Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:12-06-2014
Ran by Administrator (administrator) on PIS on 12-06-2014 05:38:26
Running from C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie
Platform: Microsoft Windows XP Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
() C:\Program Files\Macrium\Reflect\ReflectService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5075104 2014-02-24] (ESET)
HKU\S-1-5-21-1275210071-651377827-842925246-500\...\MountPoints2: {14c71bf9-1ab0-11e3-8db1-00000021671d} - F:\LaunchU3.exe -a
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\WIDEsystem.lnk

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NAV&pvid=20.4.0.40
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKCU - No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} -  No File
Tcpip\Parameters: [DhcpNameServer] 194.204.152.34 194.204.159.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\6qjs2xp1.default
FF Homepage: https://www.google.pl/?gfe_rd=cr&ei=TsNbU_OsNI2d_wbe2oCADg
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin - C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-06-12]

========================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1343408 2014-02-24] (ESET)
R2 ReflectService; C:\Program Files\Macrium\Reflect\ReflectService.exe [220824 2011-07-01] ()

==================== Drivers (Whitelisted) ====================

R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [4122368 2008-09-24] (Realtek Semiconductor Corp.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [10936 2011-12-26] () [File not signed]
R1 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [184664 2013-09-17] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
S3 ENUM1394; C:\WINDOWS\System32\DRIVERS\enum1394.sys [6400 2001-08-17] (Microsoft Corporation)
R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [118768 2013-09-17] (ESET)
R0 nvatabus; C:\WINDOWS\System32\DRIVERS\nvatabus.sys [88960 2005-01-20] (NVIDIA Corporation)
R3 NVENET; C:\WINDOWS\System32\DRIVERS\NVENET.sys [94276 2004-09-01] (NVIDIA Corporation) [File not signed]
R0 pssnap; C:\WINDOWS\System32\DRIVERS\pssnap.sys [16024 2011-07-01] (Macrium Software)
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-14] (Realtek Semiconductor Corporation)
S3 scsiscan; C:\WINDOWS\System32\DRIVERS\scsiscan.sys [11520 2008-04-14] (Microsoft Corporation)
R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [13120 2013-08-25] ()
S0 cerc6; No ImagePath
S4 IntelIde; No ImagePath
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-12 05:38 - 2014-06-12 05:38 - 00000000 ____D () C:\FRST
2014-06-12 04:47 - 2014-06-12 04:50 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\U3
2014-06-12 04:10 - 2014-06-12 04:12 - 00000188 ___SH () C:\Documents and Settings\dg\ntuser.ini
2014-06-12 04:10 - 2014-06-12 04:12 - 00000000 ___HD () C:\Documents and Settings\dg\Ustawienia lokalne\Dane aplikacji
2014-06-12 04:10 - 2014-06-12 04:10 - 00000000 __SHD () C:\Documents and Settings\dg\IETldCache
2014-06-12 04:10 - 2014-06-12 04:10 - 00000000 __RHD () C:\Documents and Settings\dg\Dane aplikacji
2014-06-12 04:10 - 2014-06-12 04:10 - 00000000 ___RD () C:\Documents and Settings\dg\Ulubione
2014-06-12 04:10 - 2014-06-12 04:10 - 00000000 ___RD () C:\Documents and Settings\dg\Moje dokumenty\Moje obrazy
2014-06-12 04:10 - 2014-06-12 04:10 - 00000000 ___RD () C:\Documents and Settings\dg\Moje dokumenty\Moja muzyka
2014-06-12 04:10 - 2014-06-12 04:10 - 00000000 ___RD () C:\Documents and Settings\dg\Moje dokumenty
2014-06-12 04:10 - 2014-06-12 04:10 - 00000000 ___RD () C:\Documents and Settings\dg\Menu Start\Programy\Akcesoria
2014-06-12 04:10 - 2014-06-12 04:10 - 00000000 ____D () C:\Documents and Settings\dg\Ustawienia lokalne\Temp
2014-06-12 04:10 - 2014-06-12 04:10 - 00000000 ____D () C:\Documents and Settings\dg
2014-06-12 04:10 - 2014-03-04 17:57 - 00000000 ____D () C:\Documents and Settings\dg\Ustawienia lokalne\Dane aplikacji\Microsoft Help
2014-06-12 04:10 - 2013-05-13 11:52 - 00000000 __SHD () C:\Documents and Settings\dg\Ustawienia lokalne\Historia
2014-06-12 04:10 - 2013-05-13 11:52 - 00000000 ___RD () C:\Documents and Settings\dg\Menu Start\Programy\Autostart
2014-06-12 04:10 - 2013-05-13 11:52 - 00000000 ___RD () C:\Documents and Settings\dg\Menu Start
2014-06-12 04:10 - 2013-05-13 11:52 - 00000000 ___HD () C:\Documents and Settings\dg\Ustawienia lokalne
2014-06-12 04:10 - 2013-05-13 11:52 - 00000000 ____D () C:\Documents and Settings\dg\Pulpit
2014-06-12 04:10 - 2013-05-13 09:02 - 00001599 _____ () C:\Documents and Settings\dg\Menu Start\Programy\Pomoc zdalna.lnk
2014-06-12 04:10 - 2013-05-13 09:02 - 00000792 _____ () C:\Documents and Settings\dg\Menu Start\Programy\Windows Media Player.lnk
2014-06-12 04:10 - 2013-05-13 09:02 - 00000000 ___RD () C:\Documents and Settings\dg\Menu Start\Programy
2014-06-12 04:10 - 2013-05-13 08:58 - 00000000 ___HD () C:\Documents and Settings\dg\Szablony
2014-06-12 03:18 - 2014-06-12 03:21 - 00000000 ____D () C:\AdwCleaner
2014-06-12 01:27 - 2014-06-12 01:27 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
2014-06-12 00:48 - 2014-06-12 00:48 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ESET
2014-06-12 00:42 - 2014-06-12 00:42 - 00000000 ____D () C:\Program Files\ESET
2014-06-12 00:42 - 2014-06-12 00:42 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\ESET
2014-06-12 00:42 - 2014-06-12 00:42 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\ESET
2014-06-11 12:06 - 2014-06-11 12:06 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-09 16:58 - 2014-06-09 16:58 - 00006725 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-06-09 16:55 - 2014-06-09 16:55 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

==================== One Month Modified Files and Folders =======

2014-06-12 05:38 - 2014-06-12 05:38 - 00000000 ____D () C:\FRST
2014-06-12 05:38 - 2013-09-03 13:48 - 00000000 ____D () C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie
2014-06-12 05:38 - 2013-06-17 16:19 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp
2014-06-12 05:34 - 2013-06-17 16:20 - 00000000 ___RD () C:\Documents and Settings\Administrator\Moje dokumenty\Moje obrazy
2014-06-12 05:22 - 2013-05-13 19:47 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-06-12 04:50 - 2014-06-12 04:47 - 00000000 ____D () C:\Documents and Settings\Administrator\Dane aplikacji\U3
2014-06-12 04:47 - 2013-06-17 16:19 - 00000000 __RHD () C:\Documents and Settings\Administrator\Dane aplikacji
2014-06-12 04:39 - 2013-05-13 09:00 - 01945766 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-12 04:13 - 2014-03-28 11:44 - 00000216 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job
2014-06-12 04:13 - 2008-04-15 14:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-06-12 04:12 - 2014-06-12 04:10 - 00000188 ___SH () C:\Documents and Settings\dg\ntuser.ini
2014-06-12 04:12 - 2014-06-12 04:10 - 00000000 ___HD () C:\Documents and Settings\dg\Ustawienia lokalne\Dane aplikacji
2014-06-12 04:10 - 2014-06-12 04:10 - 00000000 __SHD () C:\Documents and Settings\dg\IETldCache
2014-06-12 04:10 - 2014-06-12 04:10 - 00000000 __RHD () C:\Documents and Settings\dg\Dane aplikacji
2014-06-12 04:10 - 2014-06-12 04:10 - 00000000 ___RD () C:\Documents and Settings\dg\Ulubione
2014-06-12 04:10 - 2014-06-12 04:10 - 00000000 ___RD () C:\Documents and Settings\dg\Moje dokumenty\Moje obrazy
2014-06-12 04:10 - 2014-06-12 04:10 - 00000000 ___RD () C:\Documents and Settings\dg\Moje dokumenty\Moja muzyka
2014-06-12 04:10 - 2014-06-12 04:10 - 00000000 ___RD () C:\Documents and Settings\dg\Moje dokumenty
2014-06-12 04:10 - 2014-06-12 04:10 - 00000000 ___RD () C:\Documents and Settings\dg\Menu Start\Programy\Akcesoria
2014-06-12 04:10 - 2014-06-12 04:10 - 00000000 ____D () C:\Documents and Settings\dg\Ustawienia lokalne\Temp
2014-06-12 04:10 - 2014-06-12 04:10 - 00000000 ____D () C:\Documents and Settings\dg
2014-06-12 04:10 - 2013-11-06 18:19 - 00619395 _____ () C:\WINDOWS\setupapi.log
2014-06-12 04:10 - 2013-06-17 16:19 - 00000188 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-06-12 04:10 - 2013-05-13 08:58 - 00002779 _____ () C:\WINDOWS\wmsetup.log
2014-06-12 04:06 - 2013-05-13 09:08 - 00000188 ___SH () C:\Documents and Settings\PC\ntuser.ini
2014-06-12 03:22 - 2013-05-13 11:55 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-06-12 03:22 - 2013-05-13 11:55 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-06-12 03:22 - 2013-05-13 09:06 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-12 03:21 - 2014-06-12 03:18 - 00000000 ____D () C:\AdwCleaner
2014-06-12 03:21 - 2013-06-17 16:19 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-06-12 03:21 - 2013-05-13 09:08 - 00000000 __RHD () C:\Documents and Settings\PC\Dane aplikacji
2014-06-12 03:21 - 2013-05-13 09:08 - 00000000 ____D () C:\Documents and Settings\PC
2014-06-12 03:21 - 2013-05-13 09:06 - 00032546 _____ () C:\WINDOWS\SchedLgU.Txt
2014-06-12 03:20 - 2013-06-17 16:19 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji
2014-06-12 03:20 - 2013-05-13 09:08 - 00000000 ___HD () C:\Documents and Settings\PC\Ustawienia lokalne\Dane aplikacji
2014-06-12 02:08 - 2013-06-07 17:25 - 00000000 ____D () C:\WYDRUKI
2014-06-12 02:08 - 2013-05-13 09:08 - 00000000 ____D () C:\Documents and Settings\PC\Ustawienia lokalne\Temp
2014-06-12 01:27 - 2014-06-12 01:27 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
2014-06-12 00:48 - 2014-06-12 00:48 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\ESET
2014-06-12 00:42 - 2014-06-12 00:42 - 00000000 ____D () C:\Program Files\ESET
2014-06-12 00:42 - 2014-06-12 00:42 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\ESET
2014-06-12 00:42 - 2014-06-12 00:42 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\ESET
2014-06-12 00:42 - 2013-05-13 11:52 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy
2014-06-12 00:42 - 2013-05-13 11:50 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji
2014-06-12 00:37 - 2013-05-13 15:51 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Norton
2014-06-12 00:35 - 2013-05-13 11:52 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2014-06-11 17:04 - 2013-09-09 18:19 - 00131072 _____ () C:\WINDOWS\system32\config\OAlerts.evt
2014-06-11 17:04 - 2013-05-13 17:04 - 00000260 _____ () C:\WINDOWS\Tasks\DriverDoc_UPDATES.job
2014-06-11 17:03 - 2013-09-09 17:44 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2014-06-11 17:01 - 2013-09-03 14:05 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-11 16:58 - 2013-05-13 18:57 - 92708840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-11 15:11 - 2013-05-13 09:08 - 00000000 ____D () C:\Documents and Settings\PC\Pulpit
2014-06-11 15:10 - 2013-05-13 15:50 - 00000000 ____D () C:\Documents and Settings\PC\Moje dokumenty\Pobieranie
2014-06-11 12:06 - 2014-06-11 12:06 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-11 10:25 - 2013-10-29 10:26 - 00002499 _____ () C:\Documents and Settings\PC\Pulpit\Microsoft Word 2010.lnk
2014-06-09 16:58 - 2014-06-09 16:58 - 00006725 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-06-09 16:58 - 2013-05-13 18:36 - 00095543 _____ () C:\WINDOWS\updspapi.log
2014-06-09 16:58 - 2013-05-13 11:53 - 01221197 _____ () C:\WINDOWS\iis6.log
2014-06-09 16:58 - 2013-05-13 11:53 - 01094118 _____ () C:\WINDOWS\FaxSetup.log
2014-06-09 16:58 - 2013-05-13 11:53 - 00534932 _____ () C:\WINDOWS\ocgen.log
2014-06-09 16:58 - 2013-05-13 11:53 - 00507660 _____ () C:\WINDOWS\tsoc.log
2014-06-09 16:58 - 2013-05-13 11:53 - 00374578 _____ () C:\WINDOWS\comsetup.log
2014-06-09 16:58 - 2013-05-13 11:53 - 00348602 _____ () C:\WINDOWS\msmqinst.log
2014-06-09 16:58 - 2013-05-13 11:53 - 00225799 _____ () C:\WINDOWS\ntdtcsetup.log
2014-06-09 16:58 - 2013-05-13 11:53 - 00192824 _____ () C:\WINDOWS\netfxocm.log
2014-06-09 16:58 - 2013-05-13 11:53 - 00076167 _____ () C:\WINDOWS\MedCtrOC.log
2014-06-09 16:58 - 2013-05-13 11:53 - 00068518 _____ () C:\WINDOWS\ocmsn.log
2014-06-09 16:58 - 2013-05-13 11:53 - 00057127 _____ () C:\WINDOWS\tabletoc.log
2014-06-09 16:58 - 2013-05-13 11:53 - 00055116 _____ () C:\WINDOWS\msgsocm.log
2014-06-09 16:58 - 2013-05-13 11:53 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-06-09 16:55 - 2014-06-09 16:55 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-09 12:50 - 2013-09-17 11:43 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Office
2014-06-09 10:22 - 2013-05-13 19:47 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-06-09 10:22 - 2013-05-13 19:47 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\InstHelper.exe
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\ose00000.exe
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\Quarantine.exe
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NAV_31233.exe
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\{92622AAD-05E8-4459-B256-765CE1E929FB}_NST_29949.exe
C:\Documents and Settings\PC\Ustawienia lokalne\Temp\AcDeltree.exe
C:\Documents and Settings\PC\Ustawienia lokalne\Temp\bi_cleaner.exe
C:\Documents and Settings\PC\Ustawienia lokalne\Temp\GenericUninstall.exe
C:\Documents and Settings\PC\Ustawienia lokalne\Temp\mgsqlite3.dll
C:\Documents and Settings\PC\Ustawienia lokalne\Temp\oi_{2DA404DE-7FBC-4C2E-9B10-2F9D0AEE4ADC}.exe
C:\Documents and Settings\PC\Ustawienia lokalne\Temp\PIPInstaller_PTV_.exe
C:\Documents and Settings\PC\Ustawienia lokalne\Temp\SetupDWGTrueView2010_32bit.exe
C:\Documents and Settings\PC\Ustawienia lokalne\Temp\UNINSTALL.EXE
C:\Documents and Settings\PC\Ustawienia lokalne\Temp\uninstaller.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================