Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-01-2014 01
Ran by Tomek (administrator) on TOMEK on 26-01-2014 10:05:35
Running from C:\Documents and Settings\Tomek\Pulpit\Naprawa
Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
() C:\Documents and Settings\All Users\Dane aplikacji\BetterSoft\OptimizerPro\OptimizerPro.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SafeNet Inc.) C:\WINDOWS\system32\hasplms.exe
(Sun Microsystems, Inc.) F:\Program Files\Java\bin\jqs.exe
( ) C:\WINDOWS\system32\lxdxcoms.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.OPTIMA\MSSQL\Binn\sqlservr.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe
() C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
(StarWind Software) F:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(AlcorMicro Co., Ltd.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(VIA Technologies, Inc.) C:\Program Files\VIA\VIAudioi\HDADeck\HDECK.EXE
(ASUS) C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
() C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\WINDOWS\AsScrPro.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files\Winamp\winampa.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Browsers Protector\regmon32.exe
() C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
(ASUSTeK) C:\WINDOWS\system32\ACEngSvr.exe
() C:\Program Files\Lexmark 3600-4600 Series\lxdxmsdmon.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Dropbox, Inc.) C:\Documents and Settings\Tomek\Dane aplikacji\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [237568 2009-04-02] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [33599488 2009-03-23] (VIA Technologies, Inc.)
HKLM\...\Run: [MsgTranAgt] - C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe [117304 2008-08-18] (ASUS)
HKLM\...\Run: [HControlUser] - C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2008-08-18] (ASUS)
HKLM\...\Run: [ATKHOTKEY] - C:\Program Files\ASUS\ATK Hotkey\HControl.exe [174648 2009-03-20] (ASUS)
HKLM\...\Run: [ATKMEDIA] - C:\Program Files\ASUS\ATK Media\DMedia.exe [159744 2009-04-07] (ASUS)
HKLM\...\Run: [ATKOSD2] - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [8392704 2009-03-04] (ASUS)
HKLM\...\Run: [ADSMTray] - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [266240 2008-03-31] (ASUSTek Computer Inc.)
HKLM\...\Run: [ASUS Live Update] - C:\Program Files\ASUS\ASUS Live Update\ALU.exe [51768 2007-11-30] ()
HKLM\...\Run: [Net4Switch] - C:\Program Files\ASUS\Net4Switch\Net4Switch.exe [1145400 2007-11-20] (ASUS)
HKLM\...\Run: [Wireless Console 3] - C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [1593344 2009-02-06] ()
HKLM\...\Run: [Power_Gear] - C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [90112 2006-07-26] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUS Screen Saver Protector] - C:\WINDOWS\AsScrPro.exe [3054136 2009-09-06] (ASUS)
HKLM\...\Run: [ASUS Camera ScreenSaver] - C:\WINDOWS\AsScrProlog.exe [47672 2009-09-06] ()
HKLM\...\Run: [ACMON] - C:\Program Files\ASUS\Splendid\ACMON.exe [851968 2008-09-30] (ATK)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [418816 2009-03-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\winampa.exe [35328 2006-10-25] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [HPDJ Taskbar Utility] - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [188416 2002-04-29] (HP)
HKLM\...\Run: [ISUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [69632 2004-04-13] (InstallShield Software Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Browsers Protector] - C:\Program Files\Browsers Protector\regmon32.exe [147784 2012-02-15] ()
HKLM\...\Run: [lxdxmon.exe] - C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe [668328 2008-03-20] ()
HKLM\...\Run: [lxdxamon] - C:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe [16040 2008-03-20] ()
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe [747712 2013-11-22] ()
Winlogon\Notify\Aspwdflt: C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll (ASUSTek Computer Inc.)
HKCU\...\Run: [AlcoholAutomount] - F:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [33120 2009-11-15] (Alcohol Soft Development Team)
HKCU\...\Run: [NextLive] - C:\Documents and Settings\Tomek\Dane aplikacji\newnext.me\nengine.dll [1283584 2013-11-14] (NewNextDotMe)
AppInit_DLLs: c:\docume~1\alluse~1\daneap~1\smartweb\smartweb.dll => C:\Documents and Settings\All Users\Dane aplikacji\SmartWeb\SmartWeb.dll [4238336 2013-12-28] ()
Lsa: [Notification Packages] scecli C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\WINDOWS\Installer\{F9F20920-313D-4D6F-866B-2737B77E1857}\_DC60F4E342E06843E7FCD0.exe ()
Startup: C:\Documents and Settings\Tomek\Menu Start\Programy\Autostart\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Tomek\Dane aplikacji\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Documents and Settings\Tomek\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> F:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchgol.com/?babsrc=HP_ss&mntrId=68E10025D308E3F7&affID=125032&tsp=5029
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=0b00a5b0-c91a-11e1-ad22-0025d308e3f7
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
SearchScopes: HKLM - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://startsear.ch/?aff=1&src=sp&cf=0b00a5b0-c91a-11e1-ad22-0025d308e3f7&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKCU - {E385700D-90D4-47B0-8200-D092D035E9E5} URL = http://www.google.com/search?hl=pl&q={searchTerms}
BHO: Fun2Savee - {9E435106-CC7D-23BB-5880-31DDEF313F1A} - C:\Documents and Settings\All Users\Dane aplikacji\Fun2Savee\umG.dll ()
BHO: SHoppDropp - {F45D0066-911A-ECAE-9417-2DDF69F92D01} - C:\Documents and Settings\All Users\Dane aplikacji\SHoppDropp\9EcyBkRQW.dll ()
Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {37B85A29-692B-4205-9CAD-2626E4993404} -  No File
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Tomek\Dane aplikacji\Mozilla\Firefox\Profiles\2j9azpqu.default-1388742191812
FF Homepage: hxxp://www.interia.pl/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - F:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/JavaPlugin - F:\Program Files\Java\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll (StartSearch )
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF Extension: SoundCloud Downloader - Technowise - C:\Documents and Settings\Tomek\Dane aplikacji\Mozilla\Firefox\Profiles\2j9azpqu.default-1388742191812\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2014-01-12]
FF Extension: QuickStores-Toolbar - C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de [2013-12-11]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-11]
FF Extension: z - C:\Program Files\Mozilla Firefox\extensions\{b8665832-4e96-1eef-77d6-41bba3c0f95a} [2013-12-11]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - F:\Program Files\Java\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - F:\Program Files\Java\lib\deploy\jqs\ff [2011-10-10]

Chrome: 
=======
CHR Extension: (No Name) - C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apbeiaejbifegcmfkflngimmegifddkn [2014-01-23]
CHR Extension: (No Name) - C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jgcofmbflfglmpifpbdeiddehejflpln [2013-03-28]
CHR Extension: (SHoppDropp) - C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ldmnedidpcegnmghkionjphmcahpobpa [2014-01-01]
CHR HKLM\...\Chrome\Extension: [bildoibdboopgomcbiplincneeicgipj] - C:\Program Files\StartSearch plugin\startsplg.crx [2012-01-02]
CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx [2012-01-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 47ead2b2; C:\Documents and Settings\All Users\Dane aplikacji\SmartWeb\SmartWebSvc.dll [175440 2013-12-28] ()
R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-07] ()
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [3750400 2009-12-16] (SafeNet Inc.)
R2 JavaQuickStarterService; F:\Program Files\Java\bin\jqs.exe [153376 2011-10-10] (Sun Microsystems, Inc.)
S2 lxdxCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe [98984 2008-02-28] (Lexmark International, Inc.)
R2 lxdx_device; C:\WINDOWS\system32\lxdxcoms.exe [594600 2008-02-28] ( )
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 MSSQL$OPTIMA; C:\Program Files\Microsoft SQL Server\MSSQL10_50.OPTIMA\MSSQL\Binn\sqlservr.exe [42884448 2010-04-03] (Microsoft Corporation)
R2 Skype C2C Service; C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
S4 SQLAgent$OPTIMA; C:\Program Files\Microsoft SQL Server\MSSQL10_50.OPTIMA\MSSQL\Binn\SQLAGENT.EXE [367456 2010-04-03] (Microsoft Corporation)
R2 SRS_VolSync_Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [70880 2009-04-07] (SRS Labs, Inc.)
R2 StarWindServiceAE; F:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)

==================== Drivers (Whitelisted) ====================

R2 aksfridge; C:\WINDOWS\system32\drivers\aksfridge.sys [356864 2009-08-20] (Aladdin Knowledge Systems Ltd.)
R3 AR5416; C:\Windows\System32\DRIVERS\athw.sys [1503840 2009-02-13] (Atheros Communications, Inc.)
R0 AsDsm; C:\Windows\System32\Drivers\AsDsm.sys [30264 2009-09-06] (ASUSTek Computer Inc)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
S3 ASNDIS5; C:\Program Files\ASUS\ATK Hotkey\ASNDIS5.SYS [16269 2004-05-27] (Printing Communications Assoc., Inc. (PCAUSA))
R2 Aspi32; C:\Windows\System32\drivers\aspi32.sys [16877 2002-07-17] (Adaptec)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 CRFILTER; C:\Windows\System32\DRIVERS\CRFILTER.sys [6656 2008-04-07] (Generic)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [129024 2009-03-30] (ELAN Microelectronic Corp.)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [20936 2007-08-03] ()
S3 GT680xNT; C:\Windows\System32\drivers\gt680x.sys [17376 2003-02-26] (         )
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [588800 2009-12-09] (SafeNet Inc.)
S3 ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys [41656 2007-08-01] (Windows (R) 2000 DDK provider)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2008-11-03] ( )
R3 L1e; C:\Windows\System32\DRIVERS\l1e51x86.sys [38400 2008-12-16] (Atheros Communications, Inc.)
R3 monfilt; C:\Windows\System32\drivers\monfilt.sys [1389056 2008-02-14] (Creative Technology Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-17] (ATK0100)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R1 prodrv06; C:\Windows\System32\drivers\prodrv06.sys [51744 2003-09-06] (Protection Technology)
R0 prohlp02; C:\Windows\System32\drivers\prohlp02.sys [62656 2003-09-06] (Protection Technology)
R0 prosync1; C:\Windows\System32\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology)
S4 RsFx0150; C:\Windows\System32\DRIVERS\RsFx0150.sys [240608 2010-04-03] (Microsoft Corporation)
R0 sfhlp01; C:\Windows\System32\drivers\sfhlp01.sys [4832 2003-09-06] (Protection Technology)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1752704 2008-08-11] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-05-04] ()
R3 SRS_PremiumSound_Service; C:\Windows\System32\drivers\srs_PremiumSound_i386.sys [233128 2009-04-01] ()
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1057280 2009-03-20] (VIA Technologies, Inc.)
U3 aqgivcm4; C:\Windows\System32\Drivers\aqgivcm4.sys [0 ] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Sdbus; C:\Windows\System32\Drivers\Sdbus.sys [79232 2008-04-13] (Microsoft Corporation)
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-26 10:04 - 2014-01-26 10:04 - 00000000 ____D C:\FRST
2014-01-26 09:54 - 2014-01-26 10:05 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Naprawa
2014-01-25 18:52 - 2014-01-25 20:12 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\EAJ EGZ
2014-01-24 19:45 - 2014-01-25 10:35 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\TP EGZ
2014-01-24 19:03 - 2014-01-26 09:29 - 00000000 ____D C:\Program Files\TuneUp Utilities 2013
2014-01-24 19:03 - 2014-01-26 09:24 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt
2014-01-24 19:03 - 2014-01-24 19:06 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software
2014-01-24 19:03 - 2014-01-24 19:03 - 00000000 ____D C:\Documents and Settings\Tomek\Dane aplikacji\TuneUp Software
2014-01-24 19:02 - 2014-01-24 20:11 - 00000000 __SHD C:\Documents and Settings\All Users\Dane aplikacji\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2014-01-23 17:06 - 2014-01-26 09:33 - 00000000 ____D C:\Documents and Settings\Tomek\Dane aplikacji\newnext.me
2014-01-23 17:06 - 2014-01-23 17:06 - 00000000 ____D C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\genienext
2014-01-23 17:06 - 2014-01-23 17:06 - 00000000 ____D C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\cache
2014-01-23 17:06 - 2014-01-23 17:06 - 00000000 ____D C:\Documents and Settings\Tomek\.android
2014-01-23 17:05 - 2014-01-23 17:06 - 00000000 ____D C:\Program Files\Mobogenie
2014-01-23 17:05 - 2014-01-23 17:06 - 00000000 ____D C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\Mobogenie
2014-01-23 17:05 - 2014-01-23 17:05 - 00000000 ____D C:\Program Files\MyPC Backup
2014-01-23 17:05 - 2014-01-23 17:05 - 00000000 ____D C:\Documents and Settings\Tomek\Moje dokumenty\Mobogenie
2014-01-23 17:05 - 2014-01-23 17:05 - 00000000 _____ C:\Documents and Settings\Tomek\daemonprocess.txt
2014-01-22 20:40 - 2014-01-25 16:04 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Jeronimo
2014-01-20 20:34 - 2014-01-20 21:03 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Samsung
2014-01-18 20:39 - 2014-01-20 20:59 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Amica
2014-01-15 19:01 - 2014-01-15 19:01 - 00005296 _____ C:\WINDOWS\KB2914368.log
2014-01-15 19:01 - 2014-01-15 19:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$
2014-01-12 18:49 - 2014-01-19 10:05 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\zapłata
2014-01-09 18:55 - 2014-01-09 19:35 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\kp
2014-01-05 16:11 - 2014-01-20 20:12 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Wieczorek
2014-01-04 23:28 - 2014-01-20 20:39 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Nivea takie tam
2014-01-03 09:47 - 2014-01-03 09:47 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-03 09:46 - 2014-01-03 10:32 - 00000000 ____D C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP
2014-01-03 09:46 - 2014-01-03 09:46 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2014-01-02 17:44 - 2014-01-18 21:10 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Glaxo Logistyka
2014-01-01 12:36 - 2014-01-01 12:36 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\olndoboejijnenklhgdfjlkoonohhngl
2014-01-01 12:36 - 2014-01-01 12:36 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Fun2Savee
2014-01-01 12:35 - 2014-01-01 12:36 - 00000000 ____D C:\Documents and Settings\LocalService\Dane aplikacji\Mozilla
2014-01-01 12:35 - 2014-01-01 12:36 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\dd0bcbaaf174bd54
2014-01-01 12:35 - 2014-01-01 12:35 - 00000000 ___RD C:\Documents and Settings\LocalService\Ulubione
2014-01-01 12:35 - 2014-01-01 12:35 - 00000000 ____D C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Mozilla
2014-01-01 12:35 - 2014-01-01 12:35 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\SHoppDropp
2013-12-28 14:41 - 2014-01-03 21:24 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Jabłka!
2013-12-28 00:27 - 2013-12-28 00:27 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\SmartWeb
2013-12-27 16:04 - 2013-12-27 18:08 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\CYDR!

==================== One Month Modified Files and Folders =======

2014-01-26 10:05 - 2014-01-26 09:54 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Naprawa
2014-01-26 10:04 - 2014-01-26 10:04 - 00000000 ____D C:\FRST
2014-01-26 09:54 - 2009-09-06 13:40 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit
2014-01-26 09:48 - 2009-09-06 13:32 - 01688267 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-26 09:43 - 2013-04-16 19:58 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-26 09:40 - 2013-11-16 16:53 - 00000406 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2014-01-26 09:34 - 2013-12-26 12:28 - 00000000 ____D C:\Documents and Settings\Tomek\Dane aplikacji\Dropbox
2014-01-26 09:33 - 2014-01-23 17:06 - 00000000 ____D C:\Documents and Settings\Tomek\Dane aplikacji\newnext.me
2014-01-26 09:31 - 2009-09-06 15:26 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-26 09:31 - 2009-09-06 15:26 - 00000050 _____ C:\WINDOWS\wiaservc.log
2014-01-26 09:31 - 2004-08-04 11:00 - 00002422 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-26 09:30 - 2013-03-28 21:40 - 00000558 ____H C:\WINDOWS\Tasks\schedule!567381930.job
2014-01-26 09:30 - 2009-09-06 13:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-26 09:29 - 2014-01-24 19:03 - 00000000 ____D C:\Program Files\TuneUp Utilities 2013
2014-01-26 09:29 - 2009-09-09 15:14 - 00000000 ____D C:\Documents and Settings\Tomek\Dane aplikacji\Azureus
2014-01-26 09:29 - 2009-09-06 15:23 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy
2014-01-26 09:29 - 2009-09-06 13:40 - 00000000 __RHD C:\Documents and Settings\Tomek\Dane aplikacji
2014-01-26 09:29 - 2009-09-06 13:39 - 00032572 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-26 09:24 - 2014-01-24 19:03 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt
2014-01-26 09:16 - 2009-09-06 13:40 - 00000000 ____D C:\Documents and Settings\Tomek
2014-01-26 00:09 - 2009-09-06 13:40 - 00000292 ___SH C:\Documents and Settings\Tomek\ntuser.ini
2014-01-25 23:57 - 2009-11-29 12:25 - 00000000 ____D C:\Documents and Settings\Tomek\Dane aplikacji\Skype
2014-01-25 21:02 - 2013-11-13 18:08 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Seminarium
2014-01-25 20:12 - 2014-01-25 18:52 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\EAJ EGZ
2014-01-25 19:27 - 2013-10-13 12:17 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\EM
2014-01-25 19:07 - 2009-10-11 12:04 - 00140800 _____ C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-25 16:04 - 2014-01-22 20:40 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Jeronimo
2014-01-25 10:35 - 2014-01-24 19:45 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\TP EGZ
2014-01-24 20:12 - 2013-05-11 10:34 - 00000000 ____D C:\Documents and Settings\Tomek\Dane aplikacji\Sony
2014-01-24 20:12 - 2011-02-20 20:07 - 00000000 ____D C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\VMware
2014-01-24 20:11 - 2014-01-24 19:02 - 00000000 __SHD C:\Documents and Settings\All Users\Dane aplikacji\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2014-01-24 20:11 - 2011-04-12 15:15 - 00000000 __HDC C:\Documents and Settings\All Users\Dane aplikacji\{45901808-75AB-4B7E-8EB5-AC355CC44F8A}
2014-01-24 20:11 - 2011-04-12 15:12 - 00000000 __HDC C:\Documents and Settings\All Users\Dane aplikacji\{97D82AC0-298E-4DBF-82AB-C6CFD84F758A}
2014-01-24 20:11 - 2009-09-09 14:21 - 00000000 ____D C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\Downloaded Installations
2014-01-24 20:10 - 2011-09-28 20:42 - 00000000 ____D C:\Documents and Settings\Tomek\Menu Start\Programy\FoxTab PDF Creator
2014-01-24 20:10 - 2010-09-25 11:03 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\ABBYY FineReader Tools
2014-01-24 20:10 - 2009-09-09 14:11 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\NAPI-PROJEKT
2014-01-24 20:10 - 2009-09-06 13:40 - 00000000 ___RD C:\Documents and Settings\Tomek\Menu Start
2014-01-24 19:25 - 2009-09-06 15:23 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit
2014-01-24 19:06 - 2014-01-24 19:03 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software
2014-01-24 19:03 - 2014-01-24 19:03 - 00000000 ____D C:\Documents and Settings\Tomek\Dane aplikacji\TuneUp Software
2014-01-24 19:03 - 2009-09-06 15:23 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji
2014-01-24 09:03 - 2013-10-11 12:25 - 00116736 ___SH C:\Documents and Settings\Tomek\Pulpit\Thumbs.db
2014-01-23 19:29 - 2013-12-09 23:36 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Wrigley takie tam
2014-01-23 17:06 - 2014-01-23 17:06 - 00000000 ____D C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\genienext
2014-01-23 17:06 - 2014-01-23 17:06 - 00000000 ____D C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\cache
2014-01-23 17:06 - 2014-01-23 17:06 - 00000000 ____D C:\Documents and Settings\Tomek\.android
2014-01-23 17:06 - 2014-01-23 17:05 - 00000000 ____D C:\Program Files\Mobogenie
2014-01-23 17:06 - 2014-01-23 17:05 - 00000000 ____D C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\Mobogenie
2014-01-23 17:06 - 2009-09-06 13:40 - 00000000 ___RD C:\Documents and Settings\Tomek\Menu Start\Programy
2014-01-23 17:06 - 2009-09-06 13:40 - 00000000 ___HD C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji
2014-01-23 17:05 - 2014-01-23 17:05 - 00000000 ____D C:\Program Files\MyPC Backup
2014-01-23 17:05 - 2014-01-23 17:05 - 00000000 ____D C:\Documents and Settings\Tomek\Moje dokumenty\Mobogenie
2014-01-23 17:05 - 2014-01-23 17:05 - 00000000 _____ C:\Documents and Settings\Tomek\daemonprocess.txt
2014-01-23 17:05 - 2009-09-06 13:40 - 00000000 ___RD C:\Documents and Settings\Tomek\Moje dokumenty
2014-01-23 17:05 - 2009-09-06 13:40 - 00000000 ___RD C:\Documents and Settings\Tomek\Menu Start\Programy\Autostart
2014-01-22 19:44 - 2009-09-06 13:40 - 00000000 ___RD C:\Documents and Settings\Tomek\Moje dokumenty\Moje obrazy
2014-01-21 23:32 - 2013-10-15 19:11 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\ZJ
2014-01-21 00:31 - 2013-12-20 10:41 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Arjo
2014-01-20 21:03 - 2014-01-20 20:34 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Samsung
2014-01-20 20:59 - 2014-01-18 20:39 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Amica
2014-01-20 20:39 - 2014-01-04 23:28 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Nivea takie tam
2014-01-20 20:12 - 2014-01-05 16:11 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Wieczorek
2014-01-20 19:49 - 2013-10-06 09:38 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\TP
2014-01-19 12:55 - 2012-11-03 11:34 - 00000000 ____D C:\Documents and Settings\All Users\Lx_cats
2014-01-19 10:05 - 2014-01-12 18:49 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\zapłata
2014-01-19 08:32 - 2010-06-12 08:27 - 00231584 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-01-18 23:53 - 2011-10-05 19:53 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Office
2014-01-18 23:53 - 2011-09-29 16:51 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2014-01-18 21:12 - 2013-11-24 21:27 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\GLAXO !!!
2014-01-18 21:10 - 2014-01-02 17:44 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Glaxo Logistyka
2014-01-18 20:58 - 2013-12-09 23:01 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Kimbal
2014-01-17 19:26 - 2011-11-22 10:00 - 00546954 _____ C:\WINDOWS\setupapi.log
2014-01-17 07:24 - 2013-04-16 20:02 - 00002347 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk
2014-01-16 23:10 - 2013-12-26 12:29 - 00000000 ____D C:\Documents and Settings\Tomek\Menu Start\Programy\Dropbox
2014-01-16 14:46 - 2013-11-28 10:57 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\NIVEA!
2014-01-15 19:04 - 2013-07-24 16:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-15 19:01 - 2014-01-15 19:01 - 00005296 _____ C:\WINDOWS\KB2914368.log
2014-01-15 19:01 - 2014-01-15 19:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$
2014-01-15 19:01 - 2009-09-09 13:45 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-15 19:01 - 2009-09-06 15:23 - 02311550 _____ C:\WINDOWS\FaxSetup.log
2014-01-15 19:01 - 2009-09-06 15:23 - 01111713 _____ C:\WINDOWS\ocgen.log
2014-01-15 19:01 - 2009-09-06 15:23 - 01061645 _____ C:\WINDOWS\tsoc.log
2014-01-15 19:01 - 2009-09-06 15:23 - 00726948 _____ C:\WINDOWS\msmqinst.log
2014-01-15 19:01 - 2009-09-06 15:23 - 00701261 _____ C:\WINDOWS\comsetup.log
2014-01-15 19:01 - 2009-09-06 15:23 - 00523148 _____ C:\WINDOWS\iis6.log
2014-01-15 19:01 - 2009-09-06 15:23 - 00423140 _____ C:\WINDOWS\ntdtcsetup.log
2014-01-15 19:01 - 2009-09-06 15:23 - 00405340 _____ C:\WINDOWS\netfxocm.log
2014-01-15 19:01 - 2009-09-06 15:23 - 00160796 _____ C:\WINDOWS\MedCtrOC.log
2014-01-15 19:01 - 2009-09-06 15:23 - 00129628 _____ C:\WINDOWS\ocmsn.log
2014-01-15 19:01 - 2009-09-06 15:23 - 00120126 _____ C:\WINDOWS\tabletoc.log
2014-01-15 19:01 - 2009-09-06 15:23 - 00115663 _____ C:\WINDOWS\msgsocm.log
2014-01-15 19:01 - 2009-09-06 15:23 - 00001374 _____ C:\WINDOWS\imsins.log
2014-01-14 23:19 - 2013-10-28 15:24 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2014-01-09 19:35 - 2014-01-09 18:55 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\kp
2014-01-03 21:24 - 2013-12-28 14:41 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Jabłka!
2014-01-03 10:32 - 2014-01-03 09:46 - 00000000 ____D C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP
2014-01-03 09:55 - 2009-09-06 13:40 - 00001599 _____ C:\Documents and Settings\Tomek\Menu Start\Programy\Pomoc zdalna.lnk
2014-01-03 09:53 - 2009-09-06 13:33 - 00001599 _____ C:\Documents and Settings\Default User\Menu Start\Programy\Pomoc zdalna.lnk
2014-01-03 09:53 - 2009-09-06 13:33 - 00001563 _____ C:\Documents and Settings\All Users\Menu Start\Określ dostęp do programów i ich ustawienia domyślne.lnk
2014-01-03 09:53 - 2009-09-06 13:33 - 00001507 _____ C:\Documents and Settings\All Users\Menu Start\Windows Update.lnk
2014-01-03 09:47 - 2014-01-03 09:47 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-03 09:46 - 2014-01-03 09:46 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2014-01-03 09:17 - 2009-09-06 15:23 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
2014-01-03 09:14 - 2013-12-26 12:05 - 00000000 ____D C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\gladinet
2014-01-01 12:43 - 2010-04-10 14:22 - 00000000 ____D C:\Program Files\Vuze
2014-01-01 12:36 - 2014-01-01 12:36 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\olndoboejijnenklhgdfjlkoonohhngl
2014-01-01 12:36 - 2014-01-01 12:36 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Fun2Savee
2014-01-01 12:36 - 2014-01-01 12:35 - 00000000 ____D C:\Documents and Settings\LocalService\Dane aplikacji\Mozilla
2014-01-01 12:36 - 2014-01-01 12:35 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\dd0bcbaaf174bd54
2014-01-01 12:35 - 2014-01-01 12:35 - 00000000 ___RD C:\Documents and Settings\LocalService\Ulubione
2014-01-01 12:35 - 2014-01-01 12:35 - 00000000 ____D C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Mozilla
2014-01-01 12:35 - 2014-01-01 12:35 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\SHoppDropp
2014-01-01 12:35 - 2009-09-06 13:39 - 00000000 __SHD C:\Documents and Settings\LocalService
2014-01-01 12:35 - 2009-09-06 13:39 - 00000000 ___HD C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji
2014-01-01 12:35 - 2009-09-06 13:39 - 00000000 ____D C:\Documents and Settings\LocalService\Dane aplikacji
2013-12-28 00:27 - 2013-12-28 00:27 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\SmartWeb
2013-12-28 00:26 - 2013-03-28 21:39 - 00000000 ____D C:\Program Files\BrowseToSave
2013-12-27 18:08 - 2013-12-27 16:04 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\CYDR!
2013-12-27 18:08 - 2010-10-06 15:46 - 00000000 ____D C:\Documents and Settings\Tomek\Moje dokumenty\Pobieranie

Some content of TEMP:
====================
C:\Documents and Settings\Tomek\Ustawienia lokalne\Temp\BackupSetup.exe
C:\Documents and Settings\Tomek\Ustawienia lokalne\Temp\SoundcloudDLD-PC_136528.en_83.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-04 11:00] - [2008-04-14 18:21] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a 

C:\Windows\System32\winlogon.exe
[2004-08-04 11:00] - [2008-04-14 18:21] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 

C:\Windows\System32\svchost.exe
[2004-08-04 11:00] - [2008-04-14 18:21] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce 

C:\Windows\System32\services.exe
[2004-08-04 11:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f 

C:\Windows\System32\User32.dll
[2004-08-04 11:00] - [2008-04-14 18:20] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 

C:\Windows\System32\userinit.exe
[2004-08-04 11:00] - [2008-04-14 18:21] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 

C:\Windows\System32\rpcss.dll
[2004-08-04 11:00] - [2009-02-09 11:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys
[2004-08-04 11:00] - [2008-04-14 17:01] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 


==================== End Of Log ============================