Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-02-2014 01
Ran by Tadek (administrator) on TADEK-2009-03 on 25-02-2014 21:10:37
Running from F:\vir2
Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(THOMSON Telecom Belgium) C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(France Télécom R&D) C:\Program Files\neostrada tp\TaskBarIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Teruten) C:\WINDOWS\system32\FsUsbExService.Exe
(France Telecom) C:\WINDOWS\System32\FTRTSVC.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SoundMan] - C:\WINDOWS\SOUNDMAN.EXE [77824 2005-08-11] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SpeedTouch USB Diagnostics] - C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [866816 2004-01-26] (THOMSON Telecom Belgium)
HKLM\...\Run: [WOOWATCH] - C:\Program Files\neostrada tp\Watch.exe [20480 2004-08-23] (France Télécom R&D)
HKLM\...\Run: [WOOTASKBARICON] - C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe
HKLM\...\Run: [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2005-05-11] (Hewlett-Packard Co.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-26] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [ApnTBMon] - C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758160 2014-02-13] (APN)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-796845957-2111687655-839522115-1003\...\Run: [papi.exe] - "C:\Documents and Settings\Tadek\Dane aplikacji\Wuko\papi.exe"
HKU\S-1-5-21-796845957-2111687655-839522115-1003\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 18 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 194.63.133.4 194.63.132.4

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Tadek\Dane aplikacji\Mozilla\Firefox\Profiles\27yx2kva.default-1393349143171
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @zylom.com/ZylomGamesPlayer - C:\Documents and Settings\All Users\Dane aplikacji\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-12-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-26] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] (APN LLC.)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-02-25] ()
R2 FTRTSVC; C:\WINDOWS\System32\FTRTSVC.exe [40960 2004-08-23] (France Telecom)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-10-23] (Oracle Corporation)

==================== Drivers (Whitelisted) ====================

S3 alcan5wn; C:\WINDOWS\System32\DRIVERS\alcan5wn.sys [53600 2003-12-08] (THOMSON)
S3 alcaudsl; C:\WINDOWS\System32\DRIVERS\alcaudsl.sys [70688 2003-12-08] (THOMSON)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [2324480 2005-08-11] (Realtek Semiconductor Corp.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [90400 2013-12-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [135648 2013-12-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2013-12-03] (Avira Operations GmbH & Co. KG)
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.SYS [21664 2004-10-25] (EnTech Taiwan)
R3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2009-03-31] ()
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51120 2005-03-08] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2005-03-08] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21744 2005-03-08] (HP)
R3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [33408 2005-01-13] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [12928 2005-01-13] (NVIDIA Corporation)
S3 PCANDIS5; C:\WINDOWS\system32\PCANDIS5.SYS [16128 2003-08-04] (Printing Communications Assoc., Inc. (PCAUSA))
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 ss_bbus; C:\WINDOWS\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI)
S3 ss_bmdfl; C:\WINDOWS\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation)
S3 ss_bmdm; C:\WINDOWS\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation)
R1 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5632 2009-12-09] ()
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-25 19:07 - 2014-02-25 19:07 - 00094208 _____ () C:\WINDOWS\Minidump\Mini022514-01.dmp
2014-02-25 18:57 - 2014-02-25 21:10 - 00000000 ____D () C:\FRST
2014-02-24 19:23 - 2014-02-24 19:23 - 00000000 __SHD () C:\Documents and Settings\LocalService\IETldCache
2014-02-24 17:01 - 2014-02-24 17:01 - 00000730 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk
2014-02-24 17:01 - 2014-02-24 17:01 - 00000724 _____ () C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
2014-02-24 17:01 - 2014-02-24 17:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-24 17:00 - 2014-02-24 17:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-24 14:28 - 2014-02-24 16:32 - 00000000 ____D () C:\AdwCleaner
2014-02-21 16:41 - 2014-02-25 21:05 - 353867188 _____ () C:\debug.txt
2014-02-18 13:21 - 2014-02-18 13:21 - 00000000 ____D () C:\Documents and Settings\Tadek\Moje dokumenty\Danuta_Micielska
2014-02-18 12:33 - 2014-02-18 13:33 - 00000000 ____D () C:\Documents and Settings\Tadek\Pulpit\pit
2014-02-16 14:02 - 2014-02-21 18:05 - 00000000 ____D () C:\Documents and Settings\Tadek\Pulpit\Ania
2014-02-11 21:38 - 2014-02-19 18:55 - 00000000 ____D () C:\PIT Projekt 2013
2014-02-11 20:26 - 2014-02-11 21:38 - 00000659 _____ () C:\Documents and Settings\All Users\Pulpit\PIT Projekt 2013.lnk
2014-02-11 20:26 - 2014-02-11 21:17 - 00000000 ____D () C:\Program Files\PIT Projekt 2013
2014-02-11 20:26 - 2014-02-11 20:26 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\GP SOFT

==================== One Month Modified Files and Folders =======

2014-02-25 21:10 - 2014-02-25 18:57 - 00000000 ____D () C:\FRST
2014-02-25 21:08 - 2009-03-31 20:22 - 01055410 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-25 21:07 - 2009-04-01 18:50 - 00000000 ____D () C:\Program Files\neostrada tp
2014-02-25 21:07 - 2009-03-31 22:17 - 00000541 _____ () C:\WINDOWS\wiadebug.log
2014-02-25 21:07 - 2009-03-31 22:17 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-02-25 21:06 - 2009-03-31 20:27 - 00000292 ___SH () C:\Documents and Settings\Tadek\ntuser.ini
2014-02-25 21:06 - 2009-03-31 20:27 - 00000000 ____D () C:\Documents and Settings\Tadek
2014-02-25 21:05 - 2014-02-21 16:41 - 353867188 _____ () C:\debug.txt
2014-02-25 21:05 - 2009-03-31 22:15 - 00004790 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-25 21:05 - 2001-10-26 20:15 - 00530622 _____ () C:\WINDOWS\system32\perfh015.dat
2014-02-25 21:05 - 2001-10-26 20:15 - 00104518 _____ () C:\WINDOWS\system32\perfc015.dat
2014-02-25 21:04 - 2011-04-16 11:37 - 00000000 ____D () C:\Documents and Settings\Tadek\Moje dokumenty\Pobieranie
2014-02-25 21:03 - 2009-03-31 22:15 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji
2014-02-25 21:03 - 2009-03-31 20:27 - 00000000 __RHD () C:\Documents and Settings\Tadek\Dane aplikacji
2014-02-25 20:02 - 2011-12-03 15:32 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-02-25 19:32 - 2009-03-31 20:21 - 00000000 ____D () C:\WINDOWS\Registration
2014-02-25 19:07 - 2014-02-25 19:07 - 00094208 _____ () C:\WINDOWS\Minidump\Mini022514-01.dmp
2014-02-25 19:07 - 2009-11-15 10:23 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-25 18:25 - 2013-10-19 16:25 - 00000000 ____D () C:\Documents and Settings\Tadek\Pulpit\Stare dane programu Firefox
2014-02-25 18:14 - 2009-03-31 22:15 - 00526468 _____ () C:\WINDOWS\setupapi.log
2014-02-24 22:24 - 2009-04-07 16:14 - 00000023 _____ () C:\WINDOWS\popcinfo.dat
2014-02-24 19:23 - 2014-02-24 19:23 - 00000000 __SHD () C:\Documents and Settings\LocalService\IETldCache
2014-02-24 19:23 - 2009-03-31 20:26 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-02-24 17:01 - 2014-02-24 17:01 - 00000730 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk
2014-02-24 17:01 - 2014-02-24 17:01 - 00000724 _____ () C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk
2014-02-24 17:01 - 2014-02-24 17:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-24 17:01 - 2014-02-24 17:00 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-24 17:01 - 2009-03-31 22:15 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy
2014-02-24 17:01 - 2009-03-31 22:15 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2014-02-24 17:01 - 2009-03-31 21:20 - 00000000 ____D () C:\Documents and Settings\Tadek\Dane aplikacji\Mozilla
2014-02-24 16:50 - 2009-03-31 20:27 - 00000000 ____D () C:\Documents and Settings\Tadek\Pulpit
2014-02-24 16:32 - 2014-02-24 14:28 - 00000000 ____D () C:\AdwCleaner
2014-02-24 16:20 - 2012-02-23 22:23 - 00000000 ____D () C:\Program Files\Dr. Tax Light - PIT 2011
2014-02-24 16:00 - 2012-02-23 16:18 - 00000000 ____D () C:\Program Files\PITy
2014-02-24 16:00 - 2012-02-22 22:29 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Infonetax
2014-02-24 15:59 - 2012-02-23 16:48 - 00000000 ____D () C:\PIT Format 2011
2014-02-24 14:22 - 2013-02-14 23:05 - 00000000 ____D () C:\PIT Format 2012
2014-02-22 21:46 - 2009-04-01 20:43 - 00000000 ____D () C:\Documents and Settings\Tadek\Dane aplikacji\Skype
2014-02-22 20:44 - 2009-04-01 20:43 - 00002265 _____ () C:\Documents and Settings\All Users\Pulpit\Skype.lnk
2014-02-22 20:14 - 2001-07-22 02:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-02-21 18:08 - 2009-05-03 20:16 - 00002545 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Office Word 2003.lnk
2014-02-21 18:05 - 2014-02-16 14:02 - 00000000 ____D () C:\Documents and Settings\Tadek\Pulpit\Ania
2014-02-20 21:25 - 2009-04-18 20:01 - 00000000 ____D () C:\Documents and Settings\Tadek\Dane aplikacji\Image Zone Express
2014-02-19 18:55 - 2014-02-11 21:38 - 00000000 ____D () C:\PIT Projekt 2013
2014-02-18 13:33 - 2014-02-18 12:33 - 00000000 ____D () C:\Documents and Settings\Tadek\Pulpit\pit
2014-02-18 13:23 - 2010-11-14 16:35 - 00000151 _____ () C:\WINDOWS\PhotoSnapViewer.INI
2014-02-18 13:21 - 2014-02-18 13:21 - 00000000 ____D () C:\Documents and Settings\Tadek\Moje dokumenty\Danuta_Micielska
2014-02-18 13:21 - 2009-03-31 20:27 - 00000000 ___RD () C:\Documents and Settings\Tadek\Moje dokumenty
2014-02-16 23:25 - 2009-04-16 12:03 - 00000000 ____D () C:\Program Files\Jewel Quest
2014-02-16 23:25 - 2001-07-22 02:16 - 00000783 _____ () C:\WINDOWS\win.ini
2014-02-12 23:21 - 2009-04-18 20:01 - 00000000 ____D () C:\Documents and Settings\Tadek\Moje dokumenty\Moje zeskanowane obrazy
2014-02-11 21:38 - 2014-02-11 20:26 - 00000659 _____ () C:\Documents and Settings\All Users\Pulpit\PIT Projekt 2013.lnk
2014-02-11 21:17 - 2014-02-11 20:26 - 00000000 ____D () C:\Program Files\PIT Projekt 2013
2014-02-11 20:26 - 2014-02-11 20:26 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\GP SOFT

Some content of TEMP:
====================
C:\Documents and Settings\Tadek\Ustawienia lokalne\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2004-08-04 00:44] - [2008-04-14 21:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a 

C:\WINDOWS\system32\winlogon.exe
[2004-08-04 00:44] - [2008-04-14 21:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 

C:\WINDOWS\system32\svchost.exe
[2004-08-04 00:44] - [2008-04-14 21:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce 

C:\WINDOWS\system32\services.exe
[2004-08-04 00:44] - [2008-04-14 21:51] - 0109056 ____A (Microsoft Corporation) 3e3ae424e27c4cefe4cab368c7b570ea 

C:\WINDOWS\system32\User32.dll
[2004-08-04 00:44] - [2008-04-14 21:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 

C:\WINDOWS\system32\userinit.exe
[2004-08-04 00:44] - [2008-04-14 21:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 

C:\WINDOWS\system32\rpcss.dll
[2004-08-04 00:44] - [2008-04-14 21:50] - 0399360 ____A (Microsoft Corporation) 02396dab9dd407b06539981f477f3fec 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2004-08-04 00:36] - [2008-04-14 20:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 


==================== End Of Log ============================