Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-05-2014
Ran by Przemek (administrator) on RTFG7T7I-AB7E3A on 02-05-2014 23:00:34
Running from C:\Documents and Settings\Przemek\Pulpit
Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\WINDOWS\system32\IoctlSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Vtune\TBPANEL.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvMediaCenter] => C:\WINDOWS\system32\NvMcTray.dll [110696 2010-12-12] (NVIDIA Corporation)
HKLM\...\Run: [NvCplDaemon] => C:\WINDOWS\system32\NvCpl.dll [13851752 2010-12-12] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1753192 2010-08-26] ()
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20065384 2011-12-05] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [196608 2001-11-01] (HP)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-1343024091-1417001333-725345543-1003\...\Run: [TBPanel] => C:\Program Files\Vtune\TBPanel.exe [2236416 2010-12-23] ()
HKU\S-1-5-21-1343024091-1417001333-725345543-1003\...\Run: [ALLUpdate] => C:\Program Files\ALLPlayer\ALLUpdate.exe [1379840 2011-08-16] ()
HKU\S-1-5-21-1343024091-1417001333-725345543-1003\...\MountPoints2: {c2603fc2-3f6f-11e1-9d97-001617b4d3e5} - H:\LaunchU3.exe -a
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} URL = http://www.default-search.net/search?sid=498&aid=109&itype=n&ver=12386&tm=332&src=ds&p={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} URL = http://www.default-search.net/search?sid=498&aid=109&itype=n&ver=12386&tm=332&src=ds&p={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Firefox\Profiles\3auwt3w6.default
FF SearchEngineOrder.1: default-search.net
FF Homepage: www.google.pl
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Website Discovery Pro - C:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Firefox\Profiles\3auwt3w6.default\Extensions\discoverypro@discoverypro.com [2014-04-29]
FF Extension: LavaFox V2 - C:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Firefox\Profiles\3auwt3w6.default\Extensions\info@djzig.com [2014-04-29]
FF Extension: FT DeepDark - C:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Firefox\Profiles\3auwt3w6.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2014-02-23]
FF Extension: Adblock Plus - C:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Firefox\Profiles\3auwt3w6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-03]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{e87f67c6-b46a-ec57-a714-78ae2ba82847} [2014-05-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Firefox\Profiles\3auwt3w6.default\extensions\quick_start@gmail.com

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://www.default-search.net?sid=498&aid=109&itype=n&ver=12386&tm=332&src=hmp"
CHR StartupUrls: "hxxp://www.default-search.net?sid=498&aid=109&itype=n&ver=12386&tm=332&src=hmp"
CHR DefaultSearchProvider: default-search.net
CHR Extension: (Google Docs) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-03]
CHR Extension: (Google Drive) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-03]
CHR Extension: (YouTube) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-03]
CHR Extension: (Google Search) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-03]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-03]
CHR Extension: (Gmail) - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-03]
CHR HKLM\...\Chrome\Extension: [bildoibdboopgomcbiplincneeicgipj] - C:\Program Files\StartSearch plugin\startsplg.crx [2014-01-03]
CHR HKLM\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26]

========================== Services (Whitelisted) =================

R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-11-16] (Oracle Corporation)
S2 Update WiseEnhance; "C:\Program Files\WiseEnhance\updateWiseEnhance.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21361 2012-01-22] (Cisco Systems, Inc.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36352 2005-03-09] (Advanced Micro Devices)
R3 Cardex; C:\WINDOWS\system32\drivers\TBPANEL.SYS [12256 2007-03-16] (Windows (R) 2000 DDK provider)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-10-28] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-10-28] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-10-28] (HP)
R3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2006-09-13] (Microsoft Corporation)
R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (EZB Systems, Inc.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2012-08-24] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [100736 2006-04-24] (NVIDIA Corporation)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [52736 2006-03-22] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [18944 2006-03-22] (NVIDIA Corporation)
R0 pnpshark; C:\WINDOWS\System32\DRIVERS\pnpshark.sys [119552 2003-10-02] ( )
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2006-09-13] (Microsoft Corporation)
S3 se45bus; C:\WINDOWS\System32\DRIVERS\se45bus.sys [61536 2006-11-30] (MCCI)
S3 se45mdfl; C:\WINDOWS\System32\DRIVERS\se45mdfl.sys [9360 2006-11-30] (MCCI)
S3 se45mdm; C:\WINDOWS\System32\DRIVERS\se45mdm.sys [97088 2006-11-30] (MCCI)
S3 se45mgmt; C:\WINDOWS\System32\DRIVERS\se45mgmt.sys [88624 2006-11-30] (MCCI)
S3 se45nd5; C:\WINDOWS\System32\DRIVERS\se45nd5.sys [18704 2006-11-30] (MCCI)
S3 se45obex; C:\WINDOWS\System32\DRIVERS\se45obex.sys [86432 2006-11-30] (MCCI)
S3 se45unic; C:\WINDOWS\System32\DRIVERS\se45unic.sys [90800 2006-11-30] (MCCI)
R0 st3shark; C:\WINDOWS\System32\DRIVERS\st3shark.sys [5504 2003-09-27] ( )
S3 TBPanel; C:\WINDOWS\system32\Drivers\TBPanel.sys [12256 2007-03-16] (Windows (R) 2000 DDK provider)
R1 {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gt; C:\WINDOWS\System32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gt.sys [55232 2014-04-24] (StdLib)
S3 hamachi; system32\DRIVERS\hamachi.sys [X]
S4 IntelIde; No ImagePath
S3 MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; 
U3 kgriikod; \??\C:\DOCUME~1\Przemek\USTAWI~1\Temp\kgriikod.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-02 23:00 - 2014-05-02 23:00 - 00015303 _____ () C:\Documents and Settings\Przemek\Pulpit\FRST.txt
2014-05-02 22:56 - 2014-05-02 23:00 - 00000000 ____D () C:\FRST
2014-05-02 22:56 - 2014-05-02 22:56 - 00083454 _____ () C:\Documents and Settings\Przemek\Pulpit\OTL.Txt
2014-05-02 22:56 - 2014-05-02 22:56 - 00066228 _____ () C:\Documents and Settings\Przemek\Pulpit\Extras.Txt
2014-05-02 22:46 - 2014-05-02 22:46 - 01050624 _____ (Farbar) C:\Documents and Settings\Przemek\Pulpit\FRST.exe
2014-05-02 22:21 - 2014-05-02 22:23 - 00000128 _____ () C:\Documents and Settings\Przemek\Pulpit\Nowy Dokument tekstowy.txt
2014-05-02 18:29 - 2014-05-02 22:20 - 00000000 ____D () C:\Documents and Settings\Przemek\Pulpit\logi otl+prescan gmer
2014-05-02 17:19 - 2014-05-02 17:20 - 00380416 _____ () C:\Documents and Settings\Przemek\Pulpit\yp4ddnt7.exe
2014-05-02 17:02 - 2014-05-02 17:02 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Przemek\Pulpit\OTL.exe
2014-05-02 14:38 - 2014-05-02 14:38 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-05-02 13:23 - 2014-05-02 13:34 - 00000000 ____D () C:\Program Files\Total Uninstall 6
2014-05-02 13:23 - 2014-05-02 13:23 - 00000715 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Total Uninstall 6.lnk
2014-05-02 13:23 - 2014-05-02 13:23 - 00000709 _____ () C:\Documents and Settings\All Users\Pulpit\Total Uninstall 6.lnk
2014-05-02 13:23 - 2014-05-02 13:23 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Martau
2014-05-02 13:20 - 2013-03-29 07:24 - 00000000 ____D () C:\Documents and Settings\Przemek\Pulpit\Total Uninstall Pro 6.2.4 [PL] [Dane rejestracyjne]
2014-05-02 13:19 - 2014-05-02 13:19 - 16588639 _____ () C:\Documents and Settings\Przemek\Pulpit\Total Uninstall Pro 6.2.4 [PL] [Dane rejestracyjne].rar
2014-05-02 10:24 - 2014-05-02 13:35 - 00005812 _____ () C:\WINDOWS\setupapi.log
2014-05-02 10:16 - 2014-05-02 10:16 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-02 10:16 - 2014-05-02 10:16 - 00000000 ____D () C:\Program Files\ALLPlayer
2014-05-02 10:16 - 2014-05-02 10:16 - 00000000 ____D () C:\Documents and Settings\Przemek\Dane aplikacji\SimilarSites
2014-05-02 10:16 - 2014-05-02 10:16 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\ALLPlayer
2014-05-01 23:23 - 2014-05-02 18:28 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-05-01 23:23 - 2014-05-02 18:28 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-05-01 23:23 - 2014-05-02 16:23 - 00028440 _____ () C:\WINDOWS\SchedLgU.Txt
2014-05-01 23:23 - 2014-05-01 23:23 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-05-01 23:22 - 2014-05-02 18:29 - 00083986 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-01 22:40 - 2014-05-02 10:16 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-29 21:47 - 2014-05-02 22:40 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-29 21:47 - 2014-04-29 21:48 - 00000320 _____ () C:\Documents and Settings\Przemek\Dane aplikacji\aps.uninstall.scan.results
2014-04-29 21:44 - 2014-04-29 21:44 - 00000742 _____ () C:\Documents and Settings\Przemek\Pulpit\PFPortChecker.lnk
2014-04-29 21:44 - 2014-04-29 21:44 - 00000000 ____D () C:\Program Files\PFPortChecker
2014-04-29 21:44 - 2014-04-29 21:44 - 00000000 ____D () C:\Documents and Settings\Przemek\Menu Start\Programy\Portforward.com
2014-04-29 21:43 - 2014-04-29 21:57 - 00000000 ____D () C:\Documents and Settings\Przemek\Dane aplikacji\systweak
2014-04-29 21:43 - 2014-04-29 21:43 - 01745360 _____ (AnyProtect.com) C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\nsz5D7.tmp
2014-04-29 21:43 - 2012-01-20 14:14 - 00017280 _____ () C:\WINDOWS\system32\roboot.exe
2014-04-29 18:08 - 2014-04-29 18:08 - 00000000 ___RD () C:\Documents and Settings\LocalService\Ulubione
2014-04-29 18:07 - 2014-04-24 12:32 - 00055232 _____ (StdLib) C:\WINDOWS\system32\Drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gt.sys
2014-04-29 17:33 - 2014-04-29 17:33 - 00000000 ____D () C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\LogMeIn
2014-04-29 17:33 - 2014-04-29 17:33 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\LogMeIn
2014-04-29 16:33 - 2014-05-02 10:23 - 00000000 ____D () C:\Documents and Settings\Przemek\Dane aplikacji\GameRanger
2014-04-29 16:33 - 2014-04-29 16:33 - 00000000 ____D () C:\Program Files\SiteFinder
2014-04-29 16:32 - 2014-04-29 22:11 - 00000000 ____D () C:\Program Files\WiseEnhance
2014-04-24 18:13 - 2014-04-24 18:13 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Counter-Strike 1.6
2014-04-18 12:32 - 2014-04-18 12:45 - 00000000 ____D () C:\Documents and Settings\Przemek\Pulpit\2014-04-18
2014-04-10 05:41 - 2014-04-10 05:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-04-05 23:03 - 2014-04-05 23:13 - 00000000 ____D () C:\Documents and Settings\Przemek\Pulpit\zadania od Kucharczyka
2014-04-04 22:34 - 2014-04-04 22:34 - 00000000 ____D () C:\Program Files\Softronics
2014-04-04 22:34 - 2014-04-04 22:34 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Multimedia Logic

==================== One Month Modified Files and Folders =======

2014-05-02 23:00 - 2014-05-02 23:00 - 00015303 _____ () C:\Documents and Settings\Przemek\Pulpit\FRST.txt
2014-05-02 23:00 - 2014-05-02 22:56 - 00000000 ____D () C:\FRST
2014-05-02 23:00 - 2011-12-24 16:16 - 00000000 ____D () C:\Documents and Settings\Przemek\Pulpit
2014-05-02 22:56 - 2014-05-02 22:56 - 00083454 _____ () C:\Documents and Settings\Przemek\Pulpit\OTL.Txt
2014-05-02 22:56 - 2014-05-02 22:56 - 00066228 _____ () C:\Documents and Settings\Przemek\Pulpit\Extras.Txt
2014-05-02 22:47 - 2014-01-03 10:24 - 00001038 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-02 22:46 - 2014-05-02 22:46 - 01050624 _____ (Farbar) C:\Documents and Settings\Przemek\Pulpit\FRST.exe
2014-05-02 22:40 - 2014-04-29 21:47 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-02 22:23 - 2014-05-02 22:21 - 00000128 _____ () C:\Documents and Settings\Przemek\Pulpit\Nowy Dokument tekstowy.txt
2014-05-02 22:20 - 2014-05-02 18:29 - 00000000 ____D () C:\Documents and Settings\Przemek\Pulpit\logi otl+prescan gmer
2014-05-02 18:29 - 2014-05-01 23:22 - 00083986 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-02 18:28 - 2014-05-01 23:23 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-05-02 18:28 - 2014-05-01 23:23 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-05-02 18:28 - 2014-03-22 10:59 - 00000226 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job
2014-05-02 18:28 - 2014-01-03 10:24 - 00001034 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-02 18:28 - 2011-12-24 16:15 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-02 17:20 - 2014-05-02 17:19 - 00380416 _____ () C:\Documents and Settings\Przemek\Pulpit\yp4ddnt7.exe
2014-05-02 17:02 - 2014-05-02 17:02 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Przemek\Pulpit\OTL.exe
2014-05-02 16:26 - 2012-08-24 08:39 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-05-02 16:23 - 2014-05-01 23:23 - 00028440 _____ () C:\WINDOWS\SchedLgU.Txt
2014-05-02 14:38 - 2014-05-02 14:38 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-05-02 13:35 - 2014-05-02 10:24 - 00005812 _____ () C:\WINDOWS\setupapi.log
2014-05-02 13:34 - 2014-05-02 13:23 - 00000000 ____D () C:\Program Files\Total Uninstall 6
2014-05-02 13:34 - 2011-12-24 16:16 - 00000000 __RHD () C:\Documents and Settings\Przemek\Dane aplikacji
2014-05-02 13:23 - 2014-05-02 13:23 - 00000715 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Total Uninstall 6.lnk
2014-05-02 13:23 - 2014-05-02 13:23 - 00000709 _____ () C:\Documents and Settings\All Users\Pulpit\Total Uninstall 6.lnk
2014-05-02 13:23 - 2014-05-02 13:23 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Martau
2014-05-02 13:23 - 2011-12-24 16:48 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy
2014-05-02 13:23 - 2011-12-24 16:48 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2014-05-02 13:23 - 2011-12-24 16:46 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji
2014-05-02 13:22 - 2011-12-24 16:42 - 00000000 ____D () C:\WINDOWS\system
2014-05-02 13:19 - 2014-05-02 13:19 - 16588639 _____ () C:\Documents and Settings\Przemek\Pulpit\Total Uninstall Pro 6.2.4 [PL] [Dane rejestracyjne].rar
2014-05-02 12:59 - 2011-12-24 16:16 - 00000188 ___SH () C:\Documents and Settings\Przemek\ntuser.ini
2014-05-02 12:51 - 2013-08-30 10:10 - 00000000 ____D () C:\Documents and Settings\Przemek\Dane aplikacji\Skype
2014-05-02 10:24 - 2011-12-24 16:16 - 00000000 ___HD () C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji
2014-05-02 10:24 - 2011-12-24 16:15 - 00000000 ___HD () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji
2014-05-02 10:23 - 2014-04-29 16:33 - 00000000 ____D () C:\Documents and Settings\Przemek\Dane aplikacji\GameRanger
2014-05-02 10:23 - 2011-12-24 16:16 - 00000000 ___RD () C:\Documents and Settings\Przemek\Menu Start\Programy
2014-05-02 10:22 - 2013-06-15 16:45 - 00000000 ____D () C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\ALLMediaServer
2014-05-02 10:18 - 2001-07-22 01:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-05-02 10:17 - 2011-12-24 16:16 - 00000000 ____D () C:\Documents and Settings\Przemek
2014-05-02 10:17 - 2011-12-24 16:15 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-05-02 10:17 - 2011-12-24 16:15 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-05-02 10:17 - 2011-12-24 15:58 - 00000000 ____D () C:\WINDOWS\Registration
2014-05-02 10:16 - 2014-05-02 10:16 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-02 10:16 - 2014-05-02 10:16 - 00000000 ____D () C:\Program Files\ALLPlayer
2014-05-02 10:16 - 2014-05-02 10:16 - 00000000 ____D () C:\Documents and Settings\Przemek\Dane aplikacji\SimilarSites
2014-05-02 10:16 - 2014-05-02 10:16 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\ALLPlayer
2014-05-02 10:16 - 2014-05-01 22:40 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-02 10:16 - 2013-05-13 22:05 - 00000000 ____D () C:\Documents and Settings\Przemek\Dane aplikacji\uTorrent
2014-05-01 23:23 - 2014-05-01 23:23 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-05-01 23:23 - 2012-01-12 16:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2646524$
2014-05-01 22:40 - 2012-08-24 09:05 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2014-05-01 22:34 - 2013-11-23 12:07 - 00007839 _____ () C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
2014-04-30 17:26 - 2011-12-27 11:17 - 00074152 _____ () C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2014-04-29 22:11 - 2014-04-29 16:32 - 00000000 ____D () C:\Program Files\WiseEnhance
2014-04-29 22:11 - 2011-12-24 16:46 - 01580296 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-04-29 22:07 - 2013-11-23 12:21 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\HP
2014-04-29 22:04 - 2013-11-23 12:22 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\HP
2014-04-29 22:04 - 2011-12-24 16:48 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start
2014-04-29 22:03 - 2013-11-23 12:08 - 00000000 ____D () C:\Program Files\HP
2014-04-29 21:57 - 2014-04-29 21:43 - 00000000 ____D () C:\Documents and Settings\Przemek\Dane aplikacji\systweak
2014-04-29 21:48 - 2014-04-29 21:47 - 00000320 _____ () C:\Documents and Settings\Przemek\Dane aplikacji\aps.uninstall.scan.results
2014-04-29 21:48 - 2001-07-22 01:16 - 00000952 _____ () C:\WINDOWS\win.ini
2014-04-29 21:47 - 2013-10-12 17:48 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-04-29 21:47 - 2013-10-12 17:48 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-04-29 21:44 - 2014-04-29 21:44 - 00000742 _____ () C:\Documents and Settings\Przemek\Pulpit\PFPortChecker.lnk
2014-04-29 21:44 - 2014-04-29 21:44 - 00000000 ____D () C:\Program Files\PFPortChecker
2014-04-29 21:44 - 2014-04-29 21:44 - 00000000 ____D () C:\Documents and Settings\Przemek\Menu Start\Programy\Portforward.com
2014-04-29 21:43 - 2014-04-29 21:43 - 01745360 _____ (AnyProtect.com) C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\nsz5D7.tmp
2014-04-29 18:26 - 2013-11-17 00:10 - 00000000 ____D () C:\Documents and Settings\Przemek\Menu Start\Programy\Heroes III
2014-04-29 18:08 - 2014-04-29 18:08 - 00000000 ___RD () C:\Documents and Settings\LocalService\Ulubione
2014-04-29 17:33 - 2014-04-29 17:33 - 00000000 ____D () C:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\LogMeIn
2014-04-29 17:33 - 2014-04-29 17:33 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\LogMeIn
2014-04-29 16:33 - 2014-04-29 16:33 - 00000000 ____D () C:\Program Files\SiteFinder
2014-04-29 16:32 - 2011-12-24 16:16 - 00000000 ___HD () C:\Documents and Settings\Przemek\Ustawienia lokalne
2014-04-29 16:28 - 2012-12-11 17:43 - 00025713 _____ () C:\WINDOWS\CSTBox.INI
2014-04-29 16:28 - 2012-10-07 12:07 - 00000000 ____D () C:\Documents and Settings\Przemek\Dane aplikacji\Canon
2014-04-28 01:42 - 2012-12-31 19:26 - 00131072 _____ () C:\WINDOWS\system32\config\OAlerts.evt
2014-04-24 18:13 - 2014-04-24 18:13 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Counter-Strike 1.6
2014-04-24 12:32 - 2014-04-29 18:07 - 00055232 _____ (StdLib) C:\WINDOWS\system32\Drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gt.sys
2014-04-23 03:39 - 2011-12-24 16:49 - 01297954 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-23 03:39 - 2001-10-26 19:15 - 00570270 _____ () C:\WINDOWS\system32\perfh015.dat
2014-04-23 03:39 - 2001-10-26 19:15 - 00112416 _____ () C:\WINDOWS\system32\perfc015.dat
2014-04-18 12:45 - 2014-04-18 12:32 - 00000000 ____D () C:\Documents and Settings\Przemek\Pulpit\2014-04-18
2014-04-14 22:00 - 2014-03-17 21:26 - 00000000 ____D () C:\Documents and Settings\Przemek\Dane aplikacji\TS3Client
2014-04-10 05:41 - 2014-04-10 05:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-04-10 05:41 - 2013-08-15 04:53 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-10 05:38 - 2011-12-24 18:55 - 88028728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-04-08 16:54 - 2014-03-22 10:59 - 00000220 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job
2014-04-06 08:32 - 2011-12-24 16:16 - 00000000 ___RD () C:\Documents and Settings\Przemek\Ulubione
2014-04-05 23:13 - 2014-04-05 23:03 - 00000000 ____D () C:\Documents and Settings\Przemek\Pulpit\zadania od Kucharczyka
2014-04-04 22:34 - 2014-04-04 22:34 - 00000000 ____D () C:\Program Files\Softronics
2014-04-04 22:34 - 2014-04-04 22:34 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Multimedia Logic
2014-04-04 22:34 - 2011-12-24 16:40 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information

Some content of TEMP:
====================
C:\Documents and Settings\Przemek\Ustawienia lokalne\Temp\CmdLineExt02.dll
C:\Documents and Settings\Przemek\Ustawienia lokalne\Temp\FP_AX_MSI_INSTALLER.exe
C:\Documents and Settings\Przemek\Ustawienia lokalne\Temp\ggdrive-menu.exe
C:\Documents and Settings\Przemek\Ustawienia lokalne\Temp\ggdrive-overlay.exe
C:\Documents and Settings\Przemek\Ustawienia lokalne\Temp\hpqrrx08.exe
C:\Documents and Settings\Przemek\Ustawienia lokalne\Temp\hpzmsi01.exe
C:\Documents and Settings\Przemek\Ustawienia lokalne\Temp\hpzscr01.EXE
C:\Documents and Settings\Przemek\Ustawienia lokalne\Temp\hpzswp01.exe
C:\Documents and Settings\Przemek\Ustawienia lokalne\Temp\installstats.exe
C:\Documents and Settings\Przemek\Ustawienia lokalne\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2007-03-10 03:31] - [2008-04-14 19:21] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a 

C:\WINDOWS\system32\winlogon.exe
[2004-08-04 01:44] - [2008-04-14 19:21] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 

C:\WINDOWS\system32\svchost.exe
[2004-08-04 01:44] - [2008-04-14 19:21] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce 

C:\WINDOWS\system32\services.exe
[2004-08-04 01:44] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f 

C:\WINDOWS\system32\User32.dll
[2007-03-10 03:32] - [2008-04-14 19:20] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 

C:\WINDOWS\system32\userinit.exe
[2004-08-04 01:44] - [2008-04-14 19:21] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 

C:\WINDOWS\system32\rpcss.dll
[2006-09-13 17:30] - [2009-02-09 12:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2004-08-04 01:36] - [2008-04-14 18:01] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 


==================== End Of Log ============================