Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-08-2013
Ran by jacek_ (administrator) on 27-08-2013 12:20:53
Running from C:\Documents and Settings\jacek_\Pulpit
Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

() C:\WINDOWS\System32\WLTRYSVC.EXE
(Dell Inc.) C:\WINDOWS\System32\bcmwltry.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\WINDOWS\system32\WLTRAY.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ATICCC] - C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [90112 2006-05-10] ()
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [3076144 2011-09-06] (ESET)
HKLM\...\Run: [SigmatelSysTrayApp] - C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [405504 2007-05-10] (SigmaTel, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761947 2006-03-08] (Synaptics, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\WINDOWS\system32\WLTRAY.exe [1392640 2007-03-16] (Dell Inc.)
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)
MountPoints2: {4f095286-d29a-11e2-a821-0019b963b85b} - F:\AutoRun.exe
MountPoints2: {4f095289-d29a-11e2-a821-0019b963b85b} - F:\AutoRun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: ALLYouTubeDownloader - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~1\ALLYOU~1\ALLYOU~1.DLL (ALLCinema Ltd.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKCU -&Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU -&Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Handler: ipp - No CLSID Value - 
Handler: msdaipp - No CLSID Value - 
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\jacek_\Dane aplikacji\Mozilla\Firefox\Profiles\qzch2hpy.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

========================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [974944 2011-09-06] (ESET)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [1253376 2007-03-16] (Dell Inc.)

==================== Drivers (Whitelisted) ====================

R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [36864 2006-07-01] (Advanced Micro Devices)
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [604928 2007-03-16] (Broadcom Corporation)
R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [154136 2011-08-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [118104 2011-08-04] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [147480 2011-08-04] (ESET)
R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [39824 2011-08-04] (ESET)
R1 epfwtdi; C:\Windows\System32\DRIVERS\epfwtdi.sys [61936 2011-08-04] (ESET)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 STHDA; C:\Windows\System32\drivers\sthda.sys [1222840 2007-05-10] (SigmaTel, Inc.)
S4 IntelIde; No ImagePath
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-27 12:18 - 2013-08-27 12:19 - 00007481 _____ C:\WINDOWS\spupdsvc.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00065536 _____ C:\WINDOWS\system32\config\Internet.evt
2013-08-27 12:18 - 2013-08-27 12:18 - 00006809 _____ C:\WINDOWS\iis6.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00006184 _____ C:\WINDOWS\FaxSetup.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00002956 _____ C:\WINDOWS\ocgen.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00002829 _____ C:\WINDOWS\tsoc.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00002092 _____ C:\WINDOWS\comsetup.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00001946 _____ C:\WINDOWS\msmqinst.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00001374 _____ C:\WINDOWS\imsins.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00001265 _____ C:\WINDOWS\ntdtcsetup.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00001083 _____ C:\WINDOWS\netfxocm.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00000425 _____ C:\WINDOWS\MedCtrOC.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00000386 _____ C:\WINDOWS\ocmsn.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00000319 _____ C:\WINDOWS\tabletoc.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00000309 _____ C:\WINDOWS\msgsocm.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00000000 _____ C:\WINDOWS\setupact.log
2013-08-27 12:17 - 2013-08-27 12:18 - 00016715 _____ C:\WINDOWS\updspapi.log
2013-08-27 12:16 - 2013-08-27 12:18 - 00041305 _____ C:\WINDOWS\ie8.log
2013-08-27 12:16 - 2013-08-27 12:17 - 00000000 __HDC C:\WINDOWS\ie8
2013-08-27 12:15 - 2013-08-27 12:18 - 00029953 _____ C:\WINDOWS\ie8_main.log
2013-08-27 12:15 - 2013-08-27 12:15 - 00001285 _____ C:\WINDOWS\KB2618444-IE8.log
2013-08-27 12:07 - 2013-08-27 12:07 - 00001157 _____ C:\Documents and Settings\jacek_\Pulpit\AdwCleaner.txt
2013-08-27 12:02 - 2013-08-27 12:04 - 00000000 ____D C:\AdwCleaner
2013-08-27 12:00 - 2013-08-27 12:00 - 00000000 ____D C:\Documents and Settings\jacek_\Pulpit\Stare dane programu Firefox
2013-08-27 11:58 - 2013-08-27 11:58 - 00004137 _____ C:\Documents and Settings\jacek_\Pulpit\prefs.rar
2013-08-27 11:55 - 2013-08-27 11:55 - 03072054 _____ C:\Documents and Settings\jacek_\Pulpit\zakładki.bmp
2013-08-27 11:55 - 2013-08-27 11:55 - 00028960 _____ C:\Documents and Settings\jacek_\Pulpit\bookmarks-2013-08-27.json
2013-08-27 11:52 - 2013-08-27 11:53 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\jacek_\Pulpit\TFC.exe
2013-08-27 11:52 - 2013-08-27 11:52 - 00994642 _____ C:\Documents and Settings\jacek_\Pulpit\AdwCleaner.exe
2013-08-26 12:57 - 2013-08-26 12:57 - 00000000 ____D C:\FRST
2013-08-26 12:10 - 2013-08-26 12:10 - 01070979 _____ (Farbar) C:\Documents and Settings\jacek_\Pulpit\FRST.exe
2013-08-26 12:06 - 2013-08-26 12:06 - 00377856 _____ C:\Documents and Settings\jacek_\Pulpit\xveoifum.exe
2013-08-26 12:05 - 2013-08-26 12:05 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\jacek_\Pulpit\OTL.exe
2013-08-26 12:03 - 2013-08-27 12:16 - 00001195 _____ C:\WINDOWS\setupapi.log
2013-08-17 10:41 - 2013-08-17 18:31 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-08-27 12:19 - 2013-08-27 12:19 - 00000000 __SHD C:\Documents and Settings\jacek_\IETldCache
2013-08-27 12:19 - 2013-08-27 12:18 - 00007481 _____ C:\WINDOWS\spupdsvc.log
2013-08-27 12:19 - 2013-02-28 16:54 - 00000803 _____ C:\Documents and Settings\jacek_\Menu Start\Programy\Internet Explorer.lnk
2013-08-27 12:19 - 2013-02-28 16:46 - 00000000 ____D C:\WINDOWS\system32\pl-pl
2013-08-27 12:19 - 2013-02-28 14:29 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-08-27 12:19 - 2013-02-28 14:29 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-08-27 12:19 - 2013-02-28 14:18 - 00000000 ____D C:\WINDOWS\Help
2013-08-27 12:19 - 2013-02-28 13:56 - 00000000 ___RD C:\Documents and Settings\jacek_\Ulubione
2013-08-27 12:19 - 2013-02-28 13:56 - 00000000 ___RD C:\Documents and Settings\jacek_\Moje dokumenty\Moje obrazy
2013-08-27 12:19 - 2013-02-28 13:56 - 00000000 ___RD C:\Documents and Settings\jacek_\Moje dokumenty\Moja muzyka
2013-08-27 12:19 - 2013-02-28 13:56 - 00000000 ___RD C:\Documents and Settings\jacek_\Moje dokumenty
2013-08-27 12:19 - 2013-02-28 13:56 - 00000000 ___RD C:\Documents and Settings\jacek_\Menu Start\Programy\Akcesoria
2013-08-27 12:19 - 2013-02-28 13:56 - 00000000 ___RD C:\Documents and Settings\jacek_\Menu Start\Programy
2013-08-27 12:19 - 2013-02-28 13:56 - 00000000 ____D C:\Documents and Settings\jacek_
2013-08-27 12:19 - 2013-02-28 13:46 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-08-27 12:19 - 2013-02-28 13:37 - 00388138 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00065536 _____ C:\WINDOWS\system32\config\Internet.evt
2013-08-27 12:18 - 2013-08-27 12:18 - 00006809 _____ C:\WINDOWS\iis6.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00006184 _____ C:\WINDOWS\FaxSetup.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00002956 _____ C:\WINDOWS\ocgen.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00002829 _____ C:\WINDOWS\tsoc.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00002092 _____ C:\WINDOWS\comsetup.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00001946 _____ C:\WINDOWS\msmqinst.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00001374 _____ C:\WINDOWS\imsins.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00001265 _____ C:\WINDOWS\ntdtcsetup.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00001083 _____ C:\WINDOWS\netfxocm.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00000425 _____ C:\WINDOWS\MedCtrOC.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00000386 _____ C:\WINDOWS\ocmsn.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00000319 _____ C:\WINDOWS\tabletoc.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00000309 _____ C:\WINDOWS\msgsocm.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-08-27 12:18 - 2013-08-27 12:18 - 00000000 _____ C:\WINDOWS\setupact.log
2013-08-27 12:18 - 2013-08-27 12:17 - 00016715 _____ C:\WINDOWS\updspapi.log
2013-08-27 12:18 - 2013-08-27 12:16 - 00041305 _____ C:\WINDOWS\ie8.log
2013-08-27 12:18 - 2013-08-27 12:15 - 00029953 _____ C:\WINDOWS\ie8_main.log
2013-08-27 12:18 - 2013-02-28 15:00 - 00524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2013-08-27 12:18 - 2013-02-28 13:56 - 00000188 ___SH C:\Documents and Settings\jacek_\ntuser.ini
2013-08-27 12:18 - 2013-02-28 13:46 - 00032554 _____ C:\WINDOWS\SchedLgU.Txt
2013-08-27 12:17 - 2013-08-27 12:16 - 00000000 __HDC C:\WINDOWS\ie8
2013-08-27 12:17 - 2013-02-28 14:18 - 00000000 ____D C:\WINDOWS\Media
2013-08-27 12:16 - 2013-08-26 12:03 - 00001195 _____ C:\WINDOWS\setupapi.log
2013-08-27 12:15 - 2013-08-27 12:15 - 00001285 _____ C:\WINDOWS\KB2618444-IE8.log
2013-08-27 12:15 - 2013-02-28 17:37 - 00000000 ____D C:\Documents and Settings\jacek_\Moje dokumenty\Pobieranie
2013-08-27 12:11 - 2013-02-28 13:56 - 00000000 ____D C:\Documents and Settings\jacek_\Pulpit
2013-08-27 12:07 - 2013-08-27 12:07 - 00001157 _____ C:\Documents and Settings\jacek_\Pulpit\AdwCleaner.txt
2013-08-27 12:04 - 2013-08-27 12:02 - 00000000 ____D C:\AdwCleaner
2013-08-27 12:04 - 2013-02-28 14:25 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji
2013-08-27 12:00 - 2013-08-27 12:00 - 00000000 ____D C:\Documents and Settings\jacek_\Pulpit\Stare dane programu Firefox
2013-08-27 11:58 - 2013-08-27 11:58 - 00004137 _____ C:\Documents and Settings\jacek_\Pulpit\prefs.rar
2013-08-27 11:55 - 2013-08-27 11:55 - 03072054 _____ C:\Documents and Settings\jacek_\Pulpit\zakładki.bmp
2013-08-27 11:55 - 2013-08-27 11:55 - 00028960 _____ C:\Documents and Settings\jacek_\Pulpit\bookmarks-2013-08-27.json
2013-08-27 11:53 - 2013-08-27 11:52 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\jacek_\Pulpit\TFC.exe
2013-08-27 11:52 - 2013-08-27 11:52 - 00994642 _____ C:\Documents and Settings\jacek_\Pulpit\AdwCleaner.exe
2013-08-26 22:57 - 2013-02-28 17:03 - 00131072 _____ C:\WINDOWS\system32\config\OAlerts.evt
2013-08-26 12:57 - 2013-08-26 12:57 - 00000000 ____D C:\FRST
2013-08-26 12:10 - 2013-08-26 12:10 - 01070979 _____ (Farbar) C:\Documents and Settings\jacek_\Pulpit\FRST.exe
2013-08-26 12:06 - 2013-08-26 12:06 - 00377856 _____ C:\Documents and Settings\jacek_\Pulpit\xveoifum.exe
2013-08-26 12:05 - 2013-08-26 12:05 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\jacek_\Pulpit\OTL.exe
2013-08-26 11:37 - 2013-03-08 09:58 - 00000000 ____D C:\WINDOWS\Minidump
2013-08-26 11:00 - 2013-02-28 17:48 - 00000000 ____D C:\Documents and Settings\jacek_\Pulpit\GOŚKA
2013-08-26 10:59 - 2013-02-28 13:56 - 00000000 __RHD C:\Documents and Settings\jacek_\Dane aplikacji
2013-08-26 10:58 - 2013-02-28 14:52 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-08-26 10:58 - 2013-02-28 14:18 - 00000000 ____D C:\WINDOWS\twain_32
2013-08-25 17:28 - 2013-02-28 17:30 - 00000000 ____D C:\Documents and Settings\jacek_\Pulpit\JACEK
2013-08-22 10:07 - 2002-09-29 00:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-08-18 09:14 - 2013-03-09 09:28 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-17 18:31 - 2013-08-17 10:41 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-07 23:00 - 2013-02-28 14:25 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-04 00:44] - [2008-04-14 23:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a 

C:\Windows\System32\winlogon.exe
[2004-08-04 00:44] - [2008-04-14 23:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 

C:\Windows\System32\svchost.exe
[2004-08-04 00:44] - [2008-04-14 23:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce 

C:\Windows\System32\services.exe
[2004-08-04 00:44] - [2008-04-14 23:51] - 0109056 ____A (Microsoft Corporation) 3e3ae424e27c4cefe4cab368c7b570ea 

C:\Windows\System32\User32.dll
[2004-08-04 00:44] - [2008-04-14 23:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 

C:\Windows\System32\userinit.exe
[2004-08-04 00:44] - [2008-04-14 23:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 

C:\Windows\System32\Drivers\volsnap.sys
[2004-08-04 00:36] - [2008-04-14 22:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 


==================== End Of Log ============================