn Inc.)
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [821592 2012-01-09] (IObit)
R2 libusbd; C:\Windows\System32\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2013-10-11] (LogMeIn, Inc.)
R2 lxcz_device; C:\Windows\system32\lxczcoms.exe [537520 2007-04-19] ( )
R2 mi-raysat_3dsmax9_32; D:\3d\mentalray\satellite\raysat_3dsmax9_32server.exe [65536 2006-09-29] ()
S3 Microsoft SharePoint Workspace Audit Service; E:\office\Office14\GROOVE.EXE [30785672 2012-09-20] (Microsoft Corporation)
R2 MotoHelper; C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [202048 2010-09-07] ()
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [584488 2011-03-04] (Nero AG)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-11-02] ()
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [82824 2012-06-25] (Bitdefender)
S2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [54960 2013-10-31] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1343472 2013-10-31] (Bitdefender)
R2 vToolbarUpdater17.1.2; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe [1734680 2013-11-10] (AVG Secure Search)
S2 WindowBlinds; C:\Program Files\Stardock\Object Desktop\WindowBlinds\VistaSrv.exe [230648 2009-06-04] (Stardock Corporation)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]

==================== Drivers (Whitelisted) ====================

R3 appliandMP; C:\Windows\System32\DRIVERS\appliand.sys [28256 2010-06-24] (Applian Technologies Inc.)
R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2011-07-31] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [640560 2013-10-31] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [490144 2013-10-31] (BitDefender)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-11-10] (AVG Technologies)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [78144 2013-10-31] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [90704 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [66832 2013-10-31] (BitDefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys [135600 2013-10-31] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [72704 2012-04-17] (BitDefender)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [239168 2012-02-04] (DT Soft Ltd)
S2 E4LOADER; C:\Windows\System32\Drivers\e4ldr.sys [69656 2007-01-04] (Analog Deivces)
S3 e4usbaw; C:\Windows\System32\DRIVERS\e4usbaw.sys [104344 2007-01-04] (Analog Devices Inc.)
S3 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [20336 2012-01-05] (IObit)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [165744 2013-10-31] (BitDefender LLC)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (EZB Systems, Inc.)
R3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2011-07-31] ()
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [97552 2011-08-29] (MotioninJoy)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [616064 2007-10-25] (PixArt Imaging Inc.)
S3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [30600 2011-09-20] (IObit.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-01-06] (Duplex Secure Ltd.)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2011-05-25] (AnchorFree Inc)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [360376 2013-10-31] (BitDefender S.R.L.)
S3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [19792 2011-09-20] (IObit.com)
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
R3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)
U3 at8az2sk; C:\Windows\System32\Drivers\at8az2sk.sys [0 ] (Advanced Micro Devices)
U5 appliand; C:\Windows\System32\Drivers\appliand.sys [28256 2010-06-24] (Applian Technologies Inc.)
S3 catchme; \??\C:\Users\Rafal1\AppData\Local\Temp\catchme.sys [x]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys [x]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [x]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [x]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [x]
U2 wuaserv; 
U3 a0s2dkgr; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-18 17:44 - 2013-11-18 17:44 - 00000000 ____D C:\FRST
2013-11-18 17:22 - 2013-11-18 17:23 - 00000000 ___SD C:\ComboFix
2013-11-18 17:22 - 2013-11-18 17:22 - 00000000 ____D C:\Qoobox
2013-11-18 17:22 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-18 17:22 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-18 17:22 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-18 17:22 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-18 17:22 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-18 17:22 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-18 17:22 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-18 14:01 - 2013-11-18 14:02 - 00000000 ____D C:\Users\Rafal3\Downloads\[Skin] Biker Sofoklis Peterson
2013-11-18 14:01 - 2013-11-18 14:01 - 00828940 _____ C:\Users\Rafal3\Downloads\[Skin] Biker Sofoklis Peterson.rar
2013-11-18 13:46 - 2013-11-18 13:46 - 00000000 ____D C:\Users\Rafal3\Downloads\South Central Final Modpack
2013-11-18 13:45 - 2013-11-18 13:46 - 24427919 _____ C:\Users\Rafal3\Downloads\South Central Final Modpack.rar
2013-11-18 13:38 - 2013-11-18 13:39 - 00000000 ____D C:\Users\Rafal3\Desktop\Nowy folder (5)
2013-11-17 15:02 - 2013-11-17 15:02 - 00844147 _____ C:\Users\Rafal3\Downloads\jade_empire_pl.rar
2013-11-17 15:02 - 2007-03-09 21:29 - 00000000 ____D C:\Users\Rafal3\Downloads\jade_empire_pl
2013-11-17 15:02 - 2007-03-09 19:47 - 00000000 ____D C:\Users\Rafal3\Downloads\JADE EMPIRE PL
2013-11-17 14:59 - 2013-11-17 14:59 - 00082774 _____ (BioWare Corp.) C:\Windows\Uninstall Jade Empire.exe
2013-11-17 13:59 - 2013-11-17 13:59 - 00299160 _____ C:\Users\Rafal3\Downloads\Jade_Empire_Special_Edition_PCDVD_MULTI3_ENG-IT-SPA.exe
2013-11-17 13:58 - 2013-11-17 13:58 - 00013479 _____ C:\Users\Rafal3\Downloads\Jade.Empire.Special.Edition.torrent
2013-11-17 13:56 - 2013-11-17 13:56 - 00001867 _____ C:\Users\Public\Desktop\EZDownloader.lnk
2013-11-17 13:56 - 2013-11-17 13:56 - 00000000 ____D C:\Windows\system32\X86
2013-11-17 13:56 - 2013-11-17 13:56 - 00000000 ____D C:\Windows\system32\AMD64
2013-11-17 13:56 - 2013-11-17 13:56 - 00000000 ____D C:\ProgramData\96e52ac22cb45f3b
2013-11-17 13:56 - 2013-11-17 13:56 - 00000000 ____D C:\Program Files\EZDownloader
2013-11-17 13:55 - 2013-11-17 13:55 - 00311592 _____ (WinterSoft) C:\Users\Rafal3\Downloads\Jade Empire Special Edition [GOG].exe
2013-11-16 12:41 - 2013-11-16 19:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-16 11:32 - 2013-11-16 11:32 - 00000000 ____D C:\Program Files\WinToFlash Suggestor
2013-11-16 11:30 - 2013-11-16 11:31 - 00000000 ____D C:\Users\Rafal3\Downloads\Novicorp WinToFlash 0.8.0000 Beta
2013-11-16 11:16 - 2013-11-16 11:16 - 34113827 _____ C:\Users\Rafal3\Downloads\Novicorp WinToFlash 0.8.0000 Beta.zip
2013-11-15 13:26 - 2013-11-15 13:41 - 00000000 ____D C:\Users\Rafal3\AppData\Roaming\.minecraft
2013-11-15 13:26 - 2013-11-15 13:26 - 00000000 ____D C:\Users\Rafal3\Desktop\multi-share.org-13MEPO6N-MinecraftSP_v12_2
2013-11-14 03:24 - 2013-11-14 03:24 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2013-11-14 03:00 - 2013-10-12 08:04 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-14 03:00 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 03:00 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 03:00 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 03:00 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 03:00 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 03:00 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 03:00 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 03:00 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 03:00 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 03:00 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-14 03:00 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-14 03:00 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 03:00 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-14 03:00 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 03:00 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-13 11:56 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 11:56 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 11:56 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 11:56 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 11:56 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 11:56 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 11:56 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 11:56 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 11:56 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 11:56 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 11:56 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 11:56 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 11:56 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 11:56 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 11:56 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-13 10:35 - 2013-11-13 10:35 - 00000964 _____ C:\Users\Rafal3\Desktop\Play The Walking Dead nosTEAM.lnk
2013-11-13 10:16 - 2013-11-13 10:16 - 00000000 ____D C:\Users\Rafal3\Documents\Telltale Games
2013-11-13 10:16 - 2013-11-13 10:16 - 00000000 ____D C:\ProgramData\REVOLT
2013-11-11 20:45 - 2013-11-11 20:45 - 00002919 _____ C:\Users\Rafal1\Documents\Nowy dokument tekstowy (2).txt
2013-11-09 17:04 - 2013-11-09 17:04 - 00000000 ____D C:\Users\Rafal3\Desktop\s
2013-11-09 17:03 - 2013-11-09 17:03 - 02371122 _____ C:\Users\Rafal3\Downloads\1190477.rar
2013-11-09 17:03 - 2013-11-09 17:03 - 00000000 ____D C:\Users\Rafal3\Downloads\1190477
2013-11-09 16:47 - 2013-11-09 16:47 - 00000000 ____D C:\Users\Rafal3\Downloads\komagata-rengokai
2013-11-09 16:45 - 2013-11-09 16:45 - 00000000 ____D C:\Users\Rafal3\Downloads\Akuji-kai_Modpack
2013-11-07 16:47 - 2013-11-07 16:47 - 00000000 ____D C:\Users\Rafal3\Downloads\11-09-2011_www_ModBase_PL_Save(1)
2013-11-07 16:46 - 2013-11-07 16:47 - 04804228 _____ C:\Users\Rafal3\Downloads\11-09-2011_www_ModBase_PL_Save(1).rar
2013-11-05 09:27 - 2012-05-07 17:40 - 01524736 _____ (Bethesda Softworks) C:\Users\Rafal3\Desktop\Launcher.exe
2013-11-05 09:23 - 2013-11-05 09:24 - 00000000 ____D C:\Users\Rafal3\AppData\Local\Skyrim
2013-11-03 21:38 - 2013-11-03 22:23 - 00000000 ____D C:\Users\Rafal3\AppData\Roaming\Gadu-Gadu 10
2013-11-03 21:38 - 2013-11-03 21:38 - 00000000 ____D C:\Users\Rafal3\AppData\Local\cache
2013-11-02 11:51 - 2013-11-02 11:56 - 00000000 ____D C:\Users\Rafal3\Documents\Assassin's Creed Revelations
2013-11-02 11:51 - 2013-11-02 11:56 - 00000000 ____D C:\Users\Rafal3\AppData\Local\Ubisoft Game Launcher
2013-11-02 11:50 - 2013-11-02 11:50 - 00000000 ____D C:\Users\Rafal3\AppData\Roaming\PunkBuster
2013-11-01 13:35 - 2013-11-01 13:35 - 00000000 ____D C:\Users\Rafal3\AppData\Roaming\Esperanto
2013-11-01 11:49 - 2013-11-01 11:49 - 00000000 ____D C:\Users\Rafal3\AppData\Local\ESN
2013-11-01 11:28 - 2013-11-01 12:20 - 00000000 ____D C:\Users\Rafal3\Documents\Battlefield 3
2013-10-31 12:17 - 2013-10-31 12:17 - 00640560 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2013-10-31 12:17 - 2013-10-31 12:17 - 00360376 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2013-10-31 12:16 - 2013-10-31 12:16 - 00490144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2013-10-31 12:16 - 2013-10-31 12:16 - 00066832 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2013-10-31 11:50 - 2013-10-31 11:50 - 00000000 ____D C:\Users\Rafal3\Downloads\WSVBZ
2013-10-31 11:49 - 2013-10-31 11:49 - 02207010 _____ C:\Users\Rafal3\Downloads\WSVBZ.rar
2013-10-31 11:47 - 2013-10-31 11:48 - 02919711 _____ C:\Users\Rafal3\Downloads\komagata-rengokai.rar
2013-10-31 11:42 - 2013-10-31 11:42 - 13255408 _____ C:\Users\Rafal3\Downloads\Akuji-kai_Modpack.zip
2013-10-21 12:55 - 2013-10-21 12:55 - 02786957 _____ C:\Users\Rafal3\Downloads\srd_-_edit_by_seven.rar
2013-10-21 12:43 - 2013-10-21 12:43 - 00000000 ____D C:\Users\Rafal3\Downloads\Skins de Pedestres em HD #2
2013-10-21 12:42 - 2013-10-21 12:42 - 08681104 _____ C:\Users\Rafal3\Downloads\Skins de Pedestres em HD #2.rar
2013-10-21 08:43 - 2013-10-21 08:43 - 00000000 ____D C:\Users\Rafal3\Downloads\Rock pack 2
2013-10-21 08:41 - 2013-10-21 08:41 - 01258725 _____ C:\Users\Rafal3\Downloads\Rock pack 2.zip
2013-10-20 10:23 - 2013-10-20 10:23 - 01098731 _____ C:\Users\Rafal3\Downloads\93_vwmycr.rar
2013-10-20 10:23 - 2013-10-20 10:23 - 00000000 ____D C:\Users\Rafal3\Downloads\93_vwmycr
2013-10-19 16:52 - 2011-08-29 23:54 - 00097552 _____ (MotioninJoy) C:\Windows\system32\Drivers\MijXfilt.sys
2013-10-19 16:22 - 2013-10-31 16:07 - 00000000 ____D C:\Users\Rafal3\Documents\FIFA 14
2013-10-19 16:06 - 2013-10-19 16:06 - 00000000 ____D C:\Program Files\LibUSB-Win32-0.1.10.1
2013-10-19 16:06 - 2005-03-09 19:50 - 00019456 _____ (http://libusb-win32.sourceforge.net) C:\Windows\system32\libusbd-9x.exe
2013-10-19 16:06 - 2005-03-09 19:50 - 00018944 _____ (http://libusb-win32.sourceforge.net) C:\Windows\system32\libusbd-nt.exe
2013-10-19 08:18 - 2013-10-19 08:18 - 00000000 ____D C:\Users\Rafal3\AppData\Roaming\MotioninJoy

==================== One Month Modified Files and Folders =======

2013-11-18 17:49 - 2013-05-25 23:57 - 00000000 ____D C:\Users\Rafal3\AppData\Roaming\Skype
2013-11-18 17:44 - 2013-11-18 17:44 - 00000000 ____D C:\FRST
2013-11-18 17:34 - 2011-12-25 18:56 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3691077182-3707542728-1493853906-1000UA.job
2013-11-18 17:23 - 2013-11-18 17:22 - 00000000 ___SD C:\ComboFix
2013-11-18 17:23 - 2011-04-11 18:40 - 01934178 _____ C:\Windows\WindowsUpdate.log
2013-11-18 17:22 - 2013-11-18 17:22 - 00000000 ____D C:\Qoobox
2013-11-18 17:21 - 2013-07-10 20:17 - 00000000 ____D C:\Windows\erdnt
2013-11-18 15:34 - 2011-12-25 18:56 - 00001006 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3691077182-3707542728-1493853906-1000Core.job
2013-11-18 15:02 - 2013-09-14 17:14 - 00000266 _____ C:\Windows\Tasks\PC Performer_DEFAULT.job
2013-11-18 14:02 - 2013-11-18 14:01 - 00000000 ____D C:\Users\Rafal3\Downloads\[Skin] Biker Sofoklis Peterson
2013-11-18 14:01 - 2013-11-18 14:01 - 00828940 _____ C:\Users\Rafal3\Downloads\[Skin] Biker Sofoklis Peterson.rar
2013-11-18 13:50 - 2013-08-19 18:57 - 00000000 ____D C:\Users\Rafal3\Documents\GTA San Andreas User Files
2013-11-18 13:46 - 2013-11-18 13:46 - 00000000 ____D C:\Users\Rafal3\Downloads\South Central Final Modpack
2013-11-18 13:46 - 2013-11-18 13:45 - 24427919 _____ C:\Users\Rafal3\Downloads\South Central Final Modpack.rar
2013-11-18 13:42 - 2013-08-20 11:39 - 00000000 ____D C:\Users\Rafal3\AppData\Local\CrashDumps
2013-11-18 13:39 - 2013-11-18 13:38 - 00000000 ____D C:\Users\Rafal3\Desktop\Nowy folder (5)
2013-11-18 09:10 - 2009-07-14 05:39 - 00366854 _____ C:\Windows\setupact.log
2013-11-17 15:02 - 2013-11-17 15:02 - 00844147 _____ C:\Users\Rafal3\Downloads\jade_empire_pl.rar
2013-11-17 14:59 - 2013-11-17 14:59 - 00082774 _____ (BioWare Corp.) C:\Windows\Uninstall Jade Empire.exe
2013-11-17 14:54 - 2013-08-20 08:45 - 00000000 ____D C:\Users\Rafal3\AppData\Roaming\BitTorrent
2013-11-17 13:59 - 2013-11-17 13:59 - 00299160 _____ C:\Users\Rafal3\Downloads\Jade_Empire_Special_Edition_PCDVD_MULTI3_ENG-IT-SPA.exe
2013-11-17 13:58 - 2013-11-17 13:58 - 00013479 _____ C:\Users\Rafal3\Downloads\Jade.Empire.Special.Edition.torrent
2013-11-17 13:58 - 2013-05-25 23:45 - 00000000 ____D C:\Users\Rafal3\AppData\Local\LogMeIn Hamachi
2013-11-17 13:56 - 2013-11-17 13:56 - 00001867 _____ C:\Users\Public\Desktop\EZDownloader.lnk
2013-11-17 13:56 - 2013-11-17 13:56 - 00000000 ____D C:\Windows\system32\X86
2013-11-17 13:56 - 2013-11-17 13:56 - 00000000 ____D C:\Windows\system32\AMD64
2013-11-17 13:56 - 2013-11-17 13:56 - 00000000 ____D C:\ProgramData\96e52ac22cb45f3b
2013-11-17 13:56 - 2013-11-17 13:56 - 00000000 ____D C:\Program Files\EZDownloader
2013-11-17 13:55 - 2013-11-17 13:55 - 00311592 _____ (WinterSoft) C:\Users\Rafal3\Downloads\Jade Empire Special Edition [GOG].exe
2013-11-17 13:55 - 2012-02-24 17:05 - 00000000 ____D C:\ProgramData\InstallMate
2013-11-16 19:23 - 2013-11-16 12:41 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-16 19:23 - 2012-10-14 19:47 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-16 12:22 - 2011-04-11 18:42 - 01680772 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-16 12:22 - 2009-07-14 09:07 - 00744184 _____ C:\Windows\system32\perfh015.dat
2013-11-16 12:22 - 2009-07-14 09:07 - 00157120 _____ C:\Windows\system32\perfc015.dat
2013-11-16 11:32 - 2013-11-16 11:32 - 00000000 ____D C:\Program Files\WinToFlash Suggestor
2013-11-16 11:31 - 2013-11-16 11:30 - 00000000 ____D C:\Users\Rafal3\Downloads\Novicorp WinToFlash 0.8.0000 Beta
2013-11-16 11:16 - 2013-11-16 11:16 - 34113827 _____ C:\Users\Rafal3\Downloads\Novicorp WinToFlash 0.8.0000 Beta.zip
2013-11-15 16:33 - 2011-07-06 17:48 - 00290184 _____ C:\Windows\system32\PnkBstrB.xtr
2013-11-15 16:33 - 2011-07-06 17:48 - 00139032 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2013-11-15 16:33 - 2011-07-06 13:14 - 00290184 _____ C:\Windows\system32\PnkBstrB.exe
2013-11-15 16:32 - 2011-07-06 13:14 - 00280904 _____ C:\Windows\system32\PnkBstrB.ex0
2013-11-15 16:31 - 2012-01-24 21:22 - 00000000 ____D C:\Program Files\Battlelog Web Plugins
2013-11-15 13:41 - 2013-11-15 13:26 - 00000000 ____D C:\Users\Rafal3\AppData\Roaming\.minecraft
2013-11-15 13:28 - 2013-08-20 16:02 - 00000000 ____D C:\Users\Rafal3\AppData\Roaming\NVIDIA
2013-11-15 13:26 - 2013-11-15 13:26 - 00000000 ____D C:\Users\Rafal3\Desktop\multi-share.org-13MEPO6N-MinecraftSP_v12_2
2013-11-15 09:16 - 2013-10-12 12:47 - 00000000 ____D C:\Users\Rafal3\AppData\Roaming\Spotify
2013-11-14 22:08 - 2009-07-14 05:34 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-14 22:08 - 2009-07-14 05:34 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-14 07:54 - 2013-10-12 12:47 - 00000000 ____D C:\Users\Rafal3\AppData\Local\Spotify
2013-11-14 07:53 - 2013-06-07 19:31 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2013-11-14 07:53 - 2013-06-03 14:29 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-11-14 07:53 - 2012-10-28 15:28 - 00000324 _____ C:\Windows\Tasks\SpeedUpMyPC.job
2013-11-14 03:24 - 2013-11-14 03:24 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2013-11-14 03:23 - 2013-07-10 21:23 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-11-14 03:23 - 2011-04-11 18:43 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-14 03:23 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-14 03:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\pl-PL
2013-11-14 03:04 - 2012-03-27 09:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-13 18:14 - 2013-09-14 17:14 - 00000274 _____ C:\Windows\Tasks\PC Performer_UPDATES.job
2013-11-13 10:35 - 2013-11-13 10:35 - 00000964 _____ C:\Users\Rafal3\Desktop\Play The Walking Dead nosTEAM.lnk
2013-11-13 10:16 - 2013-11-13 10:16 - 00000000 ____D C:\Users\Rafal3\Documents\Telltale Games
2013-11-13 10:16 - 2013-11-13 10:16 - 00000000 ____D C:\ProgramData\REVOLT
2013-11-11 20:45 - 2013-11-11 20:45 - 00002919 _____ C:\Users\Rafal1\Documents\Nowy dokument tekstowy (2).txt
2013-11-10 18:53 - 2013-06-27 00:07 - 00003727 _____ C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2013-11-10 18:50 - 2012-09-23 13:29 - 00037664 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2013-11-10 18:50 - 2012-09-23 13:29 - 00000000 ____D C:\Program Files\AVG Secure Search
2013-11-10 17:07 - 2013-08-22 16:07 - 00000000 ____D C:\Users\Rafal3\AppData\Roaming\TS3Client
2013-11-10 17:05 - 2013-02-03 19:13 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-11-09 17:04 - 2013-11-09 17:04 - 00000000 ____D C:\Users\Rafal3\Desktop\s
2013-11-09 17:03 - 2013-11-09 17:03 - 02371122 _____ C:\Users\Rafal3\Downloads\1190477.rar
2013-11-09 17:03 - 2013-11-09 17:03 - 00000000 ____D C:\Users\Rafal3\Downloads\1190477
2013-11-09 16:47 - 2013-11-09 16:47 - 00000000 ____D C:\Users\Rafal3\Downloads\komagata-rengokai
2013-11-09 16:45 - 2013-11-09 16:45 - 00000000 ____D C:\Users\Rafal3\Downloads\Akuji-kai_Modpack
2013-11-09 09:30 - 2013-06-02 12:30 - 00000007 _____ C:\Users\Rafał\Documents\mt-e_hook.txt
2013-11-07 16:47 - 2013-11-07 16:47 - 00000000 ____D C:\Users\Rafal3\Downloads\11-09-2011_www_ModBase_PL_Save(1)
2013-11-07 16:47 - 2013-11-07 16:46 - 04804228 _____ C:\Users\Rafal3\Downloads\11-09-2011_www_ModBase_PL_Save(1).rar
2013-11-05 10:52 - 2013-08-31 19:12 - 00000000 ____D C:\Users\Rafal3\Desktop\Nowy folder (3)
2013-11-05 10:04 - 2011-04-14 17:38 - 00000000 ____D C:\ProgramData\Skype
2013-11-05 09:24 - 2013-11-05 09:23 - 00000000 ____D C:\Users\Rafal3\AppData\Local\Skyrim
2013-11-05 09:23 - 2013-10-13 09:15 - 00000000 ____D C:\Users\Rafal3\Documents\My Games
2013-11-05 07:18 - 2013-09-28 13:32 - 00000500 _____ C:\Users\Rafal3\Desktop\słowka rafalfafafafaf.txt
2013-11-03 22:23 - 2013-11-03 21:38 - 00000000 ____D C:\Users\Rafal3\AppData\Roaming\Gadu-Gadu 10
2013-11-03 21:38 - 2013-11-03 21:38 - 00000000 ____D C:\Users\Rafal3\AppData\Local\cache
2013-11-03 17:01 - 2013-09-25 19:12 - 00000053 _____ C:\Users\Rafal3\Desktop\Nowy dokument tekstowy (2).txt
2013-11-03 11:07 - 2013-08-19 19:22 - 00000000 ____D C:\Users\Rafal4
2013-11-03 11:07 - 2013-08-19 18:31 - 00000000 ____D C:\Users\TEMP.Rafał-Komputer
2013-11-02 20:24 - 2011-07-06 13:14 - 00076888 _____ C:\Windows\system32\PnkBstrA.exe
2013-11-02 17:28 - 2013-07-10 21:18 - 00130488 _____ C:\Windows\PFRO.log
2013-11-02 11:56 - 2013-11-02 11:51 - 00000000 ____D C:\Users\Rafal3\Documents\Assassin's Creed Revelations
2013-11-02 11:56 - 2013-11-02 11:51 - 00000000 ____D C:\Users\Rafal3\AppData\Local\Ubisoft Game Launcher
2013-11-02 11:50 - 2013-11-02 11:50 - 00000000 ____D C:\Users\Rafal3\AppData\Roaming\PunkBuster
2013-11-02 11:33 - 2011-04-11 18:46 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-11-01 13:35 - 2013-11-01 13:35 - 00000000 ____D C:\Users\Rafal3\AppData\Roaming\Esperanto
2013-11-01 12:20 - 2013-11-01 11:28 - 00000000 ____D C:\Users\Rafal3\Documents\Battlefield 3
2013-11-01 12:20 - 2013-08-20 13:16 - 00000000 ____D C:\Users\Rafal3\AppData\Local\PunkBuster
2013-11-01 11:49 - 2013-11-01 11:49 - 00000000 ____D C:\Users\Rafal3\AppData\Local\ESN
2013-11-01 11:28 - 2013-08-25 10:53 - 00000000 ____D C:\Users\Rafal3\AppData\Local\Origin
2013-10-31 16:07 - 2013-10-19 16:22 - 00000000 ____D C:\Users\Rafal3\Documents\FIFA 14
2013-10-31 12:17 - 2013-10-31 12:17 - 00640560 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2013-10-31 12:17 - 2013-10-31 12:17 - 00360376 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2013-10-31 12:16 - 2013-10-31 12:16 - 00490144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2013-10-31 12:16 - 2013-10-31 12:16 - 00066832 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2013-10-31 12:15 - 2013-09-14 17:15 - 00165744 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2013-10-31 11:50 - 2013-10-31 11:50 - 00000000 ____D C:\Users\Rafal3\Downloads\WSVBZ
2013-10-31 11:49 - 2013-10-31 11:49 - 02207010 _____ C:\Users\Rafal3\Downloads\WSVBZ.rar
2013-10-31 11:48 - 2013-10-31 11:47 - 02919711 _____ C:\Users\Rafal3\Downloads\komagata-rengokai.rar
2013-10-31 11:42 - 2013-10-31 11:42 - 13255408 _____ C:\Users\Rafal3\Downloads\Akuji-kai_Modpack.zip
2013-10-30 18:38 - 2013-09-09 15:45 - 00000000 ____D C:\Users\Rafal3\Desktop\freeewayej
2013-10-23 15:00 - 2009-07-14 05:53 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-21 12:55 - 2013-10-21 12:55 - 02786957 _____ C:\Users\Rafal3\Downloads\srd_-_edit_by_seven.rar
2013-10-21 12:43 - 2013-10-21 12:43 - 00000000 ____D C:\Users\Rafal3\Downloads\Skins de Pedestres em HD #2
2013-10-21 12:42 - 2013-10-21 12:42 - 08681104 _____ C:\Users\Rafal3\Downloads\Skins de Pedestres em HD #2.rar
2013-10-21 08:43 - 2013-10-21 08:43 - 00000000 ____D C:\Users\Rafal3\Downloads\Rock pack 2
2013-10-21 08:41 - 2013-10-21 08:41 - 01258725 _____ C:\Users\Rafal3\Downloads\Rock pack 2.zip
2013-10-20 10:23 - 2013-10-20 10:23 - 01098731 _____ C:\Users\Rafal3\Downloads\93_vwmycr.rar
2013-10-20 10:23 - 2013-10-20 10:23 - 00000000 ____D C:\Users\Rafal3\Downloads\93_vwmycr
2013-10-19 16:52 - 2012-09-19 10:39 - 00000965 _____ C:\Users\Public\Desktop\DS3 Tool.lnk
2013-10-19 16:06 - 2013-10-19 16:06 - 00000000 ____D C:\Program Files\LibUSB-Win32-0.1.10.1
2013-10-19 08:18 - 2013-10-19 08:18 - 00000000 ____D C:\Users\Rafal3\AppData\Roaming\MotioninJoy

Files to move or delete:
====================
C:\Users\Rafał\DSETUP.dll
C:\Users\Rafał\dsetup32.dll
C:\Users\Rafał\DXSETUP.exe
C:\Users\Rafał\mod_sa.v4.4.0.4.sa-mp.v0.3e.modified.by.bartekdvd.setup.exe


Some content of TEMP:
====================
C:\Users\Rafal1\AppData\Local\temp\MyDelta_sftnc.exe
C:\Users\Rafal1\AppData\Local\temp\SkypeSetup.exe
C:\Users\Rafal3\AppData\Local\temp\i4jdel0.exe
C:\Users\Rafal3\AppData\Local\temp\PCPSetup-1-.exe
C:\Users\Rafal3\AppData\Local\temp\SkypeSetup.exe
C:\Users\Rafal3\AppData\Local\temp\sonarinst.exe
C:\Users\Rafal3\AppData\Local\temp\TsuA3224091.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-10 02:51

==================== End Of Log ============================