Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-01-2014
Ran by biernak (administrator) on BIERNAK-PC on 08-01-2014 12:06:08
Running from C:\Users\biernak\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Polish
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ABBYY (BIT Software)) C:\Program Files\ABBYY Screenshot Reader\NetworkLicenseServer.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(ABBYY Software Ltd) C:\Program Files\ABBYY Screenshot Reader\ScreenshotReader.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\daemon.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Opera Software) C:\Program Files\Opera\opera.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4874240 2008-01-14] (Realtek Semiconductor)
HKLM\...\Run: [QlbCtrl] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [202032 2007-12-06] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdSync.exe [215552 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.)
HKLM\...\Run: [ABBYY Screenshot Reader Retail] - C:\Program Files\ABBYY Screenshot Reader\ScreenshotReader.exe [959776 2008-12-09] (ABBYY Software Ltd)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\daemon.exe [486856 2008-02-14] (DT Soft Ltd)
HKCU\...\Run: [ABBYY Screenshot Reader Retail] - C:\Program Files\ABBYY Screenshot Reader\ScreenshotReader.exe [959776 2008-12-09] (ABBYY Software Ltd)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [125952 2008-01-18] (Microsoft Corporation)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [202240 2008-01-18] (Microsoft Corporation)
MountPoints2: {641d3965-6f05-11e2-b3e3-001e685292f5} - I:\AutoRun.exe
MountPoints2: {641d3974-6f05-11e2-b3e3-001e101f2c0e} - I:\AutoRun.exe
MountPoints2: {641d3982-6f05-11e2-b3e3-001e101f4e71} - I:\AutoRun.exe
MountPoints2: {b4f3a443-d4a8-11df-8c0d-001e685292f5} - H:\Viewer.exe /dicomdir:dicomdir
MountPoints2: {db767f8d-71c8-11e0-a9bb-001e685292f5} - I:\iStudio.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-10] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-10] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - &Tłumaczenie - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll (Techland)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 217.172.224.160 89.231.1.206 0.0.0.0

========================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.ScreenshotReader.9.0; C:\Program Files\ABBYY Screenshot Reader\NetworkLicenseServer.exe [759072 2008-10-27] (ABBYY (BIT Software))
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
S3 Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [110592 2012-01-22] (Hewlett-Packard Development Company, L.P.)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [264704 2010-11-16] ()
S3 Multimedia mobilNET. RunOuc; C:\Program Files\Multimedia mobilNET\UpdateDog\ouc.exe [218624 2013-02-04] ()
S2 UTSCSI; C:\Windows\system32\UTSCSI.EXE [0 2011-11-08] ()

==================== Drivers (Whitelisted) ====================

R3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [716272 2010-10-10] ()
U3 awrbxw1u; C:\Windows\System32\Drivers\awrbxw1u.sys [0 ] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-08 12:06 - 2014-01-08 12:06 - 00006612 _____ C:\Users\biernak\Desktop\FRST.txt
2014-01-08 12:05 - 2014-01-08 12:05 - 01064805 _____ (Farbar) C:\Users\biernak\Desktop\FRST.exe
2014-01-07 23:13 - 2014-01-07 23:13 - 00000000 ____D C:\Users\biernak\Desktop\Nowy folder
2014-01-07 21:16 - 2014-01-07 23:07 - 00448512 _____ (OldTimer Tools) C:\Users\biernak\Desktop\TFC.exe
2014-01-07 21:10 - 2014-01-07 21:14 - 00000000 ____D C:\AdwCleaner
2014-01-07 21:04 - 2014-01-07 21:04 - 00000000 ____D C:\Users\biernak\AppData\Roaming\newnext.me
2014-01-06 21:05 - 2014-01-07 21:05 - 00000000 ____D C:\FRST
2014-01-06 19:51 - 2014-01-06 19:51 - 00000000 ____D C:\ProgramData\InstallMate
2013-12-30 21:18 - 2013-12-30 21:18 - 00000000 ___RD C:\Users\biernak\Documents\Notes
2013-12-30 20:51 - 2014-01-03 10:45 - 00000005 _____ C:\Users\biernak\AppData\Roaming\WBPU-Q5-TTL.DAT
2013-12-26 11:15 - 2013-12-26 11:15 - 00066741 _____ C:\Users\biernak\Downloads\WirelessKeyView 1.60.zip

==================== One Month Modified Files and Folders =======

2014-01-08 12:06 - 2014-01-08 12:06 - 00006612 _____ C:\Users\biernak\Desktop\FRST.txt
2014-01-08 12:05 - 2014-01-08 12:05 - 01064805 _____ (Farbar) C:\Users\biernak\Desktop\FRST.exe
2014-01-08 11:51 - 2012-06-07 08:52 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-08 11:19 - 2013-08-20 13:14 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665887270-207447827-1018669082-1000UA.job
2014-01-08 11:02 - 2006-11-02 13:47 - 00003664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-08 11:02 - 2006-11-02 13:47 - 00003664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-08 09:05 - 2006-11-02 13:52 - 01537421 _____ C:\Windows\WindowsUpdate.log
2014-01-08 09:02 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-07 23:28 - 2006-11-02 14:01 - 00032562 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-07 23:13 - 2014-01-07 23:13 - 00000000 ____D C:\Users\biernak\Desktop\Nowy folder
2014-01-07 23:07 - 2014-01-07 21:16 - 00448512 _____ (OldTimer Tools) C:\Users\biernak\Desktop\TFC.exe
2014-01-07 21:14 - 2014-01-07 21:10 - 00000000 ____D C:\AdwCleaner
2014-01-07 21:12 - 2011-04-17 06:42 - 00000720 _____ C:\Users\Public\Desktop\Opera.lnk
2014-01-07 21:05 - 2014-01-06 21:05 - 00000000 ____D C:\FRST
2014-01-07 21:05 - 2010-10-12 14:48 - 00201398 _____ C:\Windows\PFRO.log
2014-01-07 21:04 - 2014-01-07 21:04 - 00000000 ____D C:\Users\biernak\AppData\Roaming\newnext.me
2014-01-07 20:52 - 2010-10-10 20:33 - 00000000 ____D C:\Users\biernak
2014-01-07 14:31 - 2013-08-20 13:14 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2665887270-207447827-1018669082-1000Core.job
2014-01-07 01:45 - 2013-07-29 09:45 - 00000128 _____ C:\Users\biernak\AppData\Roaming\WB.CFG
2014-01-07 01:45 - 2013-06-17 09:45 - 00000005 _____ C:\Users\biernak\AppData\Roaming\WBPU-TTL.DAT
2014-01-06 19:51 - 2014-01-06 19:51 - 00000000 ____D C:\ProgramData\InstallMate
2014-01-04 14:03 - 2006-12-05 06:22 - 00726512 _____ C:\Windows\system32\perfh015.dat
2014-01-04 14:03 - 2006-12-05 06:22 - 00157616 _____ C:\Windows\system32\perfc015.dat
2014-01-04 14:03 - 2006-11-02 11:33 - 01649728 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-03 10:45 - 2013-12-30 20:51 - 00000005 _____ C:\Users\biernak\AppData\Roaming\WBPU-Q5-TTL.DAT
2014-01-02 21:55 - 2013-09-01 10:32 - 00000000 ____D C:\Users\biernak\Desktop\1
2014-01-02 21:06 - 2012-03-15 18:51 - 00000000 ____D C:\Purmo 4
2014-01-02 20:33 - 2006-11-02 11:23 - 00000179 _____ C:\Windows\win.ini
2014-01-01 20:59 - 2011-11-08 16:53 - 00000000 ____D C:\Users\biernak\AppData\Roaming\Skype
2013-12-30 21:18 - 2013-12-30 21:18 - 00000000 ___RD C:\Users\biernak\Documents\Notes
2013-12-26 21:10 - 2010-10-10 20:50 - 00214016 _____ C:\Users\biernak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-26 11:15 - 2013-12-26 11:15 - 00066741 _____ C:\Users\biernak\Downloads\WirelessKeyView 1.60.zip
2013-12-22 21:29 - 2012-10-04 21:10 - 00000000 ____D C:\Users\biernak\AppData\Roaming\BitComet
2013-12-11 09:52 - 2012-06-07 08:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 09:52 - 2012-06-07 08:52 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-08 09:09

==================== End Of Log ============================