Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-02-2014 03
Ran by User (administrator) on DOM-63E826E896F on 01-02-2014 22:19:14
Running from C:\Documents and Settings\User\Pulpit
Microsoft Windows XP Home Edition Dodatek Service Pack 2 (X86) OS Language: Polish
Internet Explorer Version 6
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) ===================

(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Compaq) C:\Program Files\Compaq\EAB\eabservr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Google Inc.) C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [eabconfg.cpl] - C:\Program Files\Compaq\EAB\EABSERVR.EXE [229376 2002-11-12] (Compaq)
HKLM\...\Run: [ATIModeChange] - C:\WINDOWS\system32\Ati2mdxx.exe [28672 2002-08-30] (ATI Technologies, Inc.)
HKLM\...\Run: [SynTPLpr] - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [110592 2003-05-22] (Synaptics, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [610304 2003-05-22] (Synaptics, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKU\S-1-5-21-1343024091-507921405-1060284298-1004\...\Run: [Google Update] - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [136176 2012-07-23] (Google Inc.)
HKU\S-1-5-21-1343024091-507921405-1060284298-1004\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1667584 2004-08-03] (Microsoft Corporation)
HKU\S-1-5-21-1343024091-507921405-1060284298-1004\...\Run: [NextLive] - C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\User\Dane aplikacji\newnext.me\nengine.dll",EntryPoint -m l

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1389608322&from=cor&uid=FUJITSUXMHR2030AT_NJ36T291694ST291694SX
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1389608322&from=cor&uid=FUJITSUXMHR2030AT_NJ36T291694ST291694SX&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1389608322&from=cor&uid=FUJITSUXMHR2030AT_NJ36T291694ST291694SX
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1389608322&from=cor&uid=FUJITSUXMHR2030AT_NJ36T291694ST291694SX&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1389608322&from=cor&uid=FUJITSUXMHR2030AT_NJ36T291694ST291694SX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1389608322&from=cor&uid=FUJITSUXMHR2030AT_NJ36T291694ST291694SX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1389608322&from=cor&uid=FUJITSUXMHR2030AT_NJ36T291694ST291694SX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1389608322&from=cor&uid=FUJITSUXMHR2030AT_NJ36T291694ST291694SX
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.sweet-page.com/?type=sc&ts=1389608322&from=cor&uid=FUJITSUXMHR2030AT_NJ36T291694ST291694SX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1389608322&from=cor&uid=FUJITSUXMHR2030AT_NJ36T291694ST291694SX&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1389608322&from=cor&uid=FUJITSUXMHR2030AT_NJ36T291694ST291694SX&q={searchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 82.139.8.40 95.160.170.92 88.156.222.92

Chrome: 
=======
CHR HomePage: hxxp://pl.msn.com/?pc=UP97&ocid=UP97DHP
CHR Extension: (Lightning Newtab) - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2014-01-13]
CHR Extension: (Google Wallet) - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-01-13]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2012-07-23] (Sun Microsystems, Inc.)

==================== Drivers (Whitelisted) ====================

R3 aliadwdm; C:\WINDOWS\System32\drivers\ac97ali.sys [231552 2004-08-03] (Acer Laboratories Inc.)
R3 ALiIRDA; C:\WINDOWS\System32\DRIVERS\alifir.sys [26624 2001-08-17] (Acer Laboratories Inc.)
R3 basic2; C:\WINDOWS\System32\DRIVERS\basic2.sys [84786 2002-04-10] (Conexant Systems)
R0 caboagp; C:\WINDOWS\System32\DRIVERS\atisgkaf.sys [25149 2002-05-04] (ATI Technologies Inc.)
R1 EABFiltr; C:\WINDOWS\system32\drivers\EABFiltr.sys [6928 2002-10-14] (Compaq Computer Corp.)
S3 eabusb; C:\WINDOWS\system32\drivers\eabusb.sys [5168 2002-01-28] (Compaq Computer Corp.)
R2 Fallback; C:\WINDOWS\System32\DRIVERS\fallback.sys [303171 2002-04-10] (Conexant Systems)
R2 Fsks; C:\WINDOWS\System32\DRIVERS\fsksnt.sys [124701 2002-04-10] (Conexant Systems)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2004-08-04] (Microsoft Corporation)
S3 HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [1041536 2004-08-03] (Conexant Systems, Inc.)
R2 K56; C:\WINDOWS\System32\DRIVERS\k56nt.sys [428431 2002-04-10] (Conexant Systems)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R3 Rksample; C:\WINDOWS\System32\DRIVERS\rksample.sys [62422 2002-04-10] (Conexant Systems)
R3 RTL8023; C:\WINDOWS\System32\DRIVERS\Rtlnic51.sys [65280 2003-09-11] (Realtek Semiconductor Corporation                           )
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2004-08-04] ()
R2 SoftFax; C:\WINDOWS\System32\DRIVERS\faxnt.sys [212491 2002-04-10] (Conexant Systems)
R2 Tones; C:\WINDOWS\System32\DRIVERS\tonesnt.sys [59663 2002-04-10] (Conexant Systems)
R2 V124; C:\WINDOWS\System32\DRIVERS\v124nt.sys [542045 2002-04-10] (Conexant Systems)
S3 catchme; \??\C:\DOCUME~1\User\USTAWI~1\Temp\catchme.sys [x]
S4 IntelIde; No ImagePath
U3 TlntSvr; 
U3 uwkorfoc; \??\C:\DOCUME~1\User\USTAWI~1\Temp\uwkorfoc.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-01 22:19 - 2014-02-01 22:19 - 00009697 _____ () C:\Documents and Settings\User\Pulpit\FRST.txt
2014-02-01 22:18 - 2014-02-01 22:19 - 00000000 ____D () C:\FRST
2014-02-01 22:18 - 2014-02-01 22:18 - 01137152 _____ (Farbar) C:\Documents and Settings\User\Pulpit\FRST.exe
2014-02-01 21:55 - 2014-02-01 22:14 - 00000000 ____D () C:\Documents and Settings\User\Pulpit\raporty
2014-02-01 21:12 - 2014-02-01 21:12 - 00380416 _____ () C:\Documents and Settings\User\Pulpit\00we3cn1.exe
2014-02-01 21:11 - 2014-02-01 21:11 - 00987425 _____ () C:\Documents and Settings\User\Pulpit\SecurityCheck.exe
2014-02-01 21:11 - 2014-02-01 21:11 - 00688992 ____R (Swearware) C:\Documents and Settings\User\Pulpit\dds.com
2014-02-01 21:11 - 2014-02-01 21:11 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\User\Pulpit\OTL.exe
2014-02-01 21:11 - 2014-02-01 21:11 - 00259584 _____ (OldTimer Tools) C:\Documents and Settings\User\Pulpit\OTH.exe
2014-02-01 20:47 - 2014-02-01 20:48 - 00000000 ___SD () C:\ComboFix
2014-02-01 20:46 - 2014-02-01 20:46 - 05179159 ____R (Swearware) C:\Documents and Settings\User\Pulpit\ComboFix.exe
2014-02-01 20:26 - 2014-02-01 20:26 - 00002146 _____ () C:\WINDOWS\setupapi.log
2014-02-01 20:26 - 2014-02-01 20:26 - 00000000 ____D () C:\Documents and Settings\User\Dane aplikacji\TuneUp Software
2014-02-01 18:29 - 2014-02-01 18:29 - 00000000 _____ () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\{5E538386-76B9-4CED-8984-7C5FDC875167}
2014-02-01 16:48 - 2012-07-23 11:39 - 00000211 _____ () C:\Boot.bak
2014-02-01 16:47 - 2014-02-01 16:48 - 00000000 _RSHD () C:\cmdcons
2014-02-01 16:47 - 2004-08-03 23:00 - 00262400 __RSH () C:\cmldr
2014-02-01 16:42 - 2011-06-26 07:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-02-01 16:42 - 2010-11-07 18:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-02-01 16:42 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-02-01 16:42 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-02-01 16:42 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-02-01 16:42 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-02-01 16:42 - 2000-08-31 01:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-02-01 16:42 - 2000-08-31 01:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-02-01 16:42 - 2000-08-31 01:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2014-02-01 16:40 - 2014-02-01 16:42 - 00000000 ____D () C:\Qoobox
2014-02-01 16:40 - 2014-02-01 16:40 - 00000000 ___RD () C:\Documents and Settings\User\Menu Start\Programy\Narzędzia administracyjne
2014-02-01 16:40 - 2014-02-01 16:40 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokumenty\Moje wideo
2014-02-01 16:40 - 2014-02-01 16:40 - 00000000 ____D () C:\WINDOWS\erdnt
2014-02-01 16:00 - 2014-02-01 16:00 - 00000682 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
2014-02-01 15:59 - 2014-02-01 16:00 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-13 11:42 - 2014-02-01 18:29 - 00000000 ____D () C:\Program Files\BonanzaDealsLive
2014-01-13 11:42 - 2014-01-13 11:42 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\BonanzaDealsLive
2014-01-13 11:42 - 2014-01-13 11:42 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\BonanzaDealsLive
2014-01-13 11:41 - 2014-02-01 16:30 - 00000000 ____D () C:\Program Files\BonanzaDeals
2014-01-13 11:31 - 2014-01-14 06:49 - 00002267 _____ () C:\Documents and Settings\All Users\Pulpit\Skype.lnk
2014-01-13 11:31 - 2014-01-13 11:31 - 00000000 ___RD () C:\Program Files\Skype
2014-01-13 11:31 - 2014-01-13 11:31 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-01-13 11:31 - 2014-01-13 11:31 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Skype
2014-01-13 11:28 - 2014-01-14 07:01 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Skype
2014-01-13 11:22 - 2014-02-01 22:12 - 00000000 ____D () C:\Documents and Settings\User\Dane aplikacji\newnext.me
2014-01-13 11:22 - 2014-01-30 14:47 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\cache
2014-01-13 11:22 - 2014-01-13 11:23 - 00000000 ____D () C:\Documents and Settings\User\.android
2014-01-13 11:21 - 2014-02-01 16:35 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Mobogenie
2014-01-13 11:21 - 2014-01-14 19:20 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\genienext
2014-01-13 11:21 - 2014-01-13 11:21 - 00000000 _____ () C:\Documents and Settings\User\daemonprocess.txt
2014-01-13 11:20 - 2014-02-01 16:36 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\WPM
2014-01-13 11:20 - 2014-02-01 16:35 - 00000000 ____D () C:\Documents and Settings\User\Menu Start\Programy\Mobogenie
2014-01-13 11:18 - 2014-02-01 16:35 - 00000000 ____D () C:\Program Files\Mobogenie

==================== One Month Modified Files and Folders =======

2014-02-01 22:19 - 2014-02-01 22:19 - 00009697 _____ () C:\Documents and Settings\User\Pulpit\FRST.txt
2014-02-01 22:19 - 2014-02-01 22:18 - 00000000 ____D () C:\FRST
2014-02-01 22:19 - 2012-07-23 12:15 - 00000000 ____D () C:\Documents and Settings\User\Pulpit
2014-02-01 22:18 - 2014-02-01 22:18 - 01137152 _____ (Farbar) C:\Documents and Settings\User\Pulpit\FRST.exe
2014-02-01 22:18 - 2012-07-23 11:53 - 00455569 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-01 22:14 - 2014-02-01 21:55 - 00000000 ____D () C:\Documents and Settings\User\Pulpit\raporty
2014-02-01 22:12 - 2014-01-13 11:22 - 00000000 ____D () C:\Documents and Settings\User\Dane aplikacji\newnext.me
2014-02-01 22:11 - 2012-07-23 12:14 - 00032588 _____ () C:\WINDOWS\SchedLgU.Txt
2014-02-01 22:11 - 2012-07-23 12:14 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-01 22:10 - 2012-07-23 12:15 - 00000188 ___SH () C:\Documents and Settings\User\ntuser.ini
2014-02-01 21:12 - 2014-02-01 21:12 - 00380416 _____ () C:\Documents and Settings\User\Pulpit\00we3cn1.exe
2014-02-01 21:11 - 2014-02-01 21:11 - 00987425 _____ () C:\Documents and Settings\User\Pulpit\SecurityCheck.exe
2014-02-01 21:11 - 2014-02-01 21:11 - 00688992 ____R (Swearware) C:\Documents and Settings\User\Pulpit\dds.com
2014-02-01 21:11 - 2014-02-01 21:11 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\User\Pulpit\OTL.exe
2014-02-01 21:11 - 2014-02-01 21:11 - 00259584 _____ (OldTimer Tools) C:\Documents and Settings\User\Pulpit\OTH.exe
2014-02-01 20:48 - 2014-02-01 20:47 - 00000000 ___SD () C:\ComboFix
2014-02-01 20:46 - 2014-02-01 20:46 - 05179159 ____R (Swearware) C:\Documents and Settings\User\Pulpit\ComboFix.exe
2014-02-01 20:39 - 2012-07-23 13:26 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji
2014-02-01 20:38 - 2012-07-23 12:52 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\MFAData
2014-02-01 20:30 - 2012-07-23 12:15 - 00000000 ___HD () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji
2014-02-01 20:28 - 2012-07-23 12:15 - 00000000 __RHD () C:\Documents and Settings\User\Dane aplikacji
2014-02-01 20:27 - 2012-07-23 13:27 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy
2014-02-01 20:27 - 2012-07-23 13:27 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2014-02-01 20:26 - 2014-02-01 20:26 - 00002146 _____ () C:\WINDOWS\setupapi.log
2014-02-01 20:26 - 2014-02-01 20:26 - 00000000 ____D () C:\Documents and Settings\User\Dane aplikacji\TuneUp Software
2014-02-01 18:29 - 2014-02-01 18:29 - 00000000 _____ () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\{5E538386-76B9-4CED-8984-7C5FDC875167}
2014-02-01 18:29 - 2014-01-13 11:42 - 00000000 ____D () C:\Program Files\BonanzaDealsLive
2014-02-01 16:48 - 2014-02-01 16:47 - 00000000 _RSHD () C:\cmdcons
2014-02-01 16:48 - 2012-07-23 13:24 - 00000327 __RSH () C:\boot.ini
2014-02-01 16:42 - 2014-02-01 16:40 - 00000000 ____D () C:\Qoobox
2014-02-01 16:40 - 2014-02-01 16:40 - 00000000 ___RD () C:\Documents and Settings\User\Menu Start\Programy\Narzędzia administracyjne
2014-02-01 16:40 - 2014-02-01 16:40 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokumenty\Moje wideo
2014-02-01 16:40 - 2014-02-01 16:40 - 00000000 ____D () C:\WINDOWS\erdnt
2014-02-01 16:40 - 2012-07-23 13:27 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokumenty
2014-02-01 16:40 - 2012-07-23 12:15 - 00000000 ___RD () C:\Documents and Settings\User\Menu Start\Programy
2014-02-01 16:38 - 2013-06-08 16:19 - 00000350 _____ () C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2014-02-01 16:38 - 2013-06-04 13:22 - 00000350 _____ () C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-02-01 16:38 - 2012-07-23 14:59 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-507921405-1060284298-1004UA.job
2014-02-01 16:38 - 2012-07-23 14:59 - 00001076 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-507921405-1060284298-1004Core.job
2014-02-01 16:36 - 2014-01-13 11:20 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\WPM
2014-02-01 16:35 - 2014-01-13 11:21 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Mobogenie
2014-02-01 16:35 - 2014-01-13 11:20 - 00000000 ____D () C:\Documents and Settings\User\Menu Start\Programy\Mobogenie
2014-02-01 16:35 - 2014-01-13 11:18 - 00000000 ____D () C:\Program Files\Mobogenie
2014-02-01 16:30 - 2014-01-13 11:41 - 00000000 ____D () C:\Program Files\BonanzaDeals
2014-02-01 16:26 - 2012-07-23 15:12 - 00000000 ____D () C:\Documents and Settings\User\Dane aplikacji\Winamp
2014-02-01 16:25 - 2012-07-26 06:41 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-01 16:00 - 2014-02-01 16:00 - 00000682 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
2014-02-01 16:00 - 2014-02-01 15:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-01 03:50 - 2004-08-04 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-01-30 14:47 - 2014-01-13 11:22 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\cache
2014-01-14 19:20 - 2014-01-13 11:21 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\genienext
2014-01-14 07:01 - 2014-01-13 11:28 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Skype
2014-01-14 06:49 - 2014-01-13 11:31 - 00002267 _____ () C:\Documents and Settings\All Users\Pulpit\Skype.lnk
2014-01-13 11:42 - 2014-01-13 11:42 - 00000000 ____D () C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\BonanzaDealsLive
2014-01-13 11:42 - 2014-01-13 11:42 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\BonanzaDealsLive
2014-01-13 11:31 - 2014-01-13 11:31 - 00000000 ___RD () C:\Program Files\Skype
2014-01-13 11:31 - 2014-01-13 11:31 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-01-13 11:31 - 2014-01-13 11:31 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Skype
2014-01-13 11:23 - 2014-01-13 11:22 - 00000000 ____D () C:\Documents and Settings\User\.android
2014-01-13 11:21 - 2014-01-13 11:21 - 00000000 _____ () C:\Documents and Settings\User\daemonprocess.txt
2014-01-13 11:19 - 2012-07-23 12:15 - 00000971 _____ () C:\Documents and Settings\User\Menu Start\Programy\Internet Explorer.lnk
2014-01-13 11:17 - 2012-07-23 12:15 - 00000000 ___HD () C:\Documents and Settings\User\Ustawienia lokalne
2014-01-09 14:34 - 2012-08-01 11:41 - 00000000 ____D () C:\WINDOWS\system32\cache

Some content of TEMP:
====================
C:\Documents and Settings\User\Ustawienia lokalne\Temp\avguidx.dll
C:\Documents and Settings\User\Ustawienia lokalne\Temp\CommonInstaller.exe
C:\Documents and Settings\User\Ustawienia lokalne\Temp\ICReinstall_firefox.exe
C:\Documents and Settings\User\Ustawienia lokalne\Temp\MachineIdCreator.exe
C:\Documents and Settings\User\Ustawienia lokalne\Temp\ToolbarInstaller.exe
C:\Documents and Settings\User\Ustawienia lokalne\Temp\UNINSTALL.EXE
C:\Documents and Settings\User\Ustawienia lokalne\Temp\{EB13DBAA-3D6B-45FE-A330-2079CD353D97}-27.0.1453.110_chrome_installer.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2004-08-04 13:00] - [2004-08-04 13:00] - 1033728 ____A (Microsoft Corporation) 379098a96e6c165b659de7e4328010ea 

C:\WINDOWS\system32\winlogon.exe
[2004-08-04 13:00] - [2004-08-04 13:00] - 0504832 ____A (Microsoft Corporation) 0344407089b08548d4feba62bb0f32d0 

C:\WINDOWS\system32\svchost.exe
[2004-08-04 13:00] - [2004-08-04 13:00] - 0014336 ____A (Microsoft Corporation) ba98327e90022dbd6ee76490e0622e2e 

C:\WINDOWS\system32\services.exe
[2004-08-04 13:00] - [2004-08-04 13:00] - 0108544 ____A (Microsoft Corporation) 3da8d964d2cc12ef8e8c342471a37917 

C:\WINDOWS\system32\User32.dll
[2004-08-04 13:00] - [2004-08-04 13:00] - 0578560 ____A (Microsoft Corporation) 0c81764f50f32d376e6e4b9e9f4b01a0 

C:\WINDOWS\system32\userinit.exe
[2004-08-04 13:00] - [2004-08-04 13:00] - 0025088 ____A (Microsoft Corporation) bd768099b4c44aa631728cb74eb54396 

C:\WINDOWS\system32\rpcss.dll
[2004-08-04 13:00] - [2004-08-04 13:00] - 0395776 ____A (Microsoft Corporation) 346e5b19fc986fe7185a0c2c43593722 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2004-08-04 13:00] - [2004-08-04 13:00] - 0052864 ____A (Microsoft Corporation) ecd173739b8ec10a814cc18653df5a36 


==================== End Of Log ============================