Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-09-2013
Ran by Administrator (administrator) on PROFILAKTYKA2 on 06-09-2013 18:41:05
Running from C:\Documents and Settings\Administrator\Desktop\diagnoza
Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 6
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2029640 2009-03-19] (ESET)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: igfxsrvc.dll (Intel Corporation)
MountPoints2: {118c65d9-82d1-11df-9062-001a92cd67a9} - F:\AutoRun.exe
MountPoints2: {4c893868-f19d-11df-90ce-001a92cd67a9} - F:\AutoRun.exe
MountPoints2: {4c893869-f19d-11df-90ce-001a92cd67a9} - F:\AutoRun.exe
MountPoints2: {fd1032d8-a452-11df-9085-001a92cd67a9} - F:\AutoRun.exe
MountPoints2: {fd1032d9-a452-11df-9085-001a92cd67a9} - F:\AutoRun.exe
Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2mztheub.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: Eset Plugin - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

========================== Services (Whitelisted) =================

S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [20680 2009-03-19] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [731840 2009-03-19] (ESET)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

S3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [371712 2005-02-12] (Broadcom Corporation)
R3 E1000; C:\Windows\System32\DRIVERS\e1000325.sys [99840 2002-11-12] (Intel Corporation)
R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [113960 2009-03-19] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [107256 2009-03-19] (ESET)
R1 epfwtdir; C:\Windows\System32\DRIVERS\epfwtdir.sys [93848 2009-03-19] (ESET)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49664 2006-04-13] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2006-04-13] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2006-04-13] (HP)
R3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [681469 2004-02-10] (Intel Corporation)
S3 Secdrv; C:\Windows\System32\DRIVERS\secdrv.sys [27440 2004-08-04] ()
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-06 18:20 - 2004-08-04 00:56 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidserv.dll
2013-09-06 18:20 - 2004-08-03 22:58 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhid.sys
2013-09-06 18:20 - 2004-08-03 22:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2013-09-05 19:40 - 2013-09-06 18:25 - 00000000 ____D C:\FRST
2013-09-05 19:38 - 2013-09-05 19:38 - 00000000 _____ C:\Documents and Settings\Administrator\defogger_reenable
2013-09-05 19:24 - 2013-09-06 18:41 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\diagnoza
2013-08-27 13:10 - 2013-08-27 13:10 - 00000000 ____D C:\Program Files\Samsung
2013-08-27 13:07 - 2013-08-27 13:07 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\Samsung

==================== One Month Modified Files and Folders =======

2013-09-06 18:39 - 2010-03-28 12:51 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-09-06 18:39 - 2010-03-28 12:51 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-09-06 18:37 - 2010-03-29 10:05 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2013-09-06 18:37 - 2010-03-29 09:59 - 00055297 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-06 18:25 - 2013-09-05 19:40 - 00000000 ____D C:\FRST
2013-09-06 18:20 - 2010-03-28 12:48 - 00499834 _____ C:\WINDOWS\setupapi.log
2013-09-06 18:20 - 2010-03-28 12:47 - 00170986 _____ C:\WINDOWS\setupact.log
2013-09-05 19:38 - 2013-09-05 19:38 - 00000000 _____ C:\Documents and Settings\Administrator\defogger_reenable
2013-09-05 19:38 - 2010-03-29 10:05 - 00000000 ____D C:\Documents and Settings\Administrator
2013-09-05 19:28 - 2004-08-04 12:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-08-28 13:07 - 2013-06-19 10:38 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\Umowy (E)
2013-08-28 13:04 - 2011-02-09 12:35 - 00000000 ____D D:\My Documents\PROFILAKTYKA
2013-08-28 12:48 - 2011-02-09 12:34 - 00000000 ____D D:\My Documents\SŁAWEK
2013-08-28 12:37 - 2013-06-20 08:01 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\P. poż
2013-08-27 13:10 - 2013-08-27 13:10 - 00000000 ____D C:\Program Files\Samsung
2013-08-27 13:07 - 2013-08-27 13:07 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\Samsung
2013-08-08 13:48 - 2011-01-30 18:16 - 00000116 _____ C:\WINDOWS\NeroDigital.ini

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-04 12:00] - [2004-08-04 12:00] - 1032192 ____A (Microsoft Corporation) a0732187050030ae399b241436565e64 

C:\Windows\System32\winlogon.exe
[2004-08-04 12:00] - [2004-08-04 12:00] - 0502272 ____A (Microsoft Corporation) 01c3346c241652f43aed8e2149881bfe 

C:\Windows\System32\svchost.exe
[2004-08-04 12:00] - [2004-08-04 12:00] - 0014336 ____A (Microsoft Corporation) 8f078ae4ed187aaabc0a305146de6716 

C:\Windows\System32\services.exe
[2004-08-04 12:00] - [2004-08-04 12:00] - 0108032 ____A (Microsoft Corporation) c6ce6eec82f187615d1002bb3bb50ed4 

C:\Windows\System32\User32.dll
[2004-08-04 12:00] - [2004-08-04 12:00] - 0577024 ____A (Microsoft Corporation) c72661f8552ace7c5c85e16a3cf505c4 

C:\Windows\System32\userinit.exe
[2004-08-04 12:00] - [2004-08-04 12:00] - 0024576 ____A (Microsoft Corporation) 39b1ffb03c2296323832acbae50d2aff 

C:\Windows\System32\Drivers\volsnap.sys
[2004-08-04 12:00] - [2004-08-04 12:00] - 0052352 ____A (Microsoft Corporation) ee4660083deba849ff6c485d944b379b 


==================== End Of Log ============================