Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-01-2014
Ran by Dell (administrator) on ST01 on 22-01-2014 09:44:46
Running from C:\Documents and Settings\Dell\Moje dokumenty\Pobieranie
Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Privacyware/PWI, Inc.) C:\Program Files\Privacyware\Privatefirewall 7.0\pfsvc.exe
(Intel Corporation) C:\Program Files\Intel\AMT\LMS.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Zetera Corporation) C:\Program Files\NETGEAR\NETGEAR Storage Central Manager Utility\Z-SANService.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
() C:\Program Files\SHARP\PCFAX2\PCFAXRcv.exe
(SHARP CORPORATION) C:\Program Files\SHARP\Sharpdesk\IndexTray.exe
(SHARP CORPORATION) C:\Program Files\SHARP\Sharpdesk\Indexer.exe
(SHARP CORPORATION) C:\Program Files\SHARP\Sharpdesk\SharpTray.exe
(SHARP CORPORATION) C:\Program Files\SHARP\Sharpdesk\FTPServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(SHARP CORPORATION) C:\Program Files\SHARP\Button Manager G\btnman.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files\SHARP\Printer Status Monitor\smon.exe
(SHARP CORPORATION) C:\Program Files\SHARP\Sharpdesk\nsapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
() C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [picon] - C:\Program Files\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-05-21] ()
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1044480 2010-04-30] (Analog Devices, Inc.)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [StatusClient 2.6] - C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe [61440 2004-02-27] (Hewlett-Packard)
HKLM\...\Run: [TomcatStartup 2.5] - C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe [188416 2004-05-20] (Hewlett-Packard)
HKLM\...\Run: [Receiver] - C:\Program Files\SHARP\PCFAX2\PcfaxRcv.exe [16384 2005-06-17] ()
HKLM\...\Run: [IndexTray] - C:\Program Files\Sharp\Sharpdesk\IndexTray.exe [106496 2005-12-12] (SHARP CORPORATION)
HKLM\...\Run: [Indexer] - C:\Program Files\Sharp\Sharpdesk\Indexer.exe [184320 2005-12-12] (SHARP CORPORATION)
HKLM\...\Run: [SharpTray] - C:\Program Files\Sharp\Sharpdesk\SharpTray.exe [32768 2005-12-12] (SHARP CORPORATION)
HKLM\...\Run: [TypeRegChecker] - C:\Program Files\Sharp\Sharpdesk\TypeRegChecker.exe [57344 2005-12-12] (SHARP CORPORATION)
HKLM\...\Run: [FtpServer.exe] - C:\Program Files\Sharp\Sharpdesk\FtpServer.exe [688128 2005-12-09] (SHARP CORPORATION)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Button Manager G.lnk
ShortcutTarget: Button Manager G.lnk -> C:\Program Files\SHARP\Button Manager G\btnman.exe (SHARP CORPORATION)
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Printer Status Monitor.lnk
ShortcutTarget: Printer Status Monitor.lnk -> C:\Program Files\SHARP\Printer Status Monitor\smon.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gazeta.pl/0,0.html?sc=1
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://ie8.gazeta.pl/internet_explorer_8/0,0.html?ie=1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://gazeta.pl/0,0.html?sc=1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gazeta.pl/0,0.html?sc=1
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKCU - DefaultScope {6930B17C-FA4B-4E80-B1EF-6081E6790056} URL = http://www.google.com/search?hl=pl&q={searchTerms}
SearchScopes: HKCU - {6930B17C-FA4B-4E80-B1EF-6081E6790056} URL = http://www.google.com/search?hl=pl&q={searchTerms}
SearchScopes: HKCU - {C8321615-F85B-4D79-9C16-5C8802853866} URL = http://szukaj.gazeta.pl/portalSearch.do?s.si(navigation).navigationEnabled=true&s.sm.query={searchTerms}
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
DPF: {14DF37B4-B1AD-4BD4-A855-56930AF822FF} https://www.giif.mofnet.gov.pl/giif/SIGIIFAX.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: sds - {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files\Sharp\Sharpdesk\ExplorerExtensions.dll (SHARP CORPORATION)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome: 
=======
CHR Extension: (Extended Protection) - C:\Documents and Settings\Dell\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2014-01-15]
CHR Extension: (Pierwszy u\u017Cytkownik) - C:\Documents and Settings\Dell\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-18]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Dell\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 MSSQL$REJNET; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2013-09-18] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 PFNet; C:\Program Files\Privacyware\Privatefirewall 7.0\pfsvc.exe [374600 2013-10-04] (Privacyware/PWI, Inc.)
R2 UNS; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2071064 2010-05-21] (Intel Corporation)
R2 Z-SANService; C:\Program Files\NETGEAR\NETGEAR Storage Central Manager Utility\Z-SANService.exe [376891 2007-08-08] (Zetera Corporation)
R2 rejnetoffice-pgsql93; C:/Program Files/PostgreSQL/9.3/bin/pg_ctl.exe runservice -N "rejnetoffice-pgsql93" -D "C:/Program Files/PostgreSQL/9.3/data" -w [x]
S2 wfcs; C:\Program Files\Windows Firewall Control\wfcs.exe [x]

==================== Drivers (Whitelisted) ====================

R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k5132.sys [168616 2010-04-05] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R3 pwipf6; C:\Windows\System32\DRIVERS\pwipf6.sys [135272 2012-05-25] (Privacyware/PWI, Inc.)
R2 SE4BLPT; C:\WINDOWS\system32\SE4BLPT.SYS [54488 2013-01-11] (Sharp Corporation)
R0 SFAUDIO; C:\Windows\System32\drivers\sfaudio.sys [24064 2010-04-30] (Sonic Focus, Inc)
R2 SFSZ; C:\Windows\system32\drivers\sfsz.sys [345984 2007-08-14] (DataPlow, Incorporated)
R3 ZetBus; C:\Windows\System32\DRIVERS\ZetBus.sys [15488 2007-08-08] (Zetera Corporation)
R3 ZetMPD; C:\Windows\System32\DRIVERS\ZetMPD.sys [5120 2007-08-08] (Zetera Corporation)
R0 ZetSFD; C:\Windows\System32\DRIVERS\ZetSFD.sys [12800 2007-08-08] (Zetera Corporation)
S4 IntelIde; No ImagePath
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-22 09:35 - 2014-01-22 09:35 - 00000000 ____D C:\FRST
2014-01-21 12:46 - 2014-01-21 12:46 - 00000000 ____D C:\Documents and Settings\Dell\Moje dokumenty\zapas_rejnet
2014-01-21 12:33 - 2014-01-21 12:33 - 00001439 _____ C:\WINDOWS\setupapi.log
2014-01-21 11:39 - 2010-12-23 08:48 - 02875904 ____H (Biuro Informatyki Stosowanej FORMAT) C:\Documents and Settings\Dell\Pulpit\bis_format_fakturowanie.exe
2014-01-21 11:39 - 2007-10-08 11:30 - 00675840 ____H (ELZAB S.A.) C:\Documents and Settings\Dell\Pulpit\elzabdr.dll
2014-01-21 11:39 - 1999-01-06 04:12 - 00280576 ____H C:\Documents and Settings\Dell\Pulpit\libmySQL.dll
2014-01-21 11:38 - 2014-01-21 11:39 - 03288743 _____ C:\Documents and Settings\Dell\Pulpit\fk.cab
2014-01-20 11:23 - 2014-01-20 11:23 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-20 11:23 - 2014-01-20 11:23 - 00000000 ____D C:\Documents and Settings\Dell\Dane aplikacji\Malwarebytes
2014-01-20 11:23 - 2014-01-20 11:23 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
2014-01-20 11:23 - 2014-01-20 11:23 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2014-01-20 11:23 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-01-20 11:22 - 2014-01-20 11:22 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2014-01-16 03:01 - 2014-01-16 03:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$
2014-01-15 13:59 - 2007-04-09 13:23 - 00028040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdimon.dll
2014-01-15 13:58 - 2014-01-15 13:58 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Office
2014-01-15 13:55 - 2014-01-15 13:55 - 00000000 __RHD C:\MSOCache
2014-01-15 13:52 - 2014-01-15 13:52 - 00000000 ____D C:\Program Files\7-Zip
2014-01-15 13:52 - 2014-01-15 13:52 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\7-Zip
2014-01-15 13:09 - 2014-01-15 13:13 - 00000000 ____D C:\Documents and Settings\Dell\Ustawienia lokalne\Dane aplikacji\Opera Software
2014-01-15 13:09 - 2014-01-15 13:13 - 00000000 ____D C:\Documents and Settings\Dell\Dane aplikacji\Opera Software
2014-01-15 13:08 - 2014-01-20 11:06 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\WPM
2014-01-15 13:08 - 2014-01-15 13:14 - 00000000 ____D C:\Program Files\Opera
2014-01-15 13:06 - 2014-01-15 13:06 - 00000000 ____D C:\Documents and Settings\Dell\.android
2014-01-15 13:05 - 2014-01-15 13:15 - 00000000 ____D C:\Documents and Settings\Dell\Ustawienia lokalne\Dane aplikacji\Mobogenie
2014-01-15 13:05 - 2014-01-15 13:08 - 00000000 ____D C:\Documents and Settings\Dell\Ustawienia lokalne\Dane aplikacji\cache
2014-01-15 13:05 - 2014-01-15 13:05 - 00000000 ____D C:\Documents and Settings\Dell\Ustawienia lokalne\Dane aplikacji\genienext
2014-01-15 13:05 - 2014-01-15 13:05 - 00000000 ____D C:\Documents and Settings\Dell\Moje dokumenty\Mobogenie
2014-01-15 13:05 - 2014-01-15 13:05 - 00000000 _____ C:\Documents and Settings\Dell\daemonprocess.txt
2014-01-08 09:36 - 2014-01-08 09:36 - 00000618 _____ C:\Documents and Settings\All Users\Pulpit\RejNetOffice.lnk
2014-01-08 09:36 - 2014-01-08 09:36 - 00000618 _____ C:\Documents and Settings\All Users\Menu Start\RejNetOffice.lnk
2014-01-08 09:36 - 2014-01-08 09:36 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\RejNetOffice
2014-01-08 09:33 - 2014-01-08 09:33 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\PostgreSQL 9.3
2014-01-08 09:32 - 2014-01-08 09:32 - 00000000 ____D C:\Program Files\PostgreSQL
2014-01-08 09:30 - 2014-01-08 09:45 - 00000000 ____D C:\RejNET

==================== One Month Modified Files and Folders =======

2014-01-22 09:44 - 2012-05-24 14:51 - 00000000 ____D C:\Documents and Settings\Dell\Moje dokumenty\Pobieranie
2014-01-22 09:39 - 2012-07-16 14:09 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-22 09:35 - 2014-01-22 09:35 - 00000000 ____D C:\FRST
2014-01-22 09:34 - 2012-05-24 09:36 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1110960253-3229328342-3393688422-1003UA.job
2014-01-22 09:03 - 2012-05-24 17:15 - 00002264 _____ C:\statusclient.log
2014-01-22 09:00 - 2012-04-18 14:55 - 01352924 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-22 09:00 - 2008-09-06 13:00 - 00589300 _____ C:\WINDOWS\system32\perfh015.dat
2014-01-22 09:00 - 2008-09-06 13:00 - 00117354 _____ C:\WINDOWS\system32\perfc015.dat
2014-01-22 08:59 - 2008-09-06 13:00 - 00012598 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-21 21:01 - 2012-04-18 13:05 - 01570021 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-21 21:00 - 2012-04-18 14:58 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-21 21:00 - 2012-04-18 14:58 - 00000050 _____ C:\WINDOWS\wiaservc.log
2014-01-21 21:00 - 2012-04-18 13:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-21 15:55 - 2012-05-24 15:22 - 00001122 _____ C:\WINDOWS\system32\HPPDEVX.DLL.log
2014-01-21 15:55 - 2012-04-18 13:11 - 00000188 ___SH C:\Documents and Settings\Dell\ntuser.ini
2014-01-21 15:55 - 2012-04-18 13:09 - 00032438 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-21 14:25 - 2012-04-18 13:26 - 00083904 _____ C:\Documents and Settings\Dell\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2014-01-21 14:23 - 2012-04-18 14:54 - 00423024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-21 14:22 - 2012-05-24 14:57 - 03084288 _____ C:\WINDOWS\system32\Z-SANService.log
2014-01-21 14:22 - 2012-04-18 14:54 - 00000211 __RSH C:\boot.ini
2014-01-21 14:22 - 2012-04-18 13:11 - 00000000 ____D C:\Documents and Settings\Dell
2014-01-21 14:22 - 2008-09-06 13:00 - 00000477 _____ C:\WINDOWS\win.ini
2014-01-21 14:22 - 2008-09-06 13:00 - 00000227 _____ C:\WINDOWS\system.ini
2014-01-21 14:12 - 2012-04-18 13:11 - 00000000 ____D C:\Documents and Settings\Dell\Pulpit
2014-01-21 14:00 - 2012-05-24 16:00 - 00000472 _____ C:\WINDOWS\Tasks\At4.job
2014-01-21 12:51 - 2013-12-20 12:37 - 00000000 ____D C:\Program Files\Mozilla Firefox
2014-01-21 12:51 - 2012-05-24 10:22 - 00000000 ____D C:\Documents and Settings\Dell\Dane aplikacji\Mozilla
2014-01-21 12:51 - 2012-04-18 14:55 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy
2014-01-21 12:50 - 2013-08-18 16:22 - 00000000 ____D C:\Documents and Settings\Dell\Moje dokumenty\PULPIT_WSZYSTKO
2014-01-21 12:46 - 2014-01-21 12:46 - 00000000 ____D C:\Documents and Settings\Dell\Moje dokumenty\zapas_rejnet
2014-01-21 12:46 - 2012-04-18 13:11 - 00000000 ___RD C:\Documents and Settings\Dell\Moje dokumenty
2014-01-21 12:33 - 2014-01-21 12:33 - 00001439 _____ C:\WINDOWS\setupapi.log
2014-01-21 12:30 - 2012-05-24 14:55 - 00000696 _____ C:\Documents and Settings\Dell\Pulpit\BIS_Format_Fakturowanie.lnk
2014-01-21 12:28 - 2012-05-25 08:23 - 00001142 _____ C:\Documents and Settings\Dell\Pulpit\ARCHIWUM.lnk
2014-01-21 11:39 - 2014-01-21 11:38 - 03288743 _____ C:\Documents and Settings\Dell\Pulpit\fk.cab
2014-01-21 11:39 - 2013-01-14 09:34 - 00000000 ____D C:\Documents and Settings\Dell\Nieużywane skróty
2014-01-21 11:38 - 2013-08-18 20:24 - 00001565 _____ C:\Documents and Settings\Dell\ZSANCoInstaller.log
2014-01-21 10:34 - 2012-05-24 09:36 - 00001076 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1110960253-3229328342-3393688422-1003Core.job
2014-01-21 10:10 - 2012-05-24 16:00 - 00000472 _____ C:\WINDOWS\Tasks\At1.job
2014-01-20 11:41 - 2012-12-21 03:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2753842-v2$
2014-01-20 11:39 - 2012-04-18 13:11 - 00000000 __RHD C:\Documents and Settings\Dell\Dane aplikacji
2014-01-20 11:23 - 2014-01-20 11:23 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-20 11:23 - 2014-01-20 11:23 - 00000000 ____D C:\Documents and Settings\Dell\Dane aplikacji\Malwarebytes
2014-01-20 11:23 - 2014-01-20 11:23 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
2014-01-20 11:23 - 2014-01-20 11:23 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2014-01-20 11:23 - 2012-04-18 14:55 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji
2014-01-20 11:22 - 2014-01-20 11:22 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2014-01-20 11:06 - 2014-01-15 13:08 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\WPM
2014-01-20 10:47 - 2012-05-24 15:30 - 00002347 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader X.lnk
2014-01-20 10:47 - 2012-05-24 15:29 - 00000000 ____D C:\Program Files\Common Files\Adobe
2014-01-19 20:40 - 2012-05-24 16:00 - 00000472 _____ C:\WINDOWS\Tasks\At2.job
2014-01-19 17:00 - 2012-05-24 16:00 - 00000472 _____ C:\WINDOWS\Tasks\At3.job
2014-01-19 08:32 - 2013-08-19 15:53 - 00231584 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-01-17 16:05 - 2012-04-18 14:55 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-16 16:04 - 2013-11-19 17:39 - 00636376 _____ C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
2014-01-16 16:04 - 2012-04-18 13:09 - 00000000 ___HD C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji
2014-01-16 03:03 - 2013-07-24 14:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-16 03:01 - 2014-01-16 03:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$
2014-01-16 03:01 - 2012-05-24 09:57 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-15 13:59 - 2012-05-24 15:39 - 00000677 _____ C:\WINDOWS\ODBC.INI
2014-01-15 13:58 - 2014-01-15 13:58 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Office
2014-01-15 13:58 - 2012-05-24 15:37 - 00000000 ____D C:\Program Files\Microsoft Office
2014-01-15 13:58 - 2012-05-24 10:06 - 00000000 ____D C:\WINDOWS\ShellNew
2014-01-15 13:55 - 2014-01-15 13:55 - 00000000 __RHD C:\MSOCache
2014-01-15 13:55 - 2012-04-18 14:48 - 00000000 ____D C:\WINDOWS\system
2014-01-15 13:52 - 2014-01-15 13:52 - 00000000 ____D C:\Program Files\7-Zip
2014-01-15 13:52 - 2014-01-15 13:52 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\7-Zip
2014-01-15 13:16 - 2012-04-18 13:11 - 00000000 ___RD C:\Documents and Settings\Dell\Menu Start\Programy
2014-01-15 13:15 - 2014-01-15 13:05 - 00000000 ____D C:\Documents and Settings\Dell\Ustawienia lokalne\Dane aplikacji\Mobogenie
2014-01-15 13:14 - 2014-01-15 13:08 - 00000000 ____D C:\Program Files\Opera
2014-01-15 13:13 - 2014-01-15 13:09 - 00000000 ____D C:\Documents and Settings\Dell\Ustawienia lokalne\Dane aplikacji\Opera Software
2014-01-15 13:13 - 2014-01-15 13:09 - 00000000 ____D C:\Documents and Settings\Dell\Dane aplikacji\Opera Software
2014-01-15 13:13 - 2012-04-18 14:55 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit
2014-01-15 13:09 - 2012-04-18 13:11 - 00000000 ___HD C:\Documents and Settings\Dell\Ustawienia lokalne\Dane aplikacji
2014-01-15 13:08 - 2014-01-15 13:05 - 00000000 ____D C:\Documents and Settings\Dell\Ustawienia lokalne\Dane aplikacji\cache
2014-01-15 13:08 - 2012-12-28 10:12 - 00001685 _____ C:\Documents and Settings\Dell\Pulpit\RejentNET.lnk
2014-01-15 13:08 - 2012-04-18 13:11 - 00000999 _____ C:\Documents and Settings\Dell\Menu Start\Programy\Internet Explorer.lnk
2014-01-15 13:07 - 2012-04-18 13:11 - 00000000 ___HD C:\Documents and Settings\Dell\Ustawienia lokalne
2014-01-15 13:06 - 2014-01-15 13:06 - 00000000 ____D C:\Documents and Settings\Dell\.android
2014-01-15 13:05 - 2014-01-15 13:05 - 00000000 ____D C:\Documents and Settings\Dell\Ustawienia lokalne\Dane aplikacji\genienext
2014-01-15 13:05 - 2014-01-15 13:05 - 00000000 ____D C:\Documents and Settings\Dell\Moje dokumenty\Mobogenie
2014-01-15 13:05 - 2014-01-15 13:05 - 00000000 _____ C:\Documents and Settings\Dell\daemonprocess.txt
2014-01-08 10:34 - 2012-05-24 15:39 - 00002531 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Word.lnk
2014-01-08 09:45 - 2014-01-08 09:30 - 00000000 ____D C:\RejNET
2014-01-08 09:43 - 2012-05-25 09:34 - 00000000 ____D C:\REJENT
2014-01-08 09:36 - 2014-01-08 09:36 - 00000618 _____ C:\Documents and Settings\All Users\Pulpit\RejNetOffice.lnk
2014-01-08 09:36 - 2014-01-08 09:36 - 00000618 _____ C:\Documents and Settings\All Users\Menu Start\RejNetOffice.lnk
2014-01-08 09:36 - 2014-01-08 09:36 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\RejNetOffice
2014-01-08 09:36 - 2012-04-18 14:55 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start
2014-01-08 09:33 - 2014-01-08 09:33 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\PostgreSQL 9.3
2014-01-08 09:32 - 2014-01-08 09:32 - 00000000 ____D C:\Program Files\PostgreSQL
2014-01-07 17:04 - 2013-10-23 08:43 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
2014-01-07 17:04 - 2013-08-18 16:52 - 00000000 ____D C:\Program Files\CCleaner
2013-12-30 13:48 - 2012-05-24 14:59 - 00071808 _____ C:\WINDOWS\system32\ZSANCoInstaller.log

Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job


Some content of TEMP:
====================
C:\Documents and Settings\Dell\Ustawienia lokalne\Temp\Instalator_programu_RejNetOffice.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-09-06 13:00] - [2008-09-06 13:00] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a 

C:\Windows\System32\winlogon.exe
[2008-09-06 13:00] - [2008-09-06 13:00] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 

C:\Windows\System32\svchost.exe
[2008-09-06 13:00] - [2008-09-06 13:00] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce 

C:\Windows\System32\services.exe
[2008-09-06 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f 

C:\Windows\System32\User32.dll
[2008-09-06 13:00] - [2008-09-06 13:00] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 

C:\Windows\System32\userinit.exe
[2008-09-06 13:00] - [2008-09-06 13:00] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 

C:\Windows\System32\rpcss.dll
[2008-09-06 13:00] - [2009-02-09 11:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys
[2008-09-06 13:00] - [2008-09-06 13:00] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 


==================== End Of Log ============================