Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-02-2014 02
Ran by dd (administrator) on DOM on 10-02-2014 12:19:15
Running from C:\Documents and Settings\dd\Pulpit
Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\ACPI\AsEPCMon.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\ACPI\AsTray.exe
() C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [17881088 2009-04-27] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1512744 2009-04-09] (Synaptics Incorporated)
HKLM\...\Run: [SynAsusAcpi] - C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [79144 2009-04-09] (Synaptics Incorporated)
HKLM\...\Run: [AsusACPIServer] - C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [630784 2009-04-16] (ASUSTeK Computer Inc.)
HKLM\...\Run: [AsusEPCMonitor] - C:\Program Files\EeePC\ACPI\AsEPCMon.exe [98304 2009-03-13] (ASUSTeK Computer Inc.)
HKLM\...\Run: [AsusTray] - C:\Program Files\EeePC\ACPI\AsTray.exe [118784 2009-04-16] (ASUSTeK Computer Inc.)
HKLM\...\Run: [LiveUpdate] - C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [712704 2009-06-25] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKU\S-1-5-21-1731788579-3815785595-3320977666-1006\...\MountPoints2: {18895559-79d3-11e2-b981-0025d3c5f549} - E:\AutoRun.exe
HKU\S-1-5-21-1731788579-3815785595-3320977666-1006\...\MountPoints2: {fa6c8a33-79c7-11e2-b980-0025d3c5f549} - E:\AutoRun.exe
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ SuperHybridEngine.lnk
ShortcutTarget:  SuperHybridEngine.lnk -> C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\dd\Dane aplikacji\Mozilla\Firefox\Profiles\fgu04sm8.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\dd\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn\
FF Extension: Norton Toolbar - C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn\ []
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFF
FF Extension: Norton Vulnerability Protection - C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFF [2013-12-01]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-12-18]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-12-18]

Chrome: 
=======
CHR Extension: (Dysk Google) - C:\Documents and Settings\dd\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-12]
CHR Extension: (Norton Identity Protection) - C:\Documents and Settings\dd\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-06-30]
CHR Extension: (Google Wallet) - C:\Documents and Settings\dd\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-01]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx [2013-06-30]

========================== Services (Whitelisted) =================

S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1045328 2014-01-10] (Flexera Software, Inc.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182184 2013-06-29] (Oracle Corporation)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
R3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1528928 2009-03-13] (Atheros Communications, Inc.)
R3 AsusACPI; C:\WINDOWS\System32\DRIVERS\ASUSACPI.sys [10752 2008-04-08] (ASUSTeK Computer Inc.)
R1 BHDrvx86; C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20131114.001\BHDrvx86.sys [1096280 2013-11-02] (Symantec Corporation)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 ccSet_NIS; C:\WINDOWS\system32\drivers\NIS\1404000.028\ccSetx86.sys [134744 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-12-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-12-23] (Symantec Corporation)
R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [55152 2009-02-06] (Microsoft Corporation)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-10-29] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-10-29] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-10-29] (HP)
R3 IDSxpx86; C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20131224.001\IDSxpx86.sys [382608 2013-12-13] (Symantec Corporation)
R3 L1c; C:\WINDOWS\System32\DRIVERS\l1c51x86.sys [38912 2009-03-02] (Atheros Communications, Inc.)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
S3 NAVENG; C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20131224.025\NAVENG.SYS [93272 2013-12-23] (Symantec Corporation)
S3 NAVEX15; C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20131224.025\NAVEX15.SYS [1612376 2013-12-23] (Symantec Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R1 oreans32; C:\WINDOWS\system32\drivers\oreans32.sys [33824 2013-12-22] ()
R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1759616 2009-03-13] ()
S3 SRTSP; C:\WINDOWS\System32\Drivers\NIS\1404000.028\SRTSP.SYS [603224 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NIS\1404000.028\SRTSPX.SYS [32344 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\WINDOWS\System32\drivers\NIS\1404000.028\SYMDS.SYS [367704 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\WINDOWS\System32\drivers\NIS\1404000.028\SYMEFA.SYS [934488 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142496 2013-06-30] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NIS\1404000.028\Ironx86.SYS [175264 2013-03-05] (Symantec Corporation)
R1 SYMTDI; C:\WINDOWS\System32\Drivers\NIS\1404000.028\SYMTDI.SYS [396760 2013-04-25] (Symantec Corporation)
S3 uvclf; C:\WINDOWS\System32\DRIVERS\uvclf.sys [39040 2008-11-19] (GenesysLogic Technologies, Inc.)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [235392 2010-12-24] (Huawei Technologies Co., Ltd.)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [102784 2010-07-27] (Huawei Technologies Co., Ltd.)
S4 IntelIde; No ImagePath
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-10 12:19 - 2014-02-10 12:19 - 00014969 _____ () C:\Documents and Settings\dd\Pulpit\FRST.txt
2014-02-10 12:18 - 2014-02-10 12:18 - 00002575 _____ () C:\Documents and Settings\dd\Pulpit\AdwCleaner[S0].txt
2014-02-10 12:09 - 2014-02-10 12:14 - 00000000 ____D () C:\AdwCleaner
2014-02-10 11:56 - 2014-02-10 11:56 - 00000000 _____ () C:\Documents and Settings\dd\Pulpit\Nowy Dokument tekstowy.txt
2014-02-09 20:17 - 2014-02-09 20:17 - 00094208 _____ () C:\WINDOWS\Minidump\Mini020914-01.dmp
2014-02-09 19:56 - 2014-02-10 12:19 - 00000000 ____D () C:\FRST
2014-02-08 23:31 - 2014-02-09 20:23 - 01138688 _____ (Farbar) C:\Documents and Settings\dd\Pulpit\FRST.exe
2014-02-07 19:07 - 2014-02-07 19:07 - 00000682 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
2014-02-07 19:07 - 2014-02-07 19:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-07 19:07 - 2014-02-07 19:07 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
2014-02-03 14:42 - 2014-02-03 14:43 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-01-28 20:01 - 2014-01-28 20:01 - 00000000 ____D () C:\Documents and Settings\dd\Ustawienia lokalne\Dane aplikacji\IsolatedStorage
2014-01-28 17:40 - 2014-02-03 14:45 - 00182582 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1731788579-3815785595-3320977666-1006-0.dat
2014-01-28 17:11 - 2014-02-03 14:45 - 00182582 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
2014-01-28 14:40 - 2014-02-01 17:08 - 00000000 ____D () C:\Documents and Settings\dd\Ustawienia lokalne\Dane aplikacji\Adobe
2014-01-28 14:40 - 2014-01-29 21:15 - 00000000 ____D () C:\Documents and Settings\dd\Dane aplikacji\Adobe
2014-01-28 14:40 - 2014-01-28 14:40 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2014-01-28 14:36 - 2014-01-28 14:36 - 00000000 ____D () C:\Documents and Settings\dd\Ustawienia lokalne\Dane aplikacji\TechSmith
2014-01-28 14:34 - 2014-01-28 14:34 - 00000000 ____D () C:\Documents and Settings\dd\Dane aplikacji\TechSmith
2014-01-28 14:33 - 2014-02-03 14:42 - 00000000 ____D () C:\Documents and Settings\dd\Moje dokumenty\Camtasia Studio
2014-01-27 23:24 - 2014-01-27 23:24 - 00000893 _____ () C:\Documents and Settings\All Users\Pulpit\Camtasia Studio 8.lnk
2014-01-27 23:24 - 2014-01-27 23:24 - 00000000 ____D () C:\Program Files\QuickTime
2014-01-27 23:24 - 2014-01-27 23:24 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\TechSmith
2014-01-27 23:24 - 2014-01-27 23:24 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\regid.1995-08.com.techsmith
2014-01-27 23:23 - 2014-01-27 23:23 - 00000000 ____D () C:\Program Files\Common Files\TechSmith Shared
2014-01-27 23:22 - 2014-01-27 23:22 - 00000000 ____D () C:\Program Files\TechSmith
2014-01-27 23:22 - 2014-01-27 23:22 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\TechSmith
2014-01-27 23:06 - 2014-01-27 23:06 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-01-27 22:27 - 2014-01-27 22:28 - 00000000 ____D () C:\Documents and Settings\dd\Dane aplikacji\Media Player Classic
2014-01-25 21:36 - 2014-01-27 22:07 - 00000000 ____D () C:\Program Files\NapiProjekt
2014-01-25 21:36 - 2014-01-25 21:38 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\ALLPlayer
2014-01-23 18:10 - 2014-01-23 18:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-01-12 15:12 - 2014-01-12 15:12 - 65208320 _____ () C:\Documents and Settings\All Users\Dane aplikacji\Tibia_spr.bak
2014-01-12 15:03 - 2014-01-12 15:03 - 01250154 _____ () C:\Documents and Settings\All Users\Dane aplikacji\Tibia_dat.bak
2014-01-12 15:03 - 2014-01-12 15:03 - 00000000 ____D () C:\Documents and Settings\dd\Dane aplikacji\Tibia

==================== One Month Modified Files and Folders =======

2014-02-10 12:19 - 2014-02-10 12:19 - 00014969 _____ () C:\Documents and Settings\dd\Pulpit\FRST.txt
2014-02-10 12:19 - 2014-02-09 19:56 - 00000000 ____D () C:\FRST
2014-02-10 12:19 - 2012-12-30 19:38 - 00000000 ____D () C:\Documents and Settings\dd\Pulpit
2014-02-10 12:18 - 2014-02-10 12:18 - 00002575 _____ () C:\Documents and Settings\dd\Pulpit\AdwCleaner[S0].txt
2014-02-10 12:17 - 2009-09-03 12:38 - 01309594 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-10 12:16 - 2013-02-18 14:08 - 00001024 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-10 12:16 - 2009-09-03 14:36 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-02-10 12:16 - 2009-09-03 14:35 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-02-10 12:16 - 2009-09-03 12:42 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-10 12:15 - 2012-12-30 19:38 - 00000188 ___SH () C:\Documents and Settings\dd\ntuser.ini
2014-02-10 12:15 - 2009-09-03 12:42 - 00032416 _____ () C:\WINDOWS\SchedLgU.Txt
2014-02-10 12:14 - 2014-02-10 12:09 - 00000000 ____D () C:\AdwCleaner
2014-02-10 12:14 - 2013-03-05 13:10 - 00000730 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk
2014-02-10 12:14 - 2013-03-05 13:10 - 00000724 _____ () C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
2014-02-10 12:14 - 2013-02-18 14:09 - 00000923 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
2014-02-10 12:14 - 2013-02-18 14:09 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome
2014-02-10 12:14 - 2012-12-30 19:38 - 00000739 _____ () C:\Documents and Settings\dd\Menu Start\Programy\Internet Explorer.lnk
2014-02-10 12:14 - 2012-12-30 19:38 - 00000000 ___RD () C:\Documents and Settings\dd\Menu Start\Programy
2014-02-10 12:14 - 2012-12-30 19:38 - 00000000 ___HD () C:\Documents and Settings\dd\Ustawienia lokalne\Dane aplikacji
2014-02-10 12:14 - 2009-09-03 14:33 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy
2014-02-10 12:14 - 2009-09-03 14:33 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2014-02-10 12:01 - 2012-12-30 19:38 - 00000000 __RHD () C:\Documents and Settings\dd\Dane aplikacji
2014-02-10 12:01 - 2012-12-30 19:38 - 00000000 ___RD () C:\Documents and Settings\dd\Menu Start\Programy\Autostart
2014-02-10 11:58 - 2012-12-30 19:38 - 00000000 ____D () C:\Documents and Settings\dd
2014-02-10 11:56 - 2014-02-10 11:56 - 00000000 _____ () C:\Documents and Settings\dd\Pulpit\Nowy Dokument tekstowy.txt
2014-02-10 04:28 - 2013-02-18 14:08 - 00001028 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-09 20:23 - 2014-02-08 23:31 - 01138688 _____ (Farbar) C:\Documents and Settings\dd\Pulpit\FRST.exe
2014-02-09 20:17 - 2014-02-09 20:17 - 00094208 _____ () C:\WINDOWS\Minidump\Mini020914-01.dmp
2014-02-09 13:26 - 2013-04-15 14:04 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-07 19:10 - 2013-04-04 15:22 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-07 19:07 - 2014-02-07 19:07 - 00000682 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
2014-02-07 19:07 - 2014-02-07 19:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-07 19:07 - 2014-02-07 19:07 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
2014-02-06 12:47 - 2009-09-03 14:27 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-02-04 23:59 - 2013-12-13 20:10 - 00000000 ____D () C:\Documents and Settings\dd\Moje dokumenty\Gameforge Live
2014-02-03 14:45 - 2014-01-28 17:40 - 00182582 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1731788579-3815785595-3320977666-1006-0.dat
2014-02-03 14:45 - 2014-01-28 17:11 - 00182582 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
2014-02-03 14:43 - 2014-02-03 14:42 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-02-03 14:42 - 2014-01-28 14:33 - 00000000 ____D () C:\Documents and Settings\dd\Moje dokumenty\Camtasia Studio
2014-02-02 22:15 - 2009-09-03 14:33 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji
2014-02-02 22:14 - 2009-09-03 14:03 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-02 11:49 - 2009-09-03 13:46 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-02-01 22:11 - 2009-09-03 14:34 - 01283978 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-01 22:11 - 2009-09-03 14:27 - 00566694 _____ () C:\WINDOWS\system32\perfh015.dat
2014-02-01 22:11 - 2009-09-03 14:27 - 00110986 _____ () C:\WINDOWS\system32\perfc015.dat
2014-02-01 17:48 - 2014-01-07 10:38 - 00000191 ____H () C:\Documents and Settings\dd\Moje dokumenty\Opcje.ini
2014-02-01 17:46 - 2012-12-30 19:38 - 00000000 ___RD () C:\Documents and Settings\dd\Moje dokumenty
2014-02-01 17:08 - 2014-01-28 14:40 - 00000000 ____D () C:\Documents and Settings\dd\Ustawienia lokalne\Dane aplikacji\Adobe
2014-02-01 17:07 - 2013-02-18 13:59 - 00692616 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-01 17:07 - 2013-02-18 13:59 - 00071048 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-01-29 21:15 - 2014-01-28 14:40 - 00000000 ____D () C:\Documents and Settings\dd\Dane aplikacji\Adobe
2014-01-29 14:43 - 2013-12-13 20:08 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Gameforge Live
2014-01-28 20:01 - 2014-01-28 20:01 - 00000000 ____D () C:\Documents and Settings\dd\Ustawienia lokalne\Dane aplikacji\IsolatedStorage
2014-01-28 17:12 - 2013-12-01 12:27 - 00000000 ____D () C:\Documents and Settings\dd\Pulpit\Photoshop CS4
2014-01-28 14:40 - 2014-01-28 14:40 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2014-01-28 14:36 - 2014-01-28 14:36 - 00000000 ____D () C:\Documents and Settings\dd\Ustawienia lokalne\Dane aplikacji\TechSmith
2014-01-28 14:34 - 2014-01-28 14:34 - 00000000 ____D () C:\Documents and Settings\dd\Dane aplikacji\TechSmith
2014-01-27 23:24 - 2014-01-27 23:24 - 00000893 _____ () C:\Documents and Settings\All Users\Pulpit\Camtasia Studio 8.lnk
2014-01-27 23:24 - 2014-01-27 23:24 - 00000000 ____D () C:\Program Files\QuickTime
2014-01-27 23:24 - 2014-01-27 23:24 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\TechSmith
2014-01-27 23:24 - 2014-01-27 23:24 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\regid.1995-08.com.techsmith
2014-01-27 23:23 - 2014-01-27 23:23 - 00000000 ____D () C:\Program Files\Common Files\TechSmith Shared
2014-01-27 23:22 - 2014-01-27 23:22 - 00000000 ____D () C:\Program Files\TechSmith
2014-01-27 23:22 - 2014-01-27 23:22 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\TechSmith
2014-01-27 23:16 - 2009-09-03 14:28 - 00000000 ____D () C:\WINDOWS\system32\pl-pl
2014-01-27 23:06 - 2014-01-27 23:06 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-01-27 22:34 - 2013-07-07 18:34 - 00004608 ____C () C:\Documents and Settings\dd\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-27 22:28 - 2014-01-27 22:27 - 00000000 ____D () C:\Documents and Settings\dd\Dane aplikacji\Media Player Classic
2014-01-27 22:07 - 2014-01-25 21:36 - 00000000 ____D () C:\Program Files\NapiProjekt
2014-01-27 22:07 - 2009-09-03 14:33 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
2014-01-25 21:38 - 2014-01-25 21:36 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\ALLPlayer
2014-01-23 18:10 - 2014-01-23 18:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-01-23 18:10 - 2012-12-30 20:48 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-12 16:56 - 2009-09-03 14:27 - 00000563 _____ () C:\WINDOWS\win.ini
2014-01-12 15:12 - 2014-01-12 15:12 - 65208320 _____ () C:\Documents and Settings\All Users\Dane aplikacji\Tibia_spr.bak
2014-01-12 15:03 - 2014-01-12 15:03 - 01250154 _____ () C:\Documents and Settings\All Users\Dane aplikacji\Tibia_dat.bak
2014-01-12 15:03 - 2014-01-12 15:03 - 00000000 ____D () C:\Documents and Settings\dd\Dane aplikacji\Tibia

Some content of TEMP:
====================
C:\Documents and Settings\dd\Ustawienia lokalne\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2009-09-03 14:26] - [2008-04-15 13:00] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a 

C:\WINDOWS\system32\winlogon.exe
[2009-09-03 14:27] - [2008-04-15 13:00] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 

C:\WINDOWS\system32\svchost.exe
[2009-09-03 14:27] - [2008-04-15 13:00] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce 

C:\WINDOWS\system32\services.exe
[2009-09-03 14:27] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f 

C:\WINDOWS\system32\User32.dll
[2009-09-03 14:27] - [2008-04-15 13:00] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 

C:\WINDOWS\system32\userinit.exe
[2009-09-03 14:27] - [2008-04-15 13:00] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 

C:\WINDOWS\system32\rpcss.dll
[2009-09-03 14:27] - [2009-02-09 11:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2009-09-03 14:27] - [2008-04-15 13:00] - 0052864 ___AC (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 


==================== End Of Log ============================