Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-02-2014
Ran by Ania (administrator) on W-CEC3AA7F0A834 on 08-02-2014 21:17:33
Running from C:\Documents and Settings\Ania\Moje dokumenty\Downloads\Nowy folder
Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
() C:\Program Files\Winamp\winampa.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-02-25] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SigmatelSysTrayApp] - C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [405504 2007-05-10] (SigmaTel, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761947 2006-03-08] (Synaptics, Inc.)
HKLM\...\Run: [IntelZeroConfig] - C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [995328 2007-10-08] (Intel Corporation)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [1101824 2007-10-08] (Intel Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\winampa.exe [35328 2006-11-27] ()
HKLM\...\Run: [BluetoothAuthenticationAgent] - rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\.DEFAULT\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32
HKU\S-1-5-19\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32
HKU\S-1-5-20\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32
HKU\S-1-5-21-1078081533-1326574676-1606980848-1003\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20587168 2013-11-18] (Skype Technologies S.A.)

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 194.204.159.1 194.204.152.34 192.168.1.2

Chrome: 
=======
CHR HomePage: hxxp://www.google.pl/
CHR Plugin: (Widevine Content Decryption Module) - C:\Documents and Settings\Ania\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX® Content Upload Plugin) - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (DivX® Web Player) - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Ania\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-02]
CHR Extension: (Dysk Google) - C:\Documents and Settings\Ania\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-02]
CHR Extension: (YouTube) - C:\Documents and Settings\Ania\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-02]
CHR Extension: (Szukaj w Google) - C:\Documents and Settings\Ania\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-02]
CHR Extension: (Christmas Mahjong) - C:\Documents and Settings\Ania\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ghmebaamjdfjkhaaifophgklodieiflm [2013-12-15]
CHR Extension: (AdBlock) - C:\Documents and Settings\Ania\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-20]
CHR Extension: (Sprawdzanie poczty Google) - C:\Documents and Settings\Ania\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-12-15]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Ania\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-02]
CHR Extension: (Gmail) - C:\Documents and Settings\Ania\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-02]

========================== Services (Whitelisted) =================

S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-02-25] ()
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [1183744 2007-10-08] (Intel Corporation )
R2 WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [356352 2007-10-08] (Intel Corporation)

==================== Drivers (Whitelisted) ====================

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21361 2013-12-02] (Cisco Systems, Inc.)
R3 NETw4x32; C:\WINDOWS\System32\DRIVERS\NETw4x32.sys [2236032 2007-09-26] (Intel Corporation)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12288 2007-08-27] (Intel Corporation)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1222840 2007-05-10] (SigmaTel, Inc.)
S4 IntelIde; No ImagePath
S3 PCASp50; System32\Drivers\PCASp50.sys [X]
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-08 17:14 - 2014-02-08 17:18 - 00097788 _____ () C:\Documents and Settings\Ania\Pulpit\OTL.Txt
2014-02-08 17:14 - 2014-02-08 17:18 - 00032094 _____ () C:\Documents and Settings\Ania\Pulpit\Extras.Txt
2014-02-08 17:03 - 2014-02-08 21:17 - 00000000 ____D () C:\FRST
2014-02-08 16:24 - 2014-02-08 19:45 - 00001309 _____ () C:\WINDOWS\setupapi.log
2014-02-08 12:38 - 2014-02-08 12:38 - 00000682 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
2014-02-08 12:38 - 2014-02-08 12:38 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-08 12:38 - 2014-02-08 12:38 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
2014-02-08 01:10 - 2014-02-08 12:20 - 00185618 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1078081533-1326574676-1606980848-1003-0.dat
2014-02-08 01:09 - 2014-02-08 12:20 - 00185618 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
2014-02-08 00:40 - 2014-02-08 12:31 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Avira
2014-02-07 17:41 - 2014-02-07 17:41 - 00007540 _____ () C:\Documents and Settings\Ania\Pulpit\UsbFix [Listing 1] W-CEC3AA7F0A834.txt
2014-02-07 17:39 - 2014-02-07 17:39 - 00001364 _____ () C:\Documents and Settings\Ania\Pulpit\UsbFix.lnk
2014-02-07 17:39 - 2014-02-07 17:39 - 00000000 ____D () C:\UsbFix
2014-02-07 17:01 - 2014-02-08 00:37 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Package Cache
2014-02-07 15:19 - 2014-02-07 16:34 - 00007680 _____ () C:\Documents and Settings\Ania\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-07 01:47 - 2014-02-07 01:47 - 00495654 _____ () C:\Documents and Settings\Ania\Pulpit\pierwsza miłość.bmp
2014-02-06 22:46 - 2014-02-06 22:46 - 00609054 _____ () C:\Documents and Settings\Ania\Pulpit\miracles.bmp
2014-02-06 22:01 - 2014-02-07 16:10 - 00000000 ____D () C:\Documents and Settings\Ania\Pulpit\Upiory pierścienia
2014-02-05 23:42 - 2014-02-08 16:44 - 00000000 ____D () C:\Documents and Settings\Ania\Pulpit\Pulpit
2014-01-27 01:21 - 2014-02-06 17:41 - 00115712 ___SH () C:\Documents and Settings\Ania\Pulpit\Thumbs.db
2014-01-20 22:55 - 2014-01-20 22:56 - 00000000 ___SD () C:\Documents and Settings\Ania\GG dysk (michaell24_95-o2_pl)
2014-01-20 22:11 - 2014-01-20 22:11 - 00000000 ____D () C:\WINDOWS\system32\Adobe
2014-01-15 21:33 - 2014-01-15 21:33 - 00000000 ____D () C:\Program Files\Lavalys
2014-01-15 21:33 - 2014-01-15 21:33 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Lavalys
2014-01-12 13:55 - 2008-04-14 22:51 - 00152064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irftp.exe
2014-01-12 13:55 - 2008-04-14 22:51 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\irftp.exe
2014-01-12 13:55 - 2008-04-14 22:51 - 00008192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wshirda.dll
2014-01-12 13:55 - 2008-04-14 22:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshirda.dll
2014-01-12 13:55 - 2008-04-14 22:50 - 00028672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irmon.dll
2014-01-12 13:55 - 2008-04-14 22:50 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2014-01-12 13:55 - 2008-04-14 21:35 - 00273920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthport.sys
2014-01-12 13:55 - 2008-04-14 21:35 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-01-12 13:55 - 2008-04-14 00:21 - 00101120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-01-12 13:55 - 2008-04-14 00:16 - 00059136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rfcomm.sys
2014-01-12 13:55 - 2008-04-14 00:16 - 00059136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2014-01-12 13:55 - 2008-04-14 00:16 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthusb.sys
2014-01-12 13:55 - 2008-04-14 00:16 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2014-01-12 13:55 - 2008-04-14 00:16 - 00017024 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthenum.sys
2014-01-12 13:55 - 2008-04-14 00:16 - 00017024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthEnum.sys

==================== One Month Modified Files and Folders =======

2014-02-08 21:17 - 2014-02-08 17:03 - 00000000 ____D () C:\FRST
2014-02-08 21:14 - 2013-12-02 19:31 - 00289522 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-08 21:09 - 2013-12-02 21:27 - 00000000 ____D () C:\Documents and Settings\Ania\Dane aplikacji\Skype
2014-02-08 21:09 - 2013-12-02 20:29 - 00001028 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-08 21:09 - 2013-12-02 19:42 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-08 21:07 - 2013-12-02 20:12 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2014-02-08 21:07 - 2013-12-02 19:42 - 00032500 _____ () C:\WINDOWS\SchedLgU.Txt
2014-02-08 21:06 - 2013-12-02 19:47 - 00000188 ___SH () C:\Documents and Settings\Ania\ntuser.ini
2014-02-08 20:45 - 2013-12-02 20:29 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-08 20:29 - 2013-12-02 20:43 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-08 19:45 - 2014-02-08 16:24 - 00001309 _____ () C:\WINDOWS\setupapi.log
2014-02-08 17:20 - 2013-12-02 19:47 - 00000000 ____D () C:\Documents and Settings\Ania\Pulpit
2014-02-08 17:18 - 2014-02-08 17:14 - 00097788 _____ () C:\Documents and Settings\Ania\Pulpit\OTL.Txt
2014-02-08 17:18 - 2014-02-08 17:14 - 00032094 _____ () C:\Documents and Settings\Ania\Pulpit\Extras.Txt
2014-02-08 16:44 - 2014-02-05 23:42 - 00000000 ____D () C:\Documents and Settings\Ania\Pulpit\Pulpit
2014-02-08 16:25 - 2013-12-02 21:21 - 00000000 ____D () C:\Documents and Settings\Ania\Dane aplikacji\GG
2014-02-08 13:30 - 2013-12-02 20:05 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-02-08 12:41 - 2013-12-02 21:40 - 00000000 ____D () C:\Program Files\Winamp
2014-02-08 12:40 - 2013-12-02 19:47 - 00000000 ____D () C:\Documents and Settings\Ania
2014-02-08 12:38 - 2014-02-08 12:38 - 00000682 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
2014-02-08 12:38 - 2014-02-08 12:38 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-08 12:38 - 2014-02-08 12:38 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
2014-02-08 12:38 - 2013-12-02 20:12 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy
2014-02-08 12:38 - 2013-12-02 20:12 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2014-02-08 12:31 - 2014-02-08 00:40 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Avira
2014-02-08 12:20 - 2014-02-08 01:10 - 00185618 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1078081533-1326574676-1606980848-1003-0.dat
2014-02-08 12:20 - 2014-02-08 01:09 - 00185618 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
2014-02-08 12:20 - 2013-12-02 20:12 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji
2014-02-08 12:17 - 2013-12-02 19:47 - 00000000 __RHD () C:\Documents and Settings\Ania\Dane aplikacji
2014-02-08 12:17 - 2013-12-02 19:42 - 00000000 ____D () C:\Documents and Settings\LocalService\Dane aplikacji
2014-02-08 01:09 - 2013-12-02 19:42 - 00000000 ___HD () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji
2014-02-08 00:50 - 2013-12-02 20:13 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-02-08 00:37 - 2014-02-07 17:01 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Package Cache
2014-02-07 17:41 - 2014-02-07 17:41 - 00007540 _____ () C:\Documents and Settings\Ania\Pulpit\UsbFix [Listing 1] W-CEC3AA7F0A834.txt
2014-02-07 17:39 - 2014-02-07 17:39 - 00001364 _____ () C:\Documents and Settings\Ania\Pulpit\UsbFix.lnk
2014-02-07 17:39 - 2014-02-07 17:39 - 00000000 ____D () C:\UsbFix
2014-02-07 17:15 - 2013-12-02 20:04 - 00000000 ____D () C:\WINDOWS\system32\pl-pl
2014-02-07 17:14 - 2013-12-02 20:13 - 01076406 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-07 17:14 - 2001-10-26 20:15 - 00490186 _____ () C:\WINDOWS\system32\perfh015.dat
2014-02-07 17:14 - 2001-10-26 20:15 - 00084302 _____ () C:\WINDOWS\system32\perfc015.dat
2014-02-07 17:11 - 2013-12-04 12:19 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-02-07 17:11 - 2013-12-02 20:04 - 00000000 ____D () C:\WINDOWS\system32\mui
2014-02-07 16:34 - 2014-02-07 15:19 - 00007680 _____ () C:\Documents and Settings\Ania\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-07 16:10 - 2014-02-06 22:01 - 00000000 ____D () C:\Documents and Settings\Ania\Pulpit\Upiory pierścienia
2014-02-07 15:19 - 2013-12-02 19:47 - 00000000 ___HD () C:\Documents and Settings\Ania\Ustawienia lokalne\Dane aplikacji
2014-02-07 01:47 - 2014-02-07 01:47 - 00495654 _____ () C:\Documents and Settings\Ania\Pulpit\pierwsza miłość.bmp
2014-02-06 22:46 - 2014-02-06 22:46 - 00609054 _____ () C:\Documents and Settings\Ania\Pulpit\miracles.bmp
2014-02-06 17:41 - 2014-01-27 01:21 - 00115712 ___SH () C:\Documents and Settings\Ania\Pulpit\Thumbs.db
2014-02-06 17:05 - 2013-12-02 21:27 - 00002267 _____ () C:\Documents and Settings\All Users\Pulpit\Skype.lnk
2014-02-05 17:29 - 2013-12-02 20:43 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-05 17:29 - 2013-12-02 20:43 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-02-05 13:57 - 2001-07-22 02:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-02-04 18:56 - 2013-12-02 20:34 - 00001819 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
2014-01-31 00:31 - 2013-12-02 20:59 - 00002347 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk
2014-01-27 16:53 - 2013-12-02 20:58 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2014-01-27 16:52 - 2013-12-15 19:53 - 00000000 ____D () C:\Documents and Settings\Ania\Dane aplikacji\Adobe
2014-01-27 16:52 - 2013-12-02 20:37 - 00000000 ____D () C:\Documents and Settings\Ania\Ustawienia lokalne\Dane aplikacji\Adobe
2014-01-26 02:27 - 2013-12-02 19:47 - 00000000 ___RD () C:\Documents and Settings\Ania\Moje dokumenty\Moje obrazy
2014-01-20 22:56 - 2014-01-20 22:55 - 00000000 ___SD () C:\Documents and Settings\Ania\GG dysk (michaell24_95-o2_pl)
2014-01-20 22:55 - 2013-12-02 19:47 - 00000000 ___RD () C:\Documents and Settings\Ania\Ulubione
2014-01-20 22:11 - 2014-01-20 22:11 - 00000000 ____D () C:\WINDOWS\system32\Adobe
2014-01-15 21:33 - 2014-01-15 21:33 - 00000000 ____D () C:\Program Files\Lavalys
2014-01-15 21:33 - 2014-01-15 21:33 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Lavalys
2014-01-12 13:55 - 2013-12-02 20:04 - 00000000 ____D () C:\WINDOWS\security

Some content of TEMP:
====================
C:\Documents and Settings\Ania\Ustawienia lokalne\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2008-04-14 23:51] - [2008-04-14 23:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a 

C:\WINDOWS\system32\winlogon.exe
[2008-04-14 23:51] - [2008-04-14 23:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 

C:\WINDOWS\system32\svchost.exe
[2008-04-14 23:51] - [2008-04-14 23:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce 

C:\WINDOWS\system32\services.exe
[2008-04-14 23:51] - [2008-04-14 23:51] - 0109056 ____A (Microsoft Corporation) 3e3ae424e27c4cefe4cab368c7b570ea 

C:\WINDOWS\system32\User32.dll
[2008-04-14 23:50] - [2008-04-14 23:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 

C:\WINDOWS\system32\userinit.exe
[2008-04-14 23:51] - [2008-04-14 23:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 

C:\WINDOWS\system32\rpcss.dll
[2008-04-14 23:50] - [2008-04-14 23:50] - 0399360 ____A (Microsoft Corporation) 02396dab9dd407b06539981f477f3fec 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2008-04-14 22:31] - [2008-04-14 22:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 


==================== End Of Log ============================