Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-08-2013 01
Ran by Slawk (administrator) on 27-08-2013 16:57:50
Running from F:\
Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\WINDOWS\system32\WgaTray.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
(adi) C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe [77824 2005-09-20] (Intel Corporation)
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation)
HKLM\...\Run: [SetRefresh] - C:\Program Files\COMPAQ\SetRefresh\\SetRefresh.exe [525824 2003-11-20] (Hewlett-Packard Company)
HKLM\...\Run: [Smapp] - C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [143360 2003-05-05] (Analog Devices, Inc.)
HKLM\...\Run: [DrvLsnr] - C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe [69632 2003-05-08] (adi)
HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [7700480 2006-10-22] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [86016 2006-10-22] (NVIDIA Corporation)
HKLM\...\Run: [EaseUS EPM tray] - C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [x]
HKLM\...\Run: [nwiz] - nwiz.exe /install [x]
HKLM\...\Runonce: [] -  [x]
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKCU\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32 [x]
HKU\Default User\...\RunOnce: [nltide_3] - C:\Windows\System32\advpack.dll [ 2009-03-08] (Microsoft Corporation)
HKU\Default User.WINDOWS\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32 [x]
HKU\Default User.WINDOWS\...\RunOnce: [nltide_3] - C:\Windows\System32\advpack.dll [ 2009-03-08] (Microsoft Corporation)
HKU\LocalService\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32 [x]
HKU\LocalService\...\RunOnce: [nltide_3] - C:\Windows\System32\advpack.dll [ 2009-03-08] (Microsoft Corporation)
HKU\NetworkService\...\RunOnce: [nltide_2] - regsvr32 /s /n /i:U shell32 [x]
HKU\NetworkService\...\RunOnce: [nltide_3] - C:\Windows\System32\advpack.dll [ 2009-03-08] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1297984098345
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Handler: ipp - No CLSID Value - 
Handler: msdaipp - No CLSID Value - 
Tcpip\Parameters: [DhcpNameServer] 217.172.224.170 89.231.1.206

========================== Services (Whitelisted) =================

R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.)
S3 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
R3 b57w2k; C:\Windows\System32\DRIVERS\b57xp32.sys [176640 2008-07-25] (Broadcom Corporation)
S3 Blfp; C:\Windows\System32\DRIVERS\baspxp32.sys [98816 2008-06-06] (Broadcom Corporation)
S3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [1302332 2005-09-20] (Intel Corporation)
R0 Si3112; C:\Windows\System32\Drivers\Si3112.sys [62208 2008-05-02] (Silicon Image, Inc.)
S4 IntelIde; No ImagePath
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-27 16:56 - 2013-08-27 16:56 - 00003974 _____ C:\UsbFix [Listing 1 ] SLAWEK.txt
2013-08-27 16:56 - 2013-08-27 16:56 - 00000000 ____D C:\UsbFix
2013-08-27 16:52 - 2013-08-27 16:53 - 00000000 ____D C:\AdwCleaner
2013-08-27 16:52 - 2013-08-27 16:52 - 00994642 _____ C:\Documents and Settings\Slawk\Pulpit\AdwCleaner.exe
2013-08-27 16:35 - 2013-08-27 16:41 - 00003179 _____ C:\Documents and Settings\Slawk\Pulpit\fixlist.txt
2013-08-27 16:32 - 2013-08-27 16:32 - 00018106 _____ C:\Documents and Settings\Slawk\Pulpit\Peacefully-Hungry-162.zip
2013-08-27 16:27 - 2013-08-27 16:27 - 00001485 _____ C:\Documents and Settings\Slawk\Pulpit\Peacefully Hungry 1.4.6.zip
2013-08-27 13:50 - 2013-08-27 16:44 - 00000000 ____D C:\FRST
2013-08-23 12:01 - 2013-08-23 12:01 - 00000000 _____ C:\WINDOWS\Sti_Trace.log
2013-08-23 11:20 - 2013-08-23 11:20 - 00773800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100.dll
2013-08-23 11:20 - 2013-08-23 11:20 - 00421032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp100.dll
2013-08-23 11:20 - 2013-08-23 11:20 - 00000000 ____D C:\User Data
2013-08-21 14:29 - 2013-08-21 14:29 - 00000000 ____D C:\WINDOWS\Sun
2013-08-21 14:29 - 2013-08-21 14:29 - 00000000 ____D C:\Program Files\SystemRequirementsLab
2013-08-21 13:47 - 2013-08-21 15:06 - 00000000 ____D C:\Documents and Settings\Slawk\Dane aplikacji\DAEMON Tools Lite
2013-08-21 13:44 - 2013-08-21 13:44 - 00039278 _____ C:\Documents and Settings\Slawk\.recently-used.xbel
2013-08-21 13:05 - 2013-08-21 13:05 - 00000000 ____D C:\Program Files\EaseUS
2013-08-19 13:47 - 2013-08-19 13:47 - 03145911 _____ (Franmo Software) D:\Dokumenty\Odkurzacz Portable 13.1.0.984.exe

==================== One Month Modified Files and Folders =======

2013-08-27 16:56 - 2013-08-27 16:56 - 01144645 _____ (El Desaparecido - SosVirus.net) C:\Documents and Settings\Slawk\Pulpit\usbfix0.exe
2013-08-27 16:56 - 2013-08-27 16:56 - 00003974 _____ C:\UsbFix [Listing 1 ] SLAWEK.txt
2013-08-27 16:56 - 2013-08-27 16:56 - 00000000 ____D C:\UsbFix
2013-08-27 16:56 - 2011-02-18 00:22 - 00000000 ____D C:\Documents and Settings\Slawk\Pulpit
2013-08-27 16:54 - 2011-09-10 17:55 - 00088566 _____ C:\WINDOWS\system32\nvapps.xml
2013-08-27 16:54 - 2011-02-18 00:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-08-27 16:54 - 2001-07-22 00:17 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-08-27 16:53 - 2013-08-27 16:52 - 00000000 ____D C:\AdwCleaner
2013-08-27 16:53 - 2011-02-18 01:08 - 00000000 __RHD C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji
2013-08-27 16:53 - 2011-02-18 00:22 - 00000739 _____ C:\Documents and Settings\Slawk\Pulpit\Internet Explorer.lnk
2013-08-27 16:53 - 2011-02-18 00:22 - 00000188 ___SH C:\Documents and Settings\Slawk\ntuser.ini
2013-08-27 16:53 - 2011-02-18 00:22 - 00000000 ___HD C:\DOCUME~1\Slawk\USTAWI~1\Dane aplikacji
2013-08-27 16:53 - 2011-02-18 00:22 - 00000000 ____D C:\Documents and Settings\Slawk
2013-08-27 16:53 - 2011-02-18 00:21 - 00032544 _____ C:\WINDOWS\SchedLgU.Txt
2013-08-27 16:53 - 2011-02-18 00:18 - 02068682 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-27 16:52 - 2013-08-27 16:52 - 00994642 _____ C:\Documents and Settings\Slawk\Pulpit\AdwCleaner.exe
2013-08-27 16:48 - 2011-02-18 00:22 - 00000000 ___RD C:\Documents and Settings\Slawk\Menu Start\Programy
2013-08-27 16:44 - 2013-08-27 13:50 - 00000000 ____D C:\FRST
2013-08-27 16:41 - 2013-08-27 16:35 - 00003179 _____ C:\Documents and Settings\Slawk\Pulpit\fixlist.txt
2013-08-27 16:33 - 2012-10-27 12:38 - 00000000 ____D C:\Documents and Settings\Slawk\Dane aplikacji\.minecraft
2013-08-27 16:32 - 2013-08-27 16:32 - 00018106 _____ C:\Documents and Settings\Slawk\Pulpit\Peacefully-Hungry-162.zip
2013-08-27 16:27 - 2013-08-27 16:27 - 00001485 _____ C:\Documents and Settings\Slawk\Pulpit\Peacefully Hungry 1.4.6.zip
2013-08-27 14:06 - 2011-02-18 00:15 - 00006908 _____ C:\WINDOWS\wmsetup.log
2013-08-27 13:51 - 2011-02-18 01:08 - 00000000 ___HD C:\Documents and Settings\Default User.WINDOWS
2013-08-27 13:42 - 2011-02-18 01:09 - 00764054 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-27 13:42 - 2011-02-18 01:08 - 00499788 _____ C:\WINDOWS\setupapi.log
2013-08-27 13:42 - 2001-10-26 18:15 - 00355830 _____ C:\WINDOWS\system32\perfh015.dat
2013-08-27 13:42 - 2001-10-26 18:15 - 00049712 _____ C:\WINDOWS\system32\perfc015.dat
2013-08-27 13:40 - 2013-03-12 22:04 - 00000462 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{B94306B0-CF77-4D61-B88D-97BC98CD9997}.job
2013-08-25 16:15 - 2011-02-18 01:12 - 00000216 _____ C:\WINDOWS\wiadebug.log
2013-08-25 12:18 - 2011-02-18 01:12 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-08-23 20:13 - 2011-02-18 01:08 - 00147608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-08-23 12:06 - 2004-08-26 11:57 - 00000000 ___RD D:\Dokumenty\Moje obrazy
2013-08-23 12:01 - 2013-08-23 12:01 - 00000000 _____ C:\WINDOWS\Sti_Trace.log
2013-08-23 11:20 - 2013-08-23 11:20 - 00773800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100.dll
2013-08-23 11:20 - 2013-08-23 11:20 - 00421032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp100.dll
2013-08-23 11:20 - 2013-08-23 11:20 - 00000000 ____D C:\User Data
2013-08-23 11:20 - 2011-02-18 00:22 - 00000000 __RHD C:\Documents and Settings\Slawk\Dane aplikacji
2013-08-22 15:55 - 2011-02-18 00:37 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-08-22 15:53 - 2013-05-07 21:59 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Pulpit
2013-08-21 15:08 - 2011-02-22 17:07 - 00000000 ____D C:\Program Files\EA GAMES
2013-08-21 15:06 - 2013-08-21 13:47 - 00000000 ____D C:\Documents and Settings\Slawk\Dane aplikacji\DAEMON Tools Lite
2013-08-21 14:29 - 2013-08-21 14:29 - 00000000 ____D C:\WINDOWS\Sun
2013-08-21 14:29 - 2013-08-21 14:29 - 00000000 ____D C:\Program Files\SystemRequirementsLab
2013-08-21 13:54 - 2013-01-20 16:18 - 00000000 ____D C:\Documents and Settings\Slawk\Dane aplikacji\Thinstall
2013-08-21 13:45 - 2012-03-03 15:30 - 00000000 ____D C:\Documents and Settings\Slawk\.gimp-2.6
2013-08-21 13:44 - 2013-08-21 13:44 - 00039278 _____ C:\Documents and Settings\Slawk\.recently-used.xbel
2013-08-21 13:37 - 2013-02-15 18:56 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.disable
2013-08-21 13:34 - 2012-08-09 19:46 - 00000000 ____D C:\Program Files\BFG
2013-08-21 13:05 - 2013-08-21 13:05 - 00000000 ____D C:\Program Files\EaseUS
2013-08-21 00:06 - 2012-03-03 15:45 - 00000000 ____D C:\Documents and Settings\Slawk\Dane aplikacji\gtk-2.0
2013-08-20 12:52 - 2011-02-22 21:05 - 00000000 ____D C:\Documents and Settings\Slawk\Pulpit\Moje rzeczy
2013-08-19 13:55 - 2011-02-11 01:15 - 00000000 ___RD C:\WINDOWS\Web
2013-08-19 13:55 - 2004-08-26 11:57 - 00000000 ___RD D:\Dokumenty\Moja muzyka
2013-08-19 13:50 - 2011-02-18 01:07 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2013-08-19 13:50 - 2011-02-12 00:08 - 00000000 ____D C:\WINDOWS\ie8updates
2013-08-19 13:50 - 2011-02-11 23:49 - 00000000 ____D C:\WINDOWS\ie7updates
2013-08-19 13:50 - 2011-02-11 23:08 - 00000000 ___HD C:\WINDOWS\$hf_mig$
2013-08-19 13:47 - 2013-08-19 13:47 - 03145911 _____ (Franmo Software) D:\Dokumenty\Odkurzacz Portable 13.1.0.984.exe

Files to move or delete:
====================
C:\DOCUME~1\Slawk\USTAWI~1\Temp\AutoRun.exe
C:\DOCUME~1\Slawk\USTAWI~1\Temp\AutoRunGUI.dll
C:\DOCUME~1\Slawk\USTAWI~1\Temp\drm_dialogs.dll
C:\DOCUME~1\Slawk\USTAWI~1\Temp\drm_dyndata_7380011.dll
C:\DOCUME~1\Slawk\USTAWI~1\Temp\Quarantine.exe
C:\DOCUME~1\Slawk\USTAWI~1\Temp\SRLDetectionLibrary526997814609290804.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-04-14 22:51] - [2008-04-14 22:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a 

C:\Windows\System32\winlogon.exe
[2008-04-14 22:51] - [2008-04-14 22:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 

C:\Windows\System32\svchost.exe
[2008-04-14 22:51] - [2008-04-14 22:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce 

C:\Windows\System32\services.exe
[2008-04-14 22:51] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f 

C:\Windows\System32\User32.dll
[2008-04-14 22:50] - [2008-04-14 22:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 

C:\Windows\System32\userinit.exe
[2008-04-14 22:51] - [2008-04-14 22:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 

C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 21:31] - [2008-04-14 21:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 


==================== End Of Log ============================