Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Michał (administrator) on MI on 27-03-2014 23:51:25
Running from C:\Documents and Settings\Michał\Pulpit
Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Atheros) C:\WINDOWS\system32\acs.exe
(Agere Systems) C:\WINDOWS\system32\agrsmsvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Zetera Corporation) C:\Program Files\NETGEAR\NETGEAR Storage Central Manager Utility\Z-SANService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastUI.exe
() C:\Program Files\Cyfrowy Polsat\MF821\Bin\CancelAutoPlay.exe
(Atheros Communications, Inc.) C:\Program Files\Atheros\ACU.exe
(Redefine Sp z o.o.) C:\Program Files\ipla\ipla.exe
() C:\Program Files\Cyfrowy Polsat\MF821\Bin\zLoggingDaemon.exe
() C:\Program Files\Cyfrowy Polsat\MF821\Bin\Cyfrowy Polsat MF821.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.126.0\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [16860672 2009-02-26] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1024000 2009-02-26] (Synaptics, Inc.)
HKLM\...\Run: [Camera Assistant Software] - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [417792 2008-04-29] (Chicony)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4297136 2012-10-30] (AVAST Software)
HKLM\...\Run: [CancelAutoPlay.exe] - C:\Program Files\Cyfrowy Polsat\MF821\Bin\CancelAutoPlay.exe [74096 2012-05-22] ()
HKLM\...\Run: [ACU] - C:\Program Files\Atheros\ACU.exe [450648 2008-01-26] (Atheros Communications, Inc.)
HKLM\...\Run: [zLoader.exe] - C:\Program Files\Cyfrowy Polsat\MF821\Bin\zLoader.exe [26480 2012-05-22] ()
HKLM\...\Run: [MSN Toolbar] - "C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe"
HKLM\...\Run: [Microsoft Default Manager] - "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
HKLM\...\Run: [BluetoothAuthenticationAgent] - rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\.DEFAULT\...\Run: [Google Update] - C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [116648 2014-02-10] (Google Inc.)
HKU\S-1-5-21-448539723-1123561945-1801674531-1004\...\Run: [SpeedUpMyPC] - "C:\Program Files\Uniblue\SpeedUpMyPC\launcher.exe" delay 20000 
HKU\S-1-5-21-448539723-1123561945-1801674531-1004\...\Run: [IPLA!] - C:\Program Files\ipla\ipla.exe [21325920 2014-03-03] (Redefine Sp z o.o.)
HKU\S-1-5-21-448539723-1123561945-1801674531-1004\...\Run: [Badoo Desktop] - "C:\Documents and Settings\All Users\Dane aplikacji\Badoo\Badoo Desktop\1.5.3.949\Badoo.Desktop.exe"
HKU\S-1-5-21-448539723-1123561945-1801674531-1004\...\Run: [Odkurzacz] - C:\Program Files\Odkurzacz\odkurzacz.exe [905216 2013-09-21] (FranmoSoftware)
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Bluetooth Monitor.lnk
ShortcutTarget: Bluetooth Monitor.lnk -> C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe (TOSHIBA CORPORATION)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.facebook.com/
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - "C:\Program Files\AskPartnerNetwork\Toolbar\searchhook.dll" No File
SearchScopes: HKLM - DefaultScope {274daec0-c4e8-4f30-9e5c-9424990769b9} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^0D^xdm269^YYA^it&ptb=56CD13EE-7FC4-4A9F-862D-751C3BEB3ABC&ind=2013111309&n=77fda40d&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM - {274daec0-c4e8-4f30-9e5c-9424990769b9} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^0D^xdm269^YYA^it&ptb=56CD13EE-7FC4-4A9F-862D-751C3BEB3ABC&ind=2013111309&n=77fda40d&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - DefaultScope {90FF5F3D-091F-4F8D-9820-F7F02F1CBF6A} URL = http://www.nasza-klasa.pl/szukaj/profile?q={searchTerms}
SearchScopes: HKCU - {274daec0-c4e8-4f30-9e5c-9424990769b9} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^0D^xdm269^YYA^it&ptb=56CD13EE-7FC4-4A9F-862D-751C3BEB3ABC&ind=2013111309&n=77fda40d&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {90FF5F3D-091F-4F8D-9820-F7F02F1CBF6A} URL = http://www.nasza-klasa.pl/szukaj/profile?q={searchTerms}
SearchScopes: HKCU - {9A9A1548-85C3-4FC0-A4B0-05FF52D025FC} URL = http://www.search.ask.com/web?tpid=ORJ-V7C&o=APN11406&pf=V7&p2=%5EBBE%5EOSJ000%5EYY%5EIT&gct=sb&itbv=12.7.0.15&apn_uid=314938E1-56CD-4FFB-A192-39F45DEBB0A4&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5EIT&apn_dbr=ie_8.0.6001.18702&doi=2014-01-04&trgb=IE&q={searchTerms}&psv=
SearchScopes: HKCU - {E4F316CF-5C5C-44DE-A63E-BD418A243EF2} URL = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7ADSA_pl
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.3.126.0\BingExt.dll (Microsoft Corporation.)
BHO: Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll" No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll No File
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -  No File
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll No File
Toolbar: HKLM - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll" No File
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.126.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll No File
Toolbar: HKCU - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll" No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{56BA4713-246A-4EED-8992-BBD7D4571238}: [NameServer]213.158.199.1,213.158.199.5
Tcpip\..\Interfaces\{84B09500-D9E5-40DF-BF31-52AB01F22AD2}: [NameServer]213.158.199.1,213.158.199.5

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ishyzk1h.default
FF Homepage: hxxp://pt.msn.com/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @MarineAquarium3Free_57.com/Plugin - C:\Program Files\MarineAquarium3Free_57\bar\1.bin\NP57Stub.dll (MindSpark)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files\Virtual Earth 3D\ ()
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\FFToolbar.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\queryservice119.xml
FF Extension: Marine Aquarium Lite - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ishyzk1h.default\Extensions\57ffxtbr@MarineAquarium3Free_57.com [2013-11-13]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\ishyzk1h.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009-09-03]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-10-28]
FF Extension: QueryService - C:\Program Files\Mozilla Firefox\extensions\{BDE3E863-8F37-4B4D-BD6B-316EA72E6793} [2009-10-21]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-03-19]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-12-21]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-03-12]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-12-21]

Chrome: 
=======
CHR HomePage: hxxp://www.wp.pl/
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Micha\u0142\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\12.0.742.122\pdf.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Documents and Settings\Micha\u0142\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\12.0.742.122\gears.dll No File
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Micha\u0142\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\12.0.742.122\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Documents and Settings\Micha\u0142\Ustawienia lokalne\Dane aplikacji\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (AT_JamesWhite) - C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2011-02-27]
CHR Extension: (avast! WebRep) - C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2011-07-27]
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-06-22]
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2011-07-03]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-06-19]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 ACS; C:\WINDOWS\system32\acs.exe [467028 2008-01-26] (Atheros)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-30] (AVAST Software)
S3 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-10-08] (Oracle Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Skype C2C Service; C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3048136 2012-06-19] (Skype Technologies S.A.)
R2 Z-SANService; C:\Program Files\NETGEAR\NETGEAR Storage Central Manager Utility\Z-SANService.exe [376891 2007-08-08] (Zetera Corporation)
S2 APNMCP; "C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe" [X]
U4 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]
S2 MapsGalaxy_39Service; C:\PROGRA~1\MAPSGA~2\bar\1.bin\39barsvc.exe [X]

==================== Drivers (Whitelisted) ====================

R1 Aavmker4; C:\WINDOWS\system32\Drivers\Aavmker4.sys [25256 2012-10-30] (AVAST Software)
R3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1326528 2008-09-18] (Atheros Communications, Inc.)
R2 aswFsBlk; C:\WINDOWS\system32\Drivers\aswFsBlk.sys [21256 2012-10-30] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [20624 2012-10-30] (AVAST Software)
R2 aswMon2; C:\WINDOWS\system32\Drivers\aswMon2.sys [97608 2012-10-30] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\Drivers\aswRdr.sys [35928 2012-10-30] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\Drivers\aswSnx.sys [738504 2012-10-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\Drivers\aswSP.sys [361032 2012-10-30] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\Drivers\aswTdi.sys [54232 2012-10-30] (AVAST Software)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2009-08-05] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2009-08-05] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2009-08-05] (HP)
S3 massfilter_lte; C:\WINDOWS\system32\drivers\massfilter_lte.sys [15896 2011-12-14] (HandSet Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 PCAMPR5; C:\WINDOWS\system32\PCAMPR5.SYS [34688 2003-09-23] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCANDIS5; C:\WINDOWS\system32\PCANDIS5.SYS [32128 2006-03-01] (Printing Communications Assoc., Inc. (PCAUSA))
R3 RTHDMIAzAudService; C:\WINDOWS\System32\drivers\RtHDMI.sys [3688640 2009-02-26] (Realtek Semiconductor Corp.)
R2 SFSZ; C:\WINDOWS\system32\drivers\sfsz.sys [345984 2007-08-14] (DataPlow, Incorporated)
S3 UVCFTR; C:\WINDOWS\System32\Drivers\UVCFTR_S.SYS [18432 2007-12-17] (Chicony Electronics Co., Ltd.)
R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [57408 2007-12-13] (Atheros Communications, Inc.)
R3 ZetBus; C:\WINDOWS\System32\DRIVERS\ZetBus.sys [15488 2007-08-08] (Zetera Corporation)
S3 ZetMPD; C:\WINDOWS\System32\DRIVERS\ZetMPD.sys [5120 2007-08-08] (Zetera Corporation)
R0 ZetSFD; C:\WINDOWS\System32\DRIVERS\ZetSFD.sys [12800 2007-08-08] (Zetera Corporation)
S3 zgdcat; C:\WINDOWS\System32\DRIVERS\zgdcat.sys [114456 2011-12-14] (ZTE Incorporated)
S3 zgdcdiag; C:\WINDOWS\System32\DRIVERS\zgdcdiag.sys [114456 2011-12-14] (ZTE Incorporated)
S3 zgdcmdm; C:\WINDOWS\System32\DRIVERS\zgdcmdm.sys [114456 2011-12-14] (ZTE Incorporated)
S3 zgdcnet; C:\WINDOWS\System32\DRIVERS\zgdcnet.sys [144408 2011-12-14] (ZTE Incorporated)
S3 zgdcnmea; C:\WINDOWS\System32\DRIVERS\zgdcnmea.sys [114456 2011-12-14] (ZTE Incorporated)
S3 catchme; \??\C:\DOCUME~1\MICHA~1\USTAWI~1\Temp\catchme.sys [X]
S3 filtertdidriver; system32\drivers\ewfiltertdidriver.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S4 IntelIde; No ImagePath
U3 TlntSvr; 
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-27 23:51 - 2014-03-27 23:51 - 00023694 _____ () C:\Documents and Settings\Michał\Pulpit\FRST.txt
2014-03-27 23:51 - 2014-03-27 23:51 - 00000000 ____D () C:\FRST
2014-03-27 23:50 - 2014-03-27 23:50 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Michał\Pulpit\OTL.com
2014-03-27 23:49 - 2014-03-27 23:49 - 01145856 _____ (Farbar) C:\Documents and Settings\Michał\Pulpit\FRST.exe
2014-03-27 17:00 - 2014-03-27 17:00 - 00850755 _____ () C:\Documents and Settings\Michał\Pulpit\Błąd programu Windows Media Player C00D1197 - Microsoft Windows — Pomoc.mht
2014-03-25 11:04 - 2014-03-26 11:04 - 00000274 _____ () C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
2014-03-25 11:04 - 2014-03-25 11:04 - 00000266 _____ () C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
2014-03-25 11:04 - 2014-03-25 11:04 - 00000000 ____D () C:\Program Files\RegClean Pro
2014-03-25 11:04 - 2014-03-19 12:12 - 00018776 _____ (Systweak Inc., (www.systweak.com)) C:\WINDOWS\system32\roboot.exe
2014-03-25 09:46 - 2014-03-25 09:46 - 00000000 ____D () C:\Program Files\Odkurzacz
2014-03-25 09:46 - 2014-03-25 09:46 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Odkurzacz
2014-03-25 09:43 - 2014-03-25 09:49 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1123561945-1801674531-1004UA.disable
2014-03-25 09:43 - 2014-03-25 09:48 - 00001084 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1123561945-1801674531-1004Core.disable
2014-03-24 02:45 - 2014-03-24 02:45 - 00000000 ____D () C:\Documents and Settings\Michał\Dane aplikacji\toshiba
2014-03-24 01:49 - 2014-03-24 01:49 - 00000026 _____ () C:\WINDOWS\Model.txt
2014-03-24 01:49 - 2014-03-24 01:49 - 00000000 _____ () C:\WINDOWS\Model.log
2014-03-24 00:44 - 2014-03-24 01:03 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-24 00:44 - 2014-03-24 01:02 - 00000784 _____ () C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
2014-03-24 00:44 - 2014-03-24 01:02 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
2014-03-24 00:44 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-24 00:11 - 2014-03-24 03:01 - 00001252 _____ () C:\Documents and Settings\Michał\ZSANCoInstaller.log
2014-03-23 23:53 - 2014-03-23 23:53 - 00000000 ____D () C:\Documents and Settings\Michał\Dane aplikacji\Malwarebytes
2014-03-23 23:52 - 2014-03-23 23:52 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2014-03-23 22:17 - 2014-03-23 22:17 - 00000000 ____D () C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Skype
2014-03-23 22:17 - 2014-03-23 22:17 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Skype
2014-03-10 23:56 - 2014-03-27 23:24 - 00000224 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job
2014-03-10 23:56 - 2014-03-15 00:13 - 00000218 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job
2014-03-06 22:07 - 2014-02-27 00:28 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-03-06 22:07 - 2014-02-27 00:28 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe

==================== One Month Modified Files and Folders =======

2014-03-27 23:51 - 2014-03-27 23:51 - 00023694 _____ () C:\Documents and Settings\Michał\Pulpit\FRST.txt
2014-03-27 23:51 - 2014-03-27 23:51 - 00000000 ____D () C:\FRST
2014-03-27 23:51 - 2013-06-12 19:13 - 01394601 _____ () C:\Documents and Settings\Michał\debug.log
2014-03-27 23:51 - 2012-11-08 19:53 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\RDRM
2014-03-27 23:51 - 2009-02-26 15:47 - 00000000 ____D () C:\Documents and Settings\Michał\Pulpit
2014-03-27 23:50 - 2014-03-27 23:50 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Michał\Pulpit\OTL.com
2014-03-27 23:49 - 2014-03-27 23:49 - 01145856 _____ (Farbar) C:\Documents and Settings\Michał\Pulpit\FRST.exe
2014-03-27 23:26 - 2010-02-05 08:52 - 00000000 ____D () C:\Documents and Settings\Michał\Dane aplikacji\ipla
2014-03-27 23:26 - 2009-02-26 15:35 - 01866112 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-27 23:25 - 2012-07-30 22:56 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-03-27 23:24 - 2014-03-10 23:56 - 00000224 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job
2014-03-27 23:24 - 2009-02-26 16:26 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-27 23:24 - 2009-02-26 16:26 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-03-27 23:24 - 2009-02-26 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-27 18:28 - 2009-06-13 16:47 - 00524288 _____ () C:\WINDOWS\system32\config\ACS.evt
2014-03-27 18:28 - 2009-03-04 15:08 - 00757760 _____ () C:\WINDOWS\system32\Z-SANService.log
2014-03-27 18:28 - 2009-02-26 15:47 - 00000188 ___SH () C:\Documents and Settings\Michał\ntuser.ini
2014-03-27 18:28 - 2009-02-26 15:45 - 00032636 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-27 17:00 - 2014-03-27 17:00 - 00850755 _____ () C:\Documents and Settings\Michał\Pulpit\Błąd programu Windows Media Player C00D1197 - Microsoft Windows — Pomoc.mht
2014-03-27 16:59 - 2009-02-26 15:31 - 00057013 _____ () C:\WINDOWS\wmsetup.log
2014-03-27 16:47 - 2008-04-15 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-27 08:26 - 2009-02-26 19:35 - 00000000 ____D () C:\Documents and Settings\Michał\Dane aplikacji\Skype
2014-03-27 07:47 - 2011-03-25 08:45 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-03-26 11:04 - 2014-03-25 11:04 - 00000274 _____ () C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
2014-03-25 17:58 - 2009-12-25 14:14 - 00000000 ____D () C:\Documents and Settings\Michał\Pulpit\PULPITst
2014-03-25 17:58 - 2009-02-26 16:22 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2014-03-25 17:01 - 2009-02-26 15:47 - 00000000 ____D () C:\Documents and Settings\Michał
2014-03-25 16:56 - 2009-03-16 17:33 - 00083968 _____ () C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-25 16:42 - 2009-02-26 15:47 - 00000000 ___RD () C:\Documents and Settings\Michał\Moje dokumenty\Moja muzyka
2014-03-25 11:43 - 2009-02-26 16:23 - 00131072 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2014-03-25 11:38 - 2013-11-16 11:25 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\RegClean Pro
2014-03-25 11:34 - 2013-08-11 18:52 - 00001316 _____ () C:\Documents and Settings\Michał\Pulpit\Wyczyść rejestr za darmo!.lnk
2014-03-25 11:04 - 2014-03-25 11:04 - 00000266 _____ () C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
2014-03-25 11:04 - 2014-03-25 11:04 - 00000000 ____D () C:\Program Files\RegClean Pro
2014-03-25 11:04 - 2013-11-16 11:25 - 00000725 _____ () C:\Documents and Settings\All Users\Pulpit\RegClean Pro.lnk
2014-03-25 11:04 - 2013-04-06 23:11 - 00000000 ____D () C:\Documents and Settings\Michał\Dane aplikacji\Systweak
2014-03-25 10:50 - 2013-06-06 19:56 - 00000000 ____D () C:\Documents and Settings\Michał\Pulpit\Atina
2014-03-25 10:41 - 2012-07-05 19:54 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\tmp
2014-03-25 10:41 - 2010-08-18 17:32 - 00000000 ____D () C:\Documents and Settings\Michał\Moje dokumenty\zawody Wolta 2010
2014-03-25 10:41 - 2010-01-31 19:33 - 00000000 ____D () C:\Documents and Settings\Michał\Moje dokumenty\PD 31 sty 2010
2014-03-25 10:41 - 2010-01-27 09:39 - 00000000 ____D () C:\Documents and Settings\Michał\Moje dokumenty\KASIA
2014-03-25 10:41 - 2009-09-03 19:15 - 00000000 ____D () C:\Documents and Settings\Michał\DoctorWeb
2014-03-25 10:41 - 2009-08-28 20:00 - 00000000 ____D () C:\Documents and Settings\Michał\Moje dokumenty\biuro
2014-03-25 10:41 - 2009-07-28 11:03 - 00000000 ____D () C:\Documents and Settings\Michał\Moje dokumenty\moje obrazki
2014-03-25 10:41 - 2009-02-26 19:36 - 00000000 ____D () C:\Documents and Settings\Michał\Dane aplikacji\skypePM
2014-03-25 10:41 - 2009-02-26 18:30 - 00000000 __HDC () C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2014-03-25 10:41 - 2009-02-26 16:00 - 00000000 ____D () C:\Intel
2014-03-25 10:41 - 2009-02-26 15:47 - 00000000 ___RD () C:\Documents and Settings\Michał\Moje dokumenty
2014-03-25 10:41 - 2009-02-26 15:47 - 00000000 ___HD () C:\Documents and Settings\Michał\Ustawienia lokalne
2014-03-25 10:29 - 2013-01-19 16:55 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.disable
2014-03-25 10:23 - 2012-11-08 19:56 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack
2014-03-25 10:23 - 2012-11-08 19:56 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\K-Lite Codec Pack
2014-03-25 10:23 - 2009-05-23 10:55 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-03-25 10:23 - 2009-02-26 18:59 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Skype
2014-03-25 10:23 - 2009-02-26 18:30 - 00000000 ____D () C:\WINDOWS\ie7updates
2014-03-25 10:23 - 2009-02-26 16:51 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2014-03-25 10:00 - 2011-05-15 22:14 - 00000464 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{BCDE2DFB-25F8-4BE1-B854-0911DF084F71}.disable
2014-03-25 09:51 - 2010-02-04 10:02 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-25 09:50 - 2014-02-10 19:45 - 00001152 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18UA.disable
2014-03-25 09:50 - 2009-11-04 20:03 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.disable
2014-03-25 09:49 - 2014-03-25 09:43 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1123561945-1801674531-1004UA.disable
2014-03-25 09:49 - 2011-02-27 22:03 - 00000000 ____D () C:\Documents and Settings\Michał\Menu Start\Programy\Google Chrome
2014-03-25 09:48 - 2014-03-25 09:43 - 00001084 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1123561945-1801674531-1004Core.disable
2014-03-25 09:46 - 2014-03-25 09:46 - 00000000 ____D () C:\Program Files\Odkurzacz
2014-03-25 09:46 - 2014-03-25 09:46 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Odkurzacz
2014-03-25 09:46 - 2009-02-26 16:22 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy
2014-03-25 09:33 - 2009-11-04 20:03 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.disable
2014-03-25 09:32 - 2008-04-15 13:00 - 00000621 _____ () C:\WINDOWS\win.ini
2014-03-25 09:32 - 2008-04-15 13:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-03-25 09:26 - 2011-07-28 08:45 - 00000000 ____D () C:\WINDOWS\pss
2014-03-25 09:26 - 2009-02-26 16:22 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
2014-03-25 09:10 - 2013-11-11 21:05 - 00001006 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-448539723-1123561945-1801674531-1004UA.disable
2014-03-24 17:12 - 2012-01-10 23:08 - 00488765 _____ () C:\WINDOWS\setupapi.log
2014-03-24 17:12 - 2009-03-04 15:10 - 00152335 _____ () C:\WINDOWS\system32\ZSANCoInstaller.log
2014-03-24 17:09 - 2009-02-26 15:45 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-03-24 17:09 - 2009-02-26 15:45 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-03-24 17:09 - 2009-02-26 15:32 - 00000000 ____D () C:\WINDOWS\Registration
2014-03-24 17:08 - 2009-02-26 15:33 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-03-24 11:51 - 2009-07-13 18:32 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Google
2014-03-24 11:51 - 2009-03-03 15:51 - 00000000 ____D () C:\Program Files\Google
2014-03-24 11:51 - 2009-03-03 15:51 - 00000000 ____D () C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Google
2014-03-24 11:50 - 2009-02-26 16:22 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji
2014-03-24 11:50 - 2009-02-26 15:47 - 00000000 ___HD () C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji
2014-03-24 11:08 - 2009-09-03 19:57 - 00000000 ____D () C:\Program Files\SnadBoy's Revelation v2
2014-03-24 05:04 - 2009-02-26 15:33 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokumenty\Moje obrazy
2014-03-24 03:01 - 2014-03-24 00:11 - 00001252 _____ () C:\Documents and Settings\Michał\ZSANCoInstaller.log
2014-03-24 02:45 - 2014-03-24 02:45 - 00000000 ____D () C:\Documents and Settings\Michał\Dane aplikacji\toshiba
2014-03-24 02:45 - 2009-02-26 16:48 - 00000000 ____D () C:\Program Files\TOSHIBA
2014-03-24 02:45 - 2009-02-26 16:26 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\TOSHIBA
2014-03-24 02:45 - 2009-02-26 15:57 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-03-24 02:45 - 2009-02-26 15:47 - 00000000 __RHD () C:\Documents and Settings\Michał\Dane aplikacji
2014-03-24 01:49 - 2014-03-24 01:49 - 00000026 _____ () C:\WINDOWS\Model.txt
2014-03-24 01:49 - 2014-03-24 01:49 - 00000000 _____ () C:\WINDOWS\Model.log
2014-03-24 01:40 - 2009-02-26 16:22 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokumenty
2014-03-24 01:03 - 2014-03-24 00:44 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-24 01:02 - 2014-03-24 00:44 - 00000784 _____ () C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
2014-03-24 01:02 - 2014-03-24 00:44 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
2014-03-23 23:53 - 2014-03-23 23:53 - 00000000 ____D () C:\Documents and Settings\Michał\Dane aplikacji\Malwarebytes
2014-03-23 23:52 - 2014-03-23 23:52 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2014-03-23 22:17 - 2014-03-23 22:17 - 00000000 ____D () C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Skype
2014-03-23 22:17 - 2014-03-23 22:17 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Skype
2014-03-23 22:17 - 2013-03-14 13:20 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-23 22:17 - 2009-02-26 19:34 - 00000000 ___RD () C:\Program Files\Skype
2014-03-21 21:10 - 2013-11-11 21:05 - 00000984 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-448539723-1123561945-1801674531-1004Core.disable
2014-03-20 09:15 - 2013-07-15 08:56 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-20 09:12 - 2009-02-26 18:03 - 87350280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-19 19:53 - 2009-06-19 16:47 - 00000187 _____ () C:\WINDOWS\hpbafd.ini
2014-03-19 12:12 - 2014-03-25 11:04 - 00018776 _____ (Systweak Inc., (www.systweak.com)) C:\WINDOWS\system32\roboot.exe
2014-03-15 17:58 - 2009-12-15 21:07 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 17:58 - 2009-02-26 16:21 - 00343424 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-15 17:56 - 2009-02-26 16:23 - 02118507 _____ () C:\WINDOWS\FaxSetup.log
2014-03-15 17:56 - 2009-02-26 16:23 - 00717063 _____ () C:\WINDOWS\comsetup.log
2014-03-15 17:56 - 2009-02-26 16:23 - 00433940 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-15 17:55 - 2010-06-05 07:58 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight
2014-03-15 17:55 - 2009-02-26 16:23 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-15 00:29 - 2013-01-19 16:55 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-15 00:29 - 2011-05-19 20:12 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-15 00:13 - 2014-03-10 23:56 - 00000218 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job
2014-03-11 00:08 - 2013-04-10 22:45 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\ipla
2014-03-02 19:50 - 2014-02-10 19:45 - 00001100 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18Core.disable
2014-03-01 22:05 - 2009-02-26 15:47 - 00000000 ___RD () C:\Documents and Settings\Michał\Ulubione
2014-02-27 00:28 - 2014-03-06 22:07 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-02-27 00:28 - 2014-03-06 22:07 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2008-04-15 13:00] - [2008-04-15 13:00] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a 

C:\WINDOWS\system32\winlogon.exe
[2008-04-15 13:00] - [2008-04-15 13:00] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 

C:\WINDOWS\system32\svchost.exe
[2008-04-15 13:00] - [2008-04-15 13:00] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce 

C:\WINDOWS\system32\services.exe
[2008-04-15 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f 

C:\WINDOWS\system32\User32.dll
[2008-04-15 13:00] - [2008-04-15 13:00] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 

C:\WINDOWS\system32\userinit.exe
[2008-04-15 13:00] - [2008-04-15 13:00] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 

C:\WINDOWS\system32\rpcss.dll
[2008-04-15 13:00] - [2009-02-09 11:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2008-04-15 13:00] - [2008-04-15 13:00] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 


==================== End Of Log ============================