Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-12-2013 01
Ran by Domownik (administrator) on DOMOWY on 13-12-2013 17:28:14
Running from C:\Documents and Settings\Domownik\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
() C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(ATI Technologies, Inc.) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
(Hewlett-Packard ) C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
() C:\Program Files\HPQ\shared\HpqToaster.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Microsoft Corporation) \\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ehTray] - C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-06] (Microsoft Corporation)
HKLM\...\Run: [ATIPTA] - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064 2005-11-11] (ATI Technologies, Inc.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152 2005-02-17] (Hewlett-Packard Co.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [729178 2005-06-19] (Synaptics, Inc.)
HKLM\...\Run: [QPService] - C:\Program Files\HP\QuickPlay\QPService.exe [94208 2005-12-12] (CyberLink Corp.)
HKLM\...\Run: [eabconfg.cpl] - C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe [409600 2005-12-07] (Hewlett-Packard )
HKLM\...\Run: [RecGuard] - C:\WINDOWS\SMINST\Recguard.exe [1187840 2005-10-11] ()
HKLM\...\Run: [hpWirelessAssistant] - C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe [507904 2005-12-13] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [avast] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4858456 2013-05-02] (AVAST Software)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [20131121] - C:\Program Files\Alwil Software\Avast5\Setup\emupdate\2b6d9a4c-9d44-446f-9080-d1af6bc2b1c7.exe [180184 2013-11-23] (AVAST Software)
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [Google Update] - C:\Documents and Settings\Domownik\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [136176 2010-12-25] (Google Inc.)
MountPoints2: {34069470-dc01-11e1-a6ff-0014a578b3bd} - F:\AutoRun.exe
MountPoints2: {3e621a02-1358-11e0-871a-d3508e94ed83} - F:\AutoRun.exe
MountPoints2: {73d74892-18cb-11e0-871b-eda75909b092} - F:\AutoRun.exe
MountPoints2: {74dba8b0-818d-11e1-a675-0014a578b3bd} - F:\AutoRun.exe
MountPoints2: {88d4c466-4285-11e0-8759-aca431f1b947} - F:\AutoRun.exe
MountPoints2: {88d4c469-4285-11e0-8759-ba68b25ab570} - F:\AutoRun.exe
MountPoints2: {88d4c46b-4285-11e0-8759-001e101f6556} - G:\AutoRun.exe
MountPoints2: {f2a64280-fd78-11e0-a55e-001e101f19a3} - F:\AutoRun.exe
HKU\Administrator\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Administrator\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe"
HKU\Default User\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe"
HKU\MAT\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [ 2005-09-08] (Nero AG)
HKU\MAT\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Max Golonko\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Max Golonko\...\Run: [Google Update] - C:\Documents and Settings\Max Golonko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [ 2009-02-13] (Google Inc.)
HKU\Max Golonko\...\Run: [ALLUpdate] - C:\Program Files\ALLPlayer\ALLUpdate.exe [ 2010-11-02] ()
Lsa: [Notification Packages]  scecli scecli
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk
ShortcutTarget: HP Photosmart Premier Fast Start.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=laptop
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=laptop
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
Handler: mpbook - {1D80410C-BBCF-4D08-AC3A-0BBAF4CE1D75} - C:\Program Files\Interna\InternaHandler.dll ()
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchKeyword: google.pl
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Plugin: (Widevine Content Decryption Module) - C:\Documents and Settings\Domownik\Local Settings\Application Data\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Domownik\Local Settings\Application Data\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Domownik\Local Settings\Application Data\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Domownik\Local Settings\Application Data\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Extension: (YouTube) - C:\Documents and Settings\Domownik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Documents and Settings\Domownik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Blue Floral) - C:\Documents and Settings\Domownik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mndpkoimnhcijdanbkehgccnadibcceg\1.0_0
CHR Extension: (Google Wallet) - C:\Documents and Settings\Domownik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Documents and Settings\Domownik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Domownik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-05-02] (AVAST Software)
R2 DCService.exe; C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe [229376 2010-05-08] ()
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-06] (Microsoft Corporation)
R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3291008 2013-08-14] (Skype Technologies S.A.)

==================== Drivers (Whitelisted) ====================

R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [36352 2005-03-10] (Advanced Micro Devices)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-02] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-05-02] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49760 2013-05-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-02] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765736 2013-05-02] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368944 2013-05-02] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [174664 2013-05-02] ()
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [424320 2005-11-28] (Broadcom Corporation)
S3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [56648 2005-08-18] (Broadcom Corporation.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 eabfiltr; C:\WINDOWS\system32\drivers\EABFiltr.sys [7936 2005-05-05] (Hewlett-Packard Development Company, L.P.)
S3 eabusb; C:\WINDOWS\system32\drivers\eabusb.sys [5760 2005-05-05] (Hewlett-Packard Development Company, L.P.)
R3 HSFHWATI; C:\Windows\System32\DRIVERS\HSFHWATI.sys [231424 2005-08-22] (Conexant Systems, Inc.)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation)
R3 vdrive; C:\Windows\System32\DRIVERS\vdrive.sys [36736 2011-07-06] (Fengtao Software Inc.)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

2013-12-13 15:40 - 2013-12-13 15:42 - 00000000 ____D C:\AdwCleaner
2013-12-13 15:38 - 2013-12-13 15:36 - 01226802 _____ C:\Documents and Settings\Domownik\Desktop\AdwCleaner.exe
2013-12-13 15:38 - 2013-12-13 15:36 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\Domownik\Desktop\TFC.exe
2013-12-13 15:28 - 2005-11-10 22:03 - 00049265 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\jpicpl32.cpl
2013-12-13 15:24 - 2013-12-13 15:24 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2013-12-13 15:15 - 2013-12-13 15:15 - 00000702 _____ C:\Documents and Settings\All Users\Desktop\MozBackup.lnk
2013-12-13 15:15 - 2013-12-13 15:15 - 00000000 ____D C:\Program Files\MozBackup
2013-12-13 15:15 - 2013-12-13 15:15 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\MozBackup
2013-12-13 15:15 - 2013-12-13 15:07 - 01035926 _____ C:\Documents and Settings\Domownik\Desktop\MozBackup-1.5.1-EN.exe
2013-12-13 11:58 - 2013-12-13 11:58 - 00042278 _____ C:\Documents and Settings\Domownik\Desktop\Extras.Txt
2013-12-13 11:57 - 2013-12-13 11:57 - 00086766 _____ C:\Documents and Settings\Domownik\Desktop\OTL.Txt
2013-12-13 11:42 - 2013-12-13 11:42 - 00019899 _____ C:\Documents and Settings\Domownik\Desktop\Addition.txt
2013-12-13 11:32 - 2013-12-13 17:37 - 00014343 _____ C:\Documents and Settings\Domownik\Desktop\FRST.txt
2013-12-13 11:25 - 2013-12-13 11:26 - 00000000 ____D C:\FRST
2013-12-13 11:23 - 2013-12-13 11:17 - 00891200 _____ C:\Documents and Settings\Domownik\Desktop\SecurityCheck.exe
2013-12-13 11:23 - 2013-12-13 11:16 - 00377856 _____ C:\Documents and Settings\Domownik\Desktop\wuycrwd3.exe
2013-12-13 11:23 - 2013-12-13 11:15 - 01060575 _____ (Farbar) C:\Documents and Settings\Domownik\Desktop\FRST.exe
2013-12-13 11:23 - 2013-12-13 11:13 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Domownik\Desktop\OTL.exe
2013-11-14 16:26 - 2013-11-14 16:26 - 00010015 _____ C:\WINDOWS\KB2900986.log
2013-11-14 16:26 - 2013-11-14 16:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 16:26 - 2013-11-14 16:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 16:26 - 2013-11-14 16:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 16:25 - 2013-11-14 16:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 16:22 - 2013-11-14 16:25 - 00012292 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-14 15:24 - 2013-11-14 16:26 - 00016725 _____ C:\WINDOWS\KB2868626.log
2013-11-14 15:24 - 2013-11-14 16:26 - 00015696 _____ C:\WINDOWS\KB2862152.log
2013-11-14 15:23 - 2013-11-14 16:26 - 00015222 _____ C:\WINDOWS\KB2876331.log

==================== One Month Modified Files and Folders =======

2013-12-13 17:49 - 2011-04-22 12:12 - 00000428 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{8DEE7B1A-493B-4D3A-BF8D-0523CF4B42CC}.job
2013-12-13 17:41 - 2011-04-28 15:52 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3932094685-2476051698-2439078746-1005UA.job
2013-12-13 17:37 - 2013-12-13 11:32 - 00014343 _____ C:\Documents and Settings\Domownik\Desktop\FRST.txt
2013-12-13 17:29 - 2005-08-17 18:21 - 00522638 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-13 17:27 - 2005-08-17 18:39 - 01100919 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-13 17:25 - 2012-12-22 23:44 - 00000366 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-12-13 17:24 - 2006-02-17 09:58 - 00002058 ___SH C:\hpqp.ini
2013-12-13 17:24 - 2006-02-17 08:50 - 00000000 ____D C:\WINDOWS\Registration
2013-12-13 17:23 - 2006-02-17 09:58 - 00000040 _____ C:\XP_TV.ini
2013-12-13 17:23 - 2005-08-17 18:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-13 17:23 - 2005-08-17 10:49 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-12-13 17:23 - 2005-08-17 10:49 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-12-13 17:16 - 2010-12-26 04:26 - 00000178 ___SH C:\Documents and Settings\Domownik\ntuser.ini
2013-12-13 17:16 - 2005-08-17 18:39 - 00032604 _____ C:\WINDOWS\SchedLgU.Txt
2013-12-13 15:43 - 2010-12-26 04:26 - 00000000 ____D C:\Documents and Settings\Domownik
2013-12-13 15:42 - 2013-12-13 15:40 - 00000000 ____D C:\AdwCleaner
2013-12-13 15:36 - 2013-12-13 15:38 - 01226802 _____ C:\Documents and Settings\Domownik\Desktop\AdwCleaner.exe
2013-12-13 15:36 - 2013-12-13 15:38 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\Domownik\Desktop\TFC.exe
2013-12-13 15:28 - 2006-02-17 09:02 - 00000000 ____D C:\Program Files\Java
2013-12-13 15:24 - 2013-12-13 15:24 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2013-12-13 15:15 - 2013-12-13 15:15 - 00000702 _____ C:\Documents and Settings\All Users\Desktop\MozBackup.lnk
2013-12-13 15:15 - 2013-12-13 15:15 - 00000000 ____D C:\Program Files\MozBackup
2013-12-13 15:15 - 2013-12-13 15:15 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\MozBackup
2013-12-13 15:07 - 2013-12-13 15:15 - 01035926 _____ C:\Documents and Settings\Domownik\Desktop\MozBackup-1.5.1-EN.exe
2013-12-13 14:45 - 2012-08-17 20:17 - 00000000 ____D C:\Documents and Settings\Domownik\Desktop\Biuro
2013-12-13 11:58 - 2013-12-13 11:58 - 00042278 _____ C:\Documents and Settings\Domownik\Desktop\Extras.Txt
2013-12-13 11:57 - 2013-12-13 11:57 - 00086766 _____ C:\Documents and Settings\Domownik\Desktop\OTL.Txt
2013-12-13 11:42 - 2013-12-13 11:42 - 00019899 _____ C:\Documents and Settings\Domownik\Desktop\Addition.txt
2013-12-13 11:37 - 2011-04-28 15:52 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3932094685-2476051698-2439078746-1005Core.job
2013-12-13 11:26 - 2013-12-13 11:25 - 00000000 ____D C:\FRST
2013-12-13 11:22 - 2005-08-17 18:03 - 00356179 _____ C:\WINDOWS\setupact.log
2013-12-13 11:20 - 2011-07-29 09:51 - 00379387 _____ C:\WINDOWS\setupapi.log
2013-12-13 11:17 - 2013-12-13 11:23 - 00891200 _____ C:\Documents and Settings\Domownik\Desktop\SecurityCheck.exe
2013-12-13 11:16 - 2013-12-13 11:23 - 00377856 _____ C:\Documents and Settings\Domownik\Desktop\wuycrwd3.exe
2013-12-13 11:15 - 2013-12-13 11:23 - 01060575 _____ (Farbar) C:\Documents and Settings\Domownik\Desktop\FRST.exe
2013-12-13 11:13 - 2013-12-13 11:23 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Domownik\Desktop\OTL.exe
2013-12-10 15:21 - 2005-08-17 18:39 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2013-12-06 15:29 - 2010-12-25 19:53 - 00002315 _____ C:\Documents and Settings\Domownik\Desktop\Google Chrome.lnk
2013-11-14 16:26 - 2013-11-14 16:26 - 00010015 _____ C:\WINDOWS\KB2900986.log
2013-11-14 16:26 - 2013-11-14 16:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 16:26 - 2013-11-14 16:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 16:26 - 2013-11-14 16:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 16:26 - 2013-11-14 15:24 - 00016725 _____ C:\WINDOWS\KB2868626.log
2013-11-14 16:26 - 2013-11-14 15:24 - 00015696 _____ C:\WINDOWS\KB2862152.log
2013-11-14 16:26 - 2013-11-14 15:23 - 00015222 _____ C:\WINDOWS\KB2876331.log
2013-11-14 16:26 - 2005-08-17 18:38 - 00896547 _____ C:\WINDOWS\tsoc.log
2013-11-14 16:26 - 2005-08-17 18:38 - 00134944 _____ C:\WINDOWS\iis6.log
2013-11-14 16:26 - 2005-08-17 18:17 - 00223156 _____ C:\WINDOWS\MedCtrOC.log
2013-11-14 16:26 - 2005-08-17 18:11 - 00426253 _____ C:\WINDOWS\updspapi.log
2013-11-14 16:26 - 2005-08-17 18:03 - 00644547 _____ C:\WINDOWS\comsetup.log
2013-11-14 16:26 - 2005-08-17 18:03 - 00388903 _____ C:\WINDOWS\ntdtcsetup.log
2013-11-14 16:26 - 2005-08-17 18:03 - 00107774 _____ C:\WINDOWS\ehOCGen.log
2013-11-14 16:26 - 2005-08-17 18:03 - 00105483 _____ C:\WINDOWS\ocmsn.log
2013-11-14 16:26 - 2005-08-17 18:03 - 00098793 _____ C:\WINDOWS\tabletoc.log
2013-11-14 16:26 - 2005-08-17 18:03 - 00001393 _____ C:\WINDOWS\imsins.log
2013-11-14 16:26 - 2005-08-17 18:03 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-11-14 16:26 - 2005-08-17 17:54 - 01947443 _____ C:\WINDOWS\FaxSetup.log
2013-11-14 16:26 - 2005-08-17 17:54 - 00938409 _____ C:\WINDOWS\ocgen.log
2013-11-14 16:26 - 2005-08-17 17:54 - 00354994 _____ C:\WINDOWS\netfxocm.log
2013-11-14 16:26 - 2005-08-17 17:54 - 00220576 _____ C:\WINDOWS\plusoc.log
2013-11-14 16:26 - 2005-08-17 17:54 - 00097602 _____ C:\WINDOWS\msgsocm.log
2013-11-14 16:26 - 2005-08-17 17:52 - 00603924 _____ C:\WINDOWS\msmqinst.log
2013-11-14 16:25 - 2013-11-14 16:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 16:25 - 2013-11-14 16:22 - 00012292 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-14 16:25 - 2009-05-29 16:20 - 00000000 ____D C:\WINDOWS\ie8updates
2013-11-14 16:22 - 2013-07-18 17:50 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-14 16:19 - 2010-12-26 10:17 - 80340640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================