Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-03-2014
Ran by Ja (administrator) on ZUZA on 07-03-2014 13:49:56
Running from C:\Documents and Settings\Ja\Moje dokumenty\Downloads
Microsoft Windows XP Home Edition Dodatek Service Pack 2 (X86) OS Language: Polish
Internet Explorer Version 6
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ATI Technologies, Inc.) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Agere Systems) C:\WINDOWS\AGRSMMSG.exe
(TOSHIBA) C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TPSMain.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe
(TOSHIBA) C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
(Sonic Solutions) C:\WINDOWS\System32\DLA\DLACTRLW.EXE
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TPSBattM.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(TOSHIBA Corp.) C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ATIPTA] - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064 2005-08-05] (ATI Technologies, Inc.)
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [15473664 2005-11-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] - C:\WINDOWS\ALCMTR.EXE [69632 2005-05-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPLpr] - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [98394 2004-10-14] (Synaptics, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [688218 2004-10-14] (Synaptics, Inc.)
HKLM\...\Run: [AGRSMMSG] - C:\WINDOWS\AGRSMMSG.exe [88203 2005-10-15] (Agere Systems)
HKLM\...\Run: [THotkey] - C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe [352256 2005-12-08] (TOSHIBA)
HKLM\...\Run: [Tvs] - C:\Program Files\TOSHIBA\Tvs\TvsTray.exe [73728 2005-11-30] (TOSHIBA Corporation)
HKLM\...\Run: [TPSMain] - C:\WINDOWS\system32\TPSMain.exe [266240 2005-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [NDSTray.exe] - NDSTray.exe
HKLM\...\Run: [SmoothView] - C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe [118784 2005-05-13] (TOSHIBA Corporation)
HKLM\...\Run: [PadTouch] - C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe [1077328 2005-08-30] (TOSHIBA)
HKLM\...\Run: [DLA] - C:\WINDOWS\System32\DLA\DLACTRLW.EXE [122940 2005-08-01] (Sonic Solutions)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5110672 2013-09-12] (ESET)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-1368488920-3962858886-3282639252-1006\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [65536 2005-04-12] (TOSHIBA)
HKU\S-1-5-21-1368488920-3962858886-3282639252-1006\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1694208 2004-10-13] (Microsoft Corporation)
HKU\S-1-5-21-1368488920-3962858886-3282639252-1006\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKU\S-1-5-21-1368488920-3962858886-3282639252-1006\...\MountPoints2: {38120e4c-5446-11e2-906e-00a0d1306b0b} - Install_Nokia_Ovi_Suite.exe
HKU\S-1-5-21-1368488920-3962858886-3282639252-1006\...\MountPoints2: {48544ebc-94a8-11e2-90e2-00a0d1306b0b} - E:\PMB_P.exe
HKU\S-1-5-21-1368488920-3962858886-3282639252-1006\...\MountPoints2: {fbc58cfe-f527-11e2-9163-00a0d1306b0b} - E:\HTC_Sync_Manager_PC.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1352739520484
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 89.161.65.247 89.161.65.246

Chrome: 
=======
CHR HomePage: hxxp://www.google.pl/
CHR Plugin: (Widevine Content Decryption Module) - C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (YouTube) - C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-31]
CHR Extension: (Szukaj w Google) - C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-31]
CHR Extension: (Webcam Toy) - C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2013-02-21]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-31]
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2012-10-31]

========================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1337752 2013-09-12] (ESET)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [181664 2013-06-13] (Oracle Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 TAPPSRV; C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe [35328 2005-08-10] (TOSHIBA Corp.)

==================== Drivers (Whitelisted) ====================

S3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [468736 2005-09-12] (Atheros Communications, Inc.)
R2 DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [25628 2005-08-01] (Sonic Solutions)
R1 DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [5628 2005-07-07] (Sonic Solutions)
R2 DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2496 2005-08-01] (Sonic Solutions)
R2 DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [86524 2005-08-01] (Sonic Solutions)
R2 DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [14684 2005-08-01] (Sonic Solutions)
R2 DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [6364 2005-08-01] (Sonic Solutions)
R1 DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [22684 2005-07-07] (Sonic Solutions)
R2 DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [92700 2005-08-01] (Sonic Solutions)
R2 DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [87004 2005-08-01] (Sonic Solutions)
R2 DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [40544 2005-07-07] (Sonic Solutions)
R1 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [184664 2013-09-17] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [118768 2013-09-17] (ESET)
R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [21060 2003-09-10] (InterVideo, Inc.)
R2 Netdevio; C:\WINDOWS\System32\DRIVERS\netdevio.sys [12032 2003-01-29] (TOSHIBA Corporation.)
S3 orange_zte_cdc_acm; C:\WINDOWS\System32\DRIVERS\orange_zte_cdc_acm.sys [66432 2011-02-02] (ZTE)
S3 orange_zte_cpo; C:\WINDOWS\System32\DRIVERS\orange_zte_cpo.sys [9984 2011-02-02] (ZTE)
R3 Pfc; C:\WINDOWS\System32\drivers\pfc.sys [10368 2003-09-19] (Padus, Inc.)
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [74496 2005-03-04] (Realtek Semiconductor Corporation                           )
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2004-08-04] ()
R3 TVALD; C:\WINDOWS\System32\DRIVERS\NBSMI.sys [6144 2005-10-20] (Toshiba Corporation)
R3 Tvs; C:\WINDOWS\System32\DRIVERS\Tvs.sys [43392 2005-11-30] (TOSHIBA Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S4 IntelIde; No ImagePath
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-07 13:26 - 2014-03-07 13:33 - 00000000 ____D () C:\AdwCleaner
2014-03-07 12:47 - 2014-03-07 12:48 - 00016384 ____H () C:\Documents and Settings\Ja\NTUSER.tmp.LOG
2014-03-07 12:47 - 2014-03-07 12:47 - 00001024 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2014-03-07 12:47 - 2014-03-07 12:47 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-03-07 12:47 - 2014-03-07 12:47 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2014-03-07 12:46 - 2014-03-07 12:47 - 00028672 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2014-03-07 12:46 - 2014-03-07 12:46 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-03-05 18:44 - 2014-03-07 13:49 - 00000000 ____D () C:\FRST
2014-03-05 16:29 - 2014-03-05 16:29 - 00143750 _____ () C:\Documents and Settings\Ja\Moje dokumenty\bookmarks_05.03.2014.html
2014-03-02 21:47 - 2014-03-02 21:47 - 00000000 ____D () C:\Program Files\ESET
2014-03-02 21:47 - 2014-03-02 21:47 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\ESET
2014-03-02 21:47 - 2014-03-02 21:47 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\ESET
2014-03-02 21:42 - 2014-03-02 21:42 - 00000000 ____D () C:\Documents and Settings\Ja\Menu Start\Programy\Autostart
2014-03-02 20:41 - 2014-03-02 21:42 - 00000000 ____D () C:\Documents and Settings\Ja\Menu Start\Programy
2014-03-02 20:41 - 2014-03-02 20:41 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-03-02 18:29 - 2014-03-02 18:29 - 00000000 ____D () C:\Documents and Settings\Ja\Dane aplikacji\Mozilla
2014-02-12 20:58 - 2014-02-12 20:58 - 00000372 _____ () C:\Documents and Settings\Ja\Moje dokumenty\spider.sav

==================== One Month Modified Files and Folders =======

2014-03-07 13:49 - 2014-03-05 18:44 - 00000000 ____D () C:\FRST
2014-03-07 13:48 - 2005-12-16 11:02 - 00399583 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-07 13:45 - 2013-05-19 12:36 - 00000000 ____D () C:\Documents and Settings\Ja\Dane aplikacji\Skype
2014-03-07 13:42 - 2012-10-30 23:57 - 00001024 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-07 13:42 - 2005-12-19 11:45 - 00000000 ____D () C:\WINDOWS\system32\Lang
2014-03-07 13:42 - 2005-12-16 11:06 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-07 13:41 - 2012-10-30 20:50 - 00000292 ___SH () C:\Documents and Settings\Ja\ntuser.ini
2014-03-07 13:41 - 2005-12-16 11:06 - 00032540 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-07 13:33 - 2014-03-07 13:26 - 00000000 ____D () C:\AdwCleaner
2014-03-07 13:33 - 2012-10-30 23:58 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome
2014-03-07 13:33 - 2012-10-30 20:50 - 00000000 ___HD () C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji
2014-03-07 13:33 - 2005-12-16 11:56 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji
2014-03-07 13:15 - 2012-11-12 17:54 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-07 13:15 - 2012-10-30 20:50 - 03932160 ____H () C:\Documents and Settings\Ja\NTUSER.bak
2014-03-07 13:15 - 2005-12-16 11:55 - 24117248 _____ () C:\WINDOWS\system32\config\software.bak
2014-03-07 13:15 - 2005-12-16 11:55 - 06553600 _____ () C:\WINDOWS\system32\config\system.bak
2014-03-07 13:15 - 2005-12-16 11:55 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-03-07 13:15 - 2005-12-16 11:55 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-03-07 13:15 - 2005-12-16 11:55 - 00262144 _____ () C:\WINDOWS\system32\config\default.bak
2014-03-07 13:08 - 2012-10-30 20:50 - 00000000 __RHD () C:\Documents and Settings\Ja\Dane aplikacji
2014-03-07 13:00 - 2012-10-30 23:57 - 00001028 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-07 12:48 - 2014-03-07 12:47 - 00016384 ____H () C:\Documents and Settings\Ja\NTUSER.tmp.LOG
2014-03-07 12:48 - 2012-10-30 20:50 - 00000000 ____D () C:\Documents and Settings\Ja
2014-03-07 12:47 - 2014-03-07 12:47 - 00001024 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2014-03-07 12:47 - 2014-03-07 12:47 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-03-07 12:47 - 2014-03-07 12:47 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2014-03-07 12:47 - 2014-03-07 12:46 - 00028672 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2014-03-07 12:46 - 2014-03-07 12:46 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-03-07 09:55 - 2005-12-16 10:49 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-05 17:14 - 2013-04-09 21:22 - 00000000 ____D () C:\Program Files\e-Deklaracje
2014-03-05 17:13 - 2005-12-16 11:56 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy
2014-03-05 17:13 - 2005-12-16 11:02 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-03-05 17:02 - 2005-12-16 11:55 - 00214534 _____ () C:\WINDOWS\setupact.log
2014-03-05 16:58 - 2005-12-16 11:56 - 00686855 _____ () C:\WINDOWS\setupapi.log
2014-03-05 16:58 - 2005-12-16 11:56 - 00303398 _____ () C:\WINDOWS\FaxSetup.log
2014-03-05 16:58 - 2005-12-16 11:56 - 00157509 _____ () C:\WINDOWS\ocgen.log
2014-03-05 16:58 - 2005-12-16 11:56 - 00124523 _____ () C:\WINDOWS\tsoc.log
2014-03-05 16:58 - 2005-12-16 11:56 - 00109644 _____ () C:\WINDOWS\comsetup.log
2014-03-05 16:58 - 2005-12-16 11:56 - 00065141 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-05 16:58 - 2005-12-16 11:56 - 00048469 _____ () C:\WINDOWS\iis6.log
2014-03-05 16:58 - 2005-12-16 11:56 - 00018421 _____ () C:\WINDOWS\ocmsn.log
2014-03-05 16:58 - 2005-12-16 11:56 - 00015734 _____ () C:\WINDOWS\msgsocm.log
2014-03-05 16:58 - 2005-12-16 11:56 - 00001891 _____ () C:\WINDOWS\imsins.log
2014-03-05 16:29 - 2014-03-05 16:29 - 00143750 _____ () C:\Documents and Settings\Ja\Moje dokumenty\bookmarks_05.03.2014.html
2014-03-05 16:29 - 2012-10-30 20:50 - 00000000 ___RD () C:\Documents and Settings\Ja\Moje dokumenty
2014-03-05 16:04 - 2012-10-30 20:50 - 00000000 ____D () C:\Documents and Settings\Ja\Pulpit
2014-03-04 13:37 - 2013-02-20 20:46 - 00001813 _____ () C:\Documents and Settings\Ja\Pulpit\Google Chrome.lnk
2014-03-04 13:23 - 2005-12-16 11:56 - 00001891 _____ () C:\WINDOWS\imsins.BAK
2014-03-02 21:47 - 2014-03-02 21:47 - 00000000 ____D () C:\Program Files\ESET
2014-03-02 21:47 - 2014-03-02 21:47 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\ESET
2014-03-02 21:47 - 2014-03-02 21:47 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\ESET
2014-03-02 21:42 - 2014-03-02 21:42 - 00000000 ____D () C:\Documents and Settings\Ja\Menu Start\Programy\Autostart
2014-03-02 21:42 - 2014-03-02 20:41 - 00000000 ____D () C:\Documents and Settings\Ja\Menu Start\Programy
2014-03-02 20:54 - 2005-12-16 11:04 - 00001607 _____ () C:\Documents and Settings\All Users\Menu Start\Określ dostęp do programów i ich ustawienia domyślne.lnk
2014-03-02 20:54 - 2005-12-16 11:04 - 00001599 _____ () C:\Documents and Settings\Default User\Menu Start\Programy\Pomoc zdalna.lnk
2014-03-02 20:54 - 2005-12-16 11:04 - 00001507 _____ () C:\Documents and Settings\All Users\Menu Start\Windows Update.lnk
2014-03-02 20:41 - 2014-03-02 20:41 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-03-02 20:41 - 2012-10-30 20:50 - 00000000 ___RD () C:\Documents and Settings\Ja\Menu Start
2014-03-02 20:32 - 2012-10-30 20:50 - 00000000 ___HD () C:\Documents and Settings\Ja\Ustawienia lokalne
2014-03-02 19:01 - 2005-12-16 11:56 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2014-03-02 18:29 - 2014-03-02 18:29 - 00000000 ____D () C:\Documents and Settings\Ja\Dane aplikacji\Mozilla
2014-02-24 18:29 - 2012-11-06 11:04 - 00002531 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Word.lnk
2014-02-24 12:32 - 2013-09-02 19:46 - 00000000 ____D () C:\Documents and Settings\Ja\Pulpit\W-f
2014-02-22 13:13 - 2014-01-25 14:35 - 00000000 ____D () C:\Documents and Settings\Ja\Pulpit\innowacje
2014-02-21 15:15 - 2012-10-30 23:56 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-21 15:15 - 2012-10-30 23:56 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-02-15 09:12 - 2013-10-12 10:45 - 00000000 ____D () C:\Documents and Settings\Ja\Pulpit\DOM
2014-02-12 20:58 - 2014-02-12 20:58 - 00000372 _____ () C:\Documents and Settings\Ja\Moje dokumenty\spider.sav

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2005-12-16 10:49] - [2004-08-04 12:00] - 1033728 ____A (Microsoft Corporation) 379098a96e6c165b659de7e4328010ea 

C:\WINDOWS\system32\winlogon.exe
[2005-12-16 10:49] - [2004-08-04 12:00] - 0504832 ____A (Microsoft Corporation) 0344407089b08548d4feba62bb0f32d0 

C:\WINDOWS\system32\svchost.exe
[2005-12-16 10:49] - [2004-08-04 12:00] - 0014336 ____A (Microsoft Corporation) ba98327e90022dbd6ee76490e0622e2e 

C:\WINDOWS\system32\services.exe
[2005-12-16 10:49] - [2004-08-04 12:00] - 0108544 ____A (Microsoft Corporation) 3da8d964d2cc12ef8e8c342471a37917 

C:\WINDOWS\system32\User32.dll
[2005-12-16 10:49] - [2005-03-02 19:18] - 0578560 ____A (Microsoft Corporation) b7eeb1a1af740306049241ddf61f21ff 

C:\WINDOWS\system32\userinit.exe
[2005-12-16 10:49] - [2004-08-04 12:00] - 0025088 ____A (Microsoft Corporation) bd768099b4c44aa631728cb74eb54396 

C:\WINDOWS\system32\rpcss.dll
[2005-12-16 10:49] - [2005-04-28 20:38] - 0396288 ____A (Microsoft Corporation) 52679c1dccd92ed5eafa368501afb77c 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2005-12-16 10:49] - [2004-08-04 12:00] - 0052864 ____A (Microsoft Corporation) ecd173739b8ec10a814cc18653df5a36 


==================== End Of Log ============================