Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-01-2014 01
Ran by Mafia (administrator) on MACIEK on 01-02-2014 12:54:05
Running from C:\Documents and Settings\Mafia\Pulpit\Narzędzia Taty
Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Atheros) C:\WINDOWS\system32\acs.exe
(Option) C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Macrovision Corporation) C:\Program Files\UGS\NX 4.0\UGNXFLEXlm\lmgrd.exe
(Macrovision Corporation) C:\Program Files\UGS\NX 4.0\UGNXFLEXlm\lmgrd.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
() C:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\UGS\NX 4.0\UGNXFLEXlm\uglmd.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [TWCU] - C:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe [561263 2010-06-21] ()
HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [13923432 2010-07-29] (NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-21] (AVAST Software)
HKLM\...\Run: [Cm106Sound] - RunDll32 cm106.cpl,CMICtrlWnd
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\Mama\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Mama\...\Run: [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\Mama\...\Run: [TBHostSupport] - "C:\WINDOWS\system32\Rundll32.exe" "C:\Documents and Settings\Mama\Ustawienia lokalne\Dane aplikacji\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=PL&userid=ef3551d4-89d5-4cb0-960d-04196e740d82&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={D7E44C30-75FE-4E4B-A774-F4E54B2C589A}&mid=Unknown&lang=pl&ds=xn011&pr=sa&d=2013-01-18 14:43:11&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=PL&userid=ef3551d4-89d5-4cb0-960d-04196e740d82&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
SearchScopes: HKCU - {0A78407B-83D2-4E2A-83AE-403FFCA7488C} URL = http://search.atlas.cz/?q={searchTerms}
SearchScopes: HKCU - {21299C0D-AB11-4E71-91A9-0C6973799AB3} URL = http://search.microsoft.com/results.aspx?mkt=pl-pl&setlang=pl-pl&q={searchTerms}
SearchScopes: HKCU - {2B6E8B59-607C-4183-A65D-953241E2E787} URL = http://www.ceneo.pl/categories.aspx?search=yes&categoryID=0&searchText={searchTerms}&inDesc=False&minPrice=0&maxPrice=99999999
SearchScopes: HKCU - {2BE05369-8C8A-4548-B3A8-7E837C1DAF44} URL = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {34A4DDEB-3D4D-4C67-A440-56B3E5C697D8} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=FP-tab-web-t340&ei=UTF-8&meta=vc%3D
SearchScopes: HKCU - {3503FA73-606C-4422-9909-D1A30C28C993} URL = http://cgi.search.biglobe.ne.jp/cgi-bin/search7?q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {85FE9B39-09E0-4A70-ACFE-E8E13CC47B76} URL = http://vachercher.lycos.fr/cgi-bin/pursuit?query={searchTerms}&tld=com&family=off&inpcatvalue=loc&cat=loc
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={D7E44C30-75FE-4E4B-A774-F4E54B2C589A}&mid=Unknown&lang=pl&ds=xn011&pr=sa&d=2013-01-18 14:43:11&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {AAC2CB8C-B40F-404D-A2EC-6E9356D7300F} URL = http://search.seznam.cz/searchScreen?w={searchTerms}&mod=f
SearchScopes: HKCU - {AC557BCF-2057-4634-ABE7-5EC31A8CCE1C} URL = http://search.centrum.cz/index.php?charset=utf-8&q={searchTerms}&mt=2&mts=1&sec=mix&kibitz=0
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
SearchScopes: HKCU - {D03BF058-FC45-42AD-989E-B7B6819BDDFC} URL = http://pl.wikipedia.org/w/index.php?title=Specjalna:Szukaj&search={searchTerms}
SearchScopes: HKCU - {DB8B1F3C-D1B8-4EE7-8839-B82DAB67A796} URL = http://search.auone.jp/?q={searchTerms}&sr=0401&charset=SJIS
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: HistoryTriggerBHO Class - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics)
BHO: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTo2.dll (Conduit Ltd.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: The Game Creators Ltd Toolbar - {eae1e35c-bdd4-49aa-adc9-e82496f88370} - C:\Program Files\The_Game_Creators_Ltd\prxtbThe2.dll (Conduit Ltd.)
Toolbar: HKLM - SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - The Game Creators Ltd Toolbar - {eae1e35c-bdd4-49aa-adc9-e82496f88370} - C:\Program Files\The_Game_Creators_Ltd\prxtbThe2.dll (Conduit Ltd.)
Toolbar: HKLM - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTo2.dll (Conduit Ltd.)
Toolbar: HKLM - Linkury Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - The Game Creators Ltd Toolbar - {EAE1E35C-BDD4-49AA-ADC9-E82496F88370} - C:\Program Files\The_Game_Creators_Ltd\prxtbThe2.dll (Conduit Ltd.)
Toolbar: HKCU - uTorrentControl2 Toolbar - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files\uTorrentControl2\prxtbuTo2.dll (Conduit Ltd.)
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1232108986312
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} http://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.140.0.cab
DPF: {82CF9738-0BDA-4AAF-AB08-5AC5875FF3BB} http://www.englishon-line.com/pl/lekcje/localplayer/recording/yrecording.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.66.2.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll (AVG Secure Search)

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.102\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.102\pdf.dll ()
CHR Plugin: (Skype Click to Call) - C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Conduit Chrome Plugin) - C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll No File
CHR Plugin: (Conduit Radio Plugin) - C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\10.11.21.5_0\plugins/np-cwmp.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.250.6) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U25) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (QUAKE LIVE) - C:\Documents and Settings\All Users\Dane aplikacji\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll No File
CHR Extension: (GFACE Experience Plugin) - C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ejdlfmdbdibkbfdpjocdaolcheehmpol [2013-12-03]
CHR Extension: (BTControl12DM3) - C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\enhhmkheaflopcodiopmfoofkgfnhhfe [2013-12-27]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM\...\Chrome\Extension: [enhhmkheaflopcodiopmfoofkgfnhhfe] - C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\CRE\enhhmkheaflopcodiopmfoofkgfnhhfe.crx [2013-12-19]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\ChromeExt\17.2.0.38\avg.crx [2013-12-21]
CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2013-12-21]
CHR HKCU\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\Smartbar/Application\1Extension.crx [2012-10-16]
CHR HKCU\...\Chrome\Extension: [enhhmkheaflopcodiopmfoofkgfnhhfe] - C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\CRE\enhhmkheaflopcodiopmfoofkgfnhhfe.crx [2013-12-19]
CHR HKCU\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2013-12-19]

========================== Services (Whitelisted) =================

R2 ACS; C:\WINDOWS\system32\acs.exe [499796 2010-06-21] (Atheros)
S4 Akamai; c:\program files\common files\akamai/netsession_win_b5e8a4c.dll [4539200 2012-10-12] (Akamai Technologies, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-21] (AVAST Software)
S4 CrossLoopService; C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\CrossLoop\CrossLoopService.exe [569072 2011-09-07] (CrossLoop)
S3 Desura Install Service; C:\Program Files\Common Files\Desura\desura_service.exe [131912 2013-11-17] (Desura Pty Ltd)
R2 GtDetectSc; C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe [204915 2007-11-05] (Option)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1677136 2014-01-23] (LogMeIn Inc.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-08-30] (Oracle Corporation)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2013-12-13] (LogMeIn, Inc.)
R2 MSSQL$PLATNIK2005; c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S3 npggsvc; C:\WINDOWS\system32\GameMon.des [3549224 2010-06-07] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2013-11-17] ()
R2 Skype C2C Service; C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S3 tvnserver; C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\CrossLoop\tvnserver.exe [814080 2010-07-21] (GlavSoft LLC.)
R2 Unigraphics License Server (uglmd); C:\Program Files\UGS\NX 4.0\UGNXFLEXlm\lmgrd.exe [962560 2005-10-27] (Macrovision Corporation)
R2 vToolbarUpdater17.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [1771544 2013-12-21] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

S3 AndNetDiag; C:\WINDOWS\System32\DRIVERS\lgandnetdiag.sys [23040 2011-09-06] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\System32\DRIVERS\lgandnetmodem.sys [27776 2011-09-06] (LG Electronics Inc.)
S3 andnetndis; C:\WINDOWS\System32\DRIVERS\lgandnetndis.sys [70400 2011-09-16] (LG Electronics Inc.)
R3 AR9271; C:\WINDOWS\System32\DRIVERS\athuw.sys [1756384 2010-07-28] (Atheros Communications, Inc.)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2013-12-21] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2013-12-21] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2013-12-21] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2013-12-21] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410528 2013-12-21] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2013-12-21] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180248 2013-12-21] ()
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [100368 2011-08-08] (Advanced Micro Devices)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [279712 2011-03-13] ()
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-11-17] (AVG Technologies)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [13896 2013-03-07] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [9160 2013-03-07] ()
S3 GT72NDISIPXP; C:\WINDOWS\System32\DRIVERS\Gt51Ip.sys [95744 2007-07-09] (Option NV)
S3 GT72UBUS; C:\WINDOWS\System32\DRIVERS\gt72ubus.sys [51968 2007-06-26] (Option N.V.)
S3 GTPTSER; C:\WINDOWS\System32\DRIVERS\gtptser.sys [8064 2007-03-30] (Option N.V.)
R3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 LgBttPort; C:\WINDOWS\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\WINDOWS\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\WINDOWS\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25888 2011-03-13] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 PAC7302; C:\WINDOWS\System32\DRIVERS\PAC7302.SYS [458112 2007-10-29] (PixArt Imaging Inc.)
R2 Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [73728 2001-06-22] (Rainbow Technologies, Inc.)
R1 UimBus; C:\WINDOWS\System32\DRIVERS\UimBus.sys [81232 2013-02-18] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\WINDOWS\System32\Drivers\Uim_IM.sys [452816 2013-02-18] (Paragon)
R1 Uim_Vim; C:\WINDOWS\System32\Drivers\Uim_Vim.sys [283600 2013-02-18] (Paragon)
S3 USBMULCD; C:\WINDOWS\System32\drivers\CM106.sys [1511936 2009-09-25] (C-Media Electronics Inc)
S1 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [31872 2008-04-14] (Microsoft Corporation)
R3 WmBEnum; C:\WINDOWS\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
R3 WmVirHid; C:\WINDOWS\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
R3 WmXlCore; C:\WINDOWS\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)
R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [58208 2010-06-21] (Atheros Communications, Inc.)
S2 aswFsBlk; No ImagePath
S3 catchme; \??\C:\DOCUME~1\Mafia\USTAWI~1\Temp\catchme.sys [x]
S3 EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [x]
S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [x]
S3 GenericMount; system32\DRIVERS\GenericMount.sys [x]
S4 IntelIde; No ImagePath
S3 ldiskl; \??\C:\DOCUME~1\Mafia\USTAWI~1\Temp\ldiskl.sys [x]
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [x]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [x]
S3 PciCon; \??\H:\PciCon.sys [x]
S3 RT73; system32\DRIVERS\rt73.sys [x]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013\WNt500x86\Sandra.sys [x]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S0 sptd; \SystemRoot\System32\Drivers\sptd.sys [x]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [x]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [x]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [x]
U2 V2iMount; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-29 21:13 - 2014-01-29 21:13 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2014-01-29 21:13 - 2014-01-29 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi
2014-01-25 16:50 - 2014-02-01 12:54 - 00000000 ____D C:\FRST
2014-01-25 13:18 - 2014-01-25 12:48 - 00000000 ____D C:\WINDOWS\tmp
2014-01-25 12:32 - 2014-01-25 12:32 - 00000767 _____ C:\Documents and Settings\Administrator\Menu Start\Programy\Internet Explorer.lnk
2014-01-25 12:32 - 2014-01-25 12:32 - 00000000 ___RD C:\Documents and Settings\Administrator\Moje dokumenty\Moje obrazy
2014-01-25 12:32 - 2014-01-25 12:32 - 00000000 ___RD C:\Documents and Settings\Administrator\Moje dokumenty\Moja muzyka
2014-01-25 12:31 - 2014-01-25 12:32 - 00000738 _____ C:\Documents and Settings\Administrator\Menu Start\Programy\Outlook Express.lnk
2014-01-25 12:31 - 2012-08-23 07:27 - 02150400 _____ (Microsoft Corporation) C:\WINDOWS\system32\OLD3F.tmp
2014-01-25 12:31 - 2012-08-23 07:27 - 02029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\OLD42.tmp
2014-01-25 12:31 - 2008-04-14 00:01 - 00134400 _____ (Microsoft Corporation) C:\WINDOWS\system32\OLD46.tmp
2014-01-25 12:26 - 2014-01-25 12:48 - 00000188 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2014-01-25 12:25 - 2014-01-25 12:32 - 00000000 ___RD C:\Documents and Settings\Administrator\Ulubione
2014-01-25 12:25 - 2014-01-25 12:32 - 00000000 ___RD C:\Documents and Settings\Administrator\Moje dokumenty
2014-01-25 12:25 - 2014-01-25 12:32 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start\Programy
2014-01-25 12:25 - 2014-01-25 12:31 - 00000792 _____ C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk
2014-01-25 12:25 - 2014-01-25 12:31 - 00000000 __RHD C:\Documents and Settings\Administrator\Dane aplikacji
2014-01-25 12:25 - 2014-01-25 12:31 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria
2014-01-25 12:25 - 2014-01-25 12:31 - 00000000 ____D C:\Documents and Settings\Administrator
2014-01-25 12:25 - 2014-01-20 18:17 - 00000000 ___HD C:\Documents and Settings\Administrator\Ustawienia lokalne
2014-01-25 12:25 - 2009-12-05 20:57 - 00000000 ___HD C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji
2014-01-25 12:25 - 2009-12-05 20:57 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft Help
2014-01-25 12:25 - 2009-12-05 20:53 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache
2014-01-25 12:25 - 2000-01-16 13:11 - 00000000 __SHD C:\Documents and Settings\Administrator\Ustawienia lokalne\Historia
2014-01-25 12:25 - 2000-01-16 13:11 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart
2014-01-25 12:25 - 2000-01-16 13:11 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start
2014-01-25 12:25 - 2000-01-16 13:11 - 00000000 ____D C:\Documents and Settings\Administrator\Pulpit
2014-01-25 12:25 - 2000-01-16 12:22 - 00001599 _____ C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk
2014-01-25 12:25 - 2000-01-16 12:18 - 00000000 ___HD C:\Documents and Settings\Administrator\Szablony
2014-01-25 12:19 - 2014-01-25 12:19 - 00000020 ___SH C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\ntuser.ini
2014-01-25 12:19 - 2014-01-25 12:19 - 00000000 ___HD C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Ustawienia lokalne\Dane aplikacji
2014-01-25 12:18 - 2014-01-25 12:19 - 00000000 __SHD C:\Documents and Settings\LocalService.ZARZĄDZANIE NT
2014-01-25 12:18 - 2014-01-25 12:19 - 00000000 ___HD C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Ustawienia lokalne
2014-01-25 12:18 - 2014-01-25 12:18 - 00000000 ____D C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Dane aplikacji
2014-01-25 12:18 - 2009-12-05 20:53 - 00000000 __SHD C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\IETldCache
2014-01-25 12:18 - 2000-01-16 13:11 - 00000000 ___HD C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Ustawienia lokalne\Historia
2014-01-25 12:17 - 2014-01-25 12:17 - 00000020 ___SH C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT\ntuser.ini
2014-01-25 12:17 - 2014-01-25 12:17 - 00000000 __SHD C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT
2014-01-25 12:17 - 2014-01-25 12:17 - 00000000 ___HD C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT\Ustawienia lokalne\Dane aplikacji
2014-01-25 12:17 - 2014-01-25 12:17 - 00000000 ___HD C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT\Ustawienia lokalne
2014-01-25 12:17 - 2014-01-25 12:17 - 00000000 ____D C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT\Dane aplikacji
2014-01-25 12:17 - 2009-12-05 20:53 - 00000000 __SHD C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT\IETldCache
2014-01-25 12:17 - 2000-01-16 13:11 - 00000000 ___HD C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT\Ustawienia lokalne\Historia
2014-01-20 18:58 - 2014-01-20 18:58 - 02347384 _____ (ESET) C:\Documents and Settings\Mafia\Moje dokumenty\esetsmartinstaller_plk.exe
2014-01-20 18:17 - 2014-01-20 18:17 - 00000000 ___SD C:\ComboFix
2014-01-20 18:17 - 2014-01-20 18:14 - 00000000 ____D C:\Documents and Settings\Mafia\Dane aplikacji\PriceGong
2014-01-19 18:56 - 2014-01-20 18:17 - 00000000 ____D C:\Documents and Settings\Mafia\Dane aplikacji\PriceGong(2)
2014-01-19 18:47 - 2014-01-19 18:47 - 00026024 _____ C:\ComboFix.txt
2014-01-02 20:05 - 2014-01-02 20:05 - 00003272 _____ C:\Documents and Settings\Mafia\Moje dokumenty\WoluminD.txt
2014-01-02 20:05 - 2014-01-02 20:05 - 00003130 _____ C:\Documents and Settings\Mafia\Moje dokumenty\WoluminC.txt
2014-01-02 20:03 - 2014-01-02 20:03 - 00003130 _____ C:\Documents and Settings\Mafia\Moje dokumenty\WoluminG.txt
2014-01-02 19:53 - 2014-01-02 19:53 - 00000000 ____D C:\Documents and Settings\Mama\Dane aplikacji\openvr
2014-01-02 19:37 - 2014-01-02 19:37 - 00000000 ____D C:\Documents and Settings\Mafia\Dane aplikacji\openvr
2014-01-02 19:29 - 2014-01-02 19:29 - 00000713 _____ C:\Documents and Settings\Mafia\Pulpit\Warface.lnk
2014-01-02 19:14 - 2014-01-02 19:14 - 00000000 ____D C:\Documents and Settings\Mafia\Moje dokumenty\Odebrane pliki

==================== One Month Modified Files and Folders =======

2014-02-01 12:54 - 2014-01-25 16:50 - 00000000 ____D C:\FRST
2014-02-01 12:54 - 2012-10-12 20:54 - 00000000 ___RD C:\Documents and Settings\Mafia\Pulpit\Narzędzia Taty
2014-02-01 12:54 - 2011-11-28 19:06 - 00000462 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{F21E80BD-D20D-4260-ABE9-BA2D62684058}.job
2014-02-01 12:52 - 2013-08-30 21:07 - 00000000 ____D C:\Program Files\Steam
2014-02-01 12:52 - 2012-11-27 21:47 - 00000000 ____D C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
2014-01-31 16:39 - 2000-01-16 12:38 - 00032186 ____N C:\WINDOWS\SchedLgU.Txt
2014-01-31 16:03 - 2012-11-27 21:47 - 00000000 ____D C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
2014-01-31 16:02 - 2000-01-16 12:21 - 01130934 ____N C:\WINDOWS\WindowsUpdate.log
2014-01-31 16:01 - 2012-11-10 11:34 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-01-31 16:01 - 2004-08-04 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-31 16:01 - 2000-01-16 13:13 - 00000159 ____N C:\WINDOWS\wiadebug.log
2014-01-31 16:01 - 2000-01-16 13:13 - 00000050 ____N C:\WINDOWS\wiaservc.log
2014-01-31 16:00 - 2000-01-16 12:38 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-29 21:57 - 2013-08-06 23:37 - 00000000 ____D C:\Program Files\Origin
2014-01-29 21:53 - 2012-07-02 08:31 - 00524288 _____ C:\WINDOWS\system32\config\ACS.evt
2014-01-29 21:53 - 2009-12-05 21:03 - 00000188 ___SH C:\Documents and Settings\Mafia\ntuser.ini
2014-01-29 21:51 - 2011-07-13 20:47 - 00000000 ____D C:\Program Files\Common Files\Steam
2014-01-29 21:13 - 2014-01-29 21:13 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2014-01-29 21:13 - 2014-01-29 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi
2014-01-29 21:13 - 2000-01-16 13:11 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy
2014-01-25 16:16 - 2009-12-05 21:03 - 00000000 ____D C:\Documents and Settings\Mafia
2014-01-25 16:13 - 2013-01-07 17:54 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Gimnazjum klasa 3 - Puls zycia
2014-01-25 16:13 - 2011-05-30 09:29 - 00000000 ____D C:\Documents and Settings\Mafia\Pulpit\Nieużywane skróty pulpitu
2014-01-25 12:48 - 2014-01-25 13:18 - 00000000 ____D C:\WINDOWS\tmp
2014-01-25 12:48 - 2014-01-25 12:26 - 00000188 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2014-01-25 12:33 - 2004-08-04 13:00 - 00603436 _____ C:\WINDOWS\system32\perfh015.dat
2014-01-25 12:33 - 2004-08-04 13:00 - 00123368 _____ C:\WINDOWS\system32\perfc015.dat
2014-01-25 12:33 - 2000-01-16 13:11 - 01386558 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-25 12:32 - 2014-01-25 12:32 - 00000767 _____ C:\Documents and Settings\Administrator\Menu Start\Programy\Internet Explorer.lnk
2014-01-25 12:32 - 2014-01-25 12:32 - 00000000 ___RD C:\Documents and Settings\Administrator\Moje dokumenty\Moje obrazy
2014-01-25 12:32 - 2014-01-25 12:32 - 00000000 ___RD C:\Documents and Settings\Administrator\Moje dokumenty\Moja muzyka
2014-01-25 12:32 - 2014-01-25 12:31 - 00000738 _____ C:\Documents and Settings\Administrator\Menu Start\Programy\Outlook Express.lnk
2014-01-25 12:32 - 2014-01-25 12:25 - 00000000 ___RD C:\Documents and Settings\Administrator\Ulubione
2014-01-25 12:32 - 2014-01-25 12:25 - 00000000 ___RD C:\Documents and Settings\Administrator\Moje dokumenty
2014-01-25 12:32 - 2014-01-25 12:25 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start\Programy
2014-01-25 12:31 - 2014-01-25 12:25 - 00000792 _____ C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk
2014-01-25 12:31 - 2014-01-25 12:25 - 00000000 __RHD C:\Documents and Settings\Administrator\Dane aplikacji
2014-01-25 12:31 - 2014-01-25 12:25 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria
2014-01-25 12:31 - 2014-01-25 12:25 - 00000000 ____D C:\Documents and Settings\Administrator
2014-01-25 12:21 - 2000-01-16 12:19 - 00000000 ____D C:\WINDOWS\system32\Restore
2014-01-25 12:19 - 2014-01-25 12:19 - 00000020 ___SH C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\ntuser.ini
2014-01-25 12:19 - 2014-01-25 12:19 - 00000000 ___HD C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Ustawienia lokalne\Dane aplikacji
2014-01-25 12:19 - 2014-01-25 12:18 - 00000000 __SHD C:\Documents and Settings\LocalService.ZARZĄDZANIE NT
2014-01-25 12:19 - 2014-01-25 12:18 - 00000000 ___HD C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Ustawienia lokalne
2014-01-25 12:18 - 2014-01-25 12:18 - 00000000 ____D C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Dane aplikacji
2014-01-25 12:17 - 2014-01-25 12:17 - 00000020 ___SH C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT\ntuser.ini
2014-01-25 12:17 - 2014-01-25 12:17 - 00000000 __SHD C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT
2014-01-25 12:17 - 2014-01-25 12:17 - 00000000 ___HD C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT\Ustawienia lokalne\Dane aplikacji
2014-01-25 12:17 - 2014-01-25 12:17 - 00000000 ___HD C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT\Ustawienia lokalne
2014-01-25 12:17 - 2014-01-25 12:17 - 00000000 ____D C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT\Dane aplikacji
2014-01-25 12:16 - 2009-01-16 13:12 - 00013646 _____ C:\WINDOWS\system32\wpa.bak
2014-01-25 12:13 - 2000-01-16 13:09 - 00157160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-20 19:07 - 2011-03-29 22:14 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
2014-01-20 18:58 - 2014-01-20 18:58 - 02347384 _____ (ESET) C:\Documents and Settings\Mafia\Moje dokumenty\esetsmartinstaller_plk.exe
2014-01-20 18:58 - 2009-12-05 21:03 - 00000000 ___RD C:\Documents and Settings\Mafia\Moje dokumenty
2014-01-20 18:49 - 2009-12-05 21:03 - 00000000 ____D C:\Documents and Settings\Mafia\Pulpit
2014-01-20 18:19 - 2012-05-25 19:28 - 00000000 ____D C:\Documents and Settings\Mama\Pulpit
2014-01-20 18:18 - 2012-05-25 19:28 - 00000000 ____D C:\Documents and Settings\Mama
2014-01-20 18:18 - 2000-01-16 12:38 - 00000000 __SHD C:\Documents and Settings\LocalService
2014-01-20 18:18 - 2000-01-16 12:25 - 00000000 __SHD C:\Documents and Settings\NetworkService
2014-01-20 18:18 - 2000-01-16 12:19 - 00000000 ____D C:\WINDOWS\Registration
2014-01-20 18:17 - 2014-01-25 12:25 - 00000000 ___HD C:\Documents and Settings\Administrator\Ustawienia lokalne
2014-01-20 18:17 - 2014-01-20 18:17 - 00000000 ___SD C:\ComboFix
2014-01-20 18:17 - 2014-01-19 18:56 - 00000000 ____D C:\Documents and Settings\Mafia\Dane aplikacji\PriceGong(2)
2014-01-20 18:17 - 2011-01-28 17:57 - 00000000 ____D C:\Qoobox
2014-01-20 18:17 - 2009-12-05 21:03 - 00000000 __RHD C:\Documents and Settings\Mafia\Dane aplikacji
2014-01-20 18:17 - 2000-01-16 13:11 - 00000000 __RHD C:\Documents and Settings\Default User\Ustawienia lokalne
2014-01-20 18:14 - 2014-01-20 18:17 - 00000000 ____D C:\Documents and Settings\Mafia\Dane aplikacji\PriceGong
2014-01-20 18:14 - 2012-11-10 11:34 - 00001733 _____ C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
2014-01-20 18:14 - 2012-10-12 21:07 - 00000000 ____D C:\Program Files\Startup Manager
2014-01-20 18:13 - 2011-09-26 18:04 - 00000000 ____D C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\CrossLoop
2014-01-20 18:12 - 2011-03-29 22:14 - 00000000 ____D C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\PMB Files
2014-01-20 08:42 - 2013-06-20 05:59 - 00000000 ____D C:\Documents and Settings\Mafia\Dane aplikacji\.minecraft
2014-01-19 20:31 - 2012-04-16 23:39 - 00001984 _____ C:\WINDOWS\system32\d3d9caps.dat
2014-01-19 19:39 - 2004-08-04 13:00 - 00019017 _____ C:\WINDOWS\win.ini
2014-01-19 19:39 - 2004-08-04 13:00 - 00000227 _____ C:\WINDOWS\system.ini
2014-01-19 18:47 - 2014-01-19 18:47 - 00026024 _____ C:\ComboFix.txt
2014-01-19 18:47 - 2012-05-25 19:28 - 00000000 ___HD C:\Documents and Settings\Mama\Ustawienia lokalne
2014-01-19 18:47 - 2009-12-05 21:03 - 00000000 ___HD C:\Documents and Settings\Mafia\Ustawienia lokalne
2014-01-19 18:47 - 2000-01-16 12:38 - 00000000 ___HD C:\Documents and Settings\LocalService\Ustawienia lokalne
2014-01-19 18:04 - 2012-08-09 21:10 - 00000000 ____D C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\uTorrentControl2
2014-01-19 18:04 - 2012-06-07 18:43 - 00000000 ____D C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\The_Game_Creators_Ltd
2014-01-19 18:00 - 2000-01-16 13:11 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit
2014-01-11 17:48 - 2012-05-25 19:28 - 00000188 ___SH C:\Documents and Settings\Mama\ntuser.ini
2014-01-11 17:36 - 2010-09-11 22:53 - 00000000 ____D C:\Symfonia
2014-01-11 17:36 - 2000-01-16 13:09 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji
2014-01-11 17:14 - 2013-12-27 22:04 - 00001577 _____ C:\WINDOWS\system\Cm106.ini
2014-01-11 15:09 - 2012-05-25 19:28 - 00000000 __RHD C:\Documents and Settings\Mama\Dane aplikacji
2014-01-11 15:09 - 2012-05-25 19:28 - 00000000 ___HD C:\Documents and Settings\Mama\Ustawienia lokalne\Dane aplikacji
2014-01-11 15:06 - 2013-01-18 14:42 - 00000000 ____D C:\Program Files\AVG Secure Search
2014-01-11 14:46 - 2012-08-09 21:10 - 00000000 ____D C:\Program Files\uTorrentControl2
2014-01-11 14:46 - 2012-06-07 18:43 - 00000000 ____D C:\Program Files\The_Game_Creators_Ltd
2014-01-02 20:05 - 2014-01-02 20:05 - 00003272 _____ C:\Documents and Settings\Mafia\Moje dokumenty\WoluminD.txt
2014-01-02 20:05 - 2014-01-02 20:05 - 00003130 _____ C:\Documents and Settings\Mafia\Moje dokumenty\WoluminC.txt
2014-01-02 20:03 - 2014-01-02 20:03 - 00003130 _____ C:\Documents and Settings\Mafia\Moje dokumenty\WoluminG.txt
2014-01-02 19:53 - 2014-01-02 19:53 - 00000000 ____D C:\Documents and Settings\Mama\Dane aplikacji\openvr
2014-01-02 19:50 - 2012-05-25 18:37 - 00000000 ____D C:\Documents and Settings\Mama\Dane aplikacji\Skype
2014-01-02 19:49 - 2013-01-30 22:10 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Skype
2014-01-02 19:38 - 2012-12-19 21:57 - 00196608 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2014-01-02 19:37 - 2014-01-02 19:37 - 00000000 ____D C:\Documents and Settings\Mafia\Dane aplikacji\openvr
2014-01-02 19:29 - 2014-01-02 19:29 - 00000713 _____ C:\Documents and Settings\Mafia\Pulpit\Warface.lnk
2014-01-02 19:29 - 2012-09-16 16:16 - 00000000 ____D C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\Mail.Ru
2014-01-02 19:20 - 2013-06-20 05:18 - 00000000 ____D C:\Documents and Settings\Mafia\Dane aplikacji\DAEMON Tools Lite
2014-01-02 19:20 - 2012-08-09 21:08 - 00000000 ____D C:\Documents and Settings\Mafia\Dane aplikacji\uTorrent
2014-01-02 19:20 - 2011-04-26 09:09 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Alcohol 52%
2014-01-02 19:20 - 2011-03-17 20:01 - 00000000 ____D C:\Documents and Settings\Mafia\Dane aplikacji\TS3Client
2014-01-02 19:20 - 2010-09-11 22:39 - 00000000 ____D C:\WINDOWS\Minidump
2014-01-02 19:18 - 2009-12-05 21:03 - 00000000 ___RD C:\Documents and Settings\Mafia\Menu Start\Programy
2014-01-02 19:18 - 2009-12-05 21:03 - 00000000 ___RD C:\Documents and Settings\Mafia\Menu Start
2014-01-02 19:14 - 2014-01-02 19:14 - 00000000 ____D C:\Documents and Settings\Mafia\Moje dokumenty\Odebrane pliki
2014-01-02 19:13 - 2009-12-21 19:31 - 00000000 ____D C:\Documents and Settings\Mafia\Dane aplikacji\Skype
2014-01-02 19:09 - 2012-10-12 20:44 - 00000000 ____D C:\Documents and Settings\Mafia\Pulpit\Gry
2014-01-02 19:09 - 2012-05-25 19:30 - 00000000 ____D C:\Documents and Settings\Mama\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi
2014-01-02 19:07 - 2010-09-11 22:58 - 00000000 ____D C:\Płatnik

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2004-08-04 13:00] - [2008-04-14 21:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a 

C:\WINDOWS\system32\winlogon.exe
[2004-08-04 13:00] - [2008-04-14 21:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 

C:\WINDOWS\system32\svchost.exe
[2004-08-04 13:00] - [2008-04-14 21:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce 

C:\WINDOWS\system32\services.exe
[2004-08-04 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f 

C:\WINDOWS\system32\User32.dll
[2004-08-04 13:00] - [2008-04-14 21:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 

C:\WINDOWS\system32\userinit.exe
[2004-08-04 13:00] - [2008-04-14 21:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 

C:\WINDOWS\system32\rpcss.dll
[2004-08-04 13:00] - [2009-02-09 11:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2004-08-04 13:00] - [2008-04-14 20:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 


==================== End Of Log ============================