Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-01-2014
Ran by Agnieszka (administrator) on AGNIESZKA74 on 20-01-2014 08:38:21
Running from C:\Users\Agnieszka\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
(CyberLink Corp.) C:\Program Files (x86)\Hp\QuickPlay\QPService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-22] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-15] (Synaptics Incorporated)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QPService] - C:\Program Files (x86)\HP\QuickPlay\QPService.exe [468264 2009-06-23] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [320056 2009-06-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [3147384 2012-12-11] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Onet.pl AutoUpdate] - C:\Program Files (x86)\Common Files\Onet.pl\AutoUpdate.exe [260096 2005-07-27] (Onet.pl)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Java\jre7\bin\jusched.exe"
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKCU\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKCU\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449760 2013-10-31] (Sony)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1815464 2014-01-07] (Valve Corporation)
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKU\Default\...\Policies\system: [WallpaperStyle] 2
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKU\Default User\...\Policies\system: [WallpaperStyle] 2
Startup: C:\Users\Agnieszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 3.6.lnk
ShortcutTarget: LibreOffice 3.6.lnk -> C:\Program Files (x86)\LibreOffice 3.6\program\quickstart.exe (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 198.153.192.50 198.153.194.50

FireFox:
========
FF ProfilePath: C:\Users\Agnieszka\AppData\Roaming\Mozilla\Firefox\Profiles\xzz54opq.default-1390202885975
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Agnieszka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Agnieszka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [764216 2013-06-14] (ABBYY Production LLC)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [5814904 2012-11-15] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [196664 2012-10-22] (AVG Technologies CZ, s.r.o.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1868432 2012-12-24] ()
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-10-07] (WildTangent)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-22] (IDT, Inc.)
S2 Update Jump Flip; "C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe" [x]

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-20 08:32 - 2014-01-20 08:34 - 00000000 ____D C:\AdwCleaner
2014-01-20 08:32 - 2014-01-20 08:32 - 01236282 _____ C:\Users\Agnieszka\Downloads\AdwCleaner.exe
2014-01-20 08:28 - 2014-01-20 08:28 - 00000000 ____D C:\Users\Agnieszka\Desktop\Stare dane programu Firefox
2014-01-20 08:27 - 2014-01-20 08:27 - 00000000 ____D C:\Users\Agnieszka\Desktop\FRST-OlderVersion
2014-01-16 13:05 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 13:05 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 13:05 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 13:05 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 13:05 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 13:05 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 13:05 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 13:05 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 13:05 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-16 08:46 - 2014-01-16 08:46 - 00000000 ____D C:\Users\Agnieszka\Desktop\SafeMSI.exe
2014-01-15 21:01 - 2014-01-20 08:38 - 00011324 _____ C:\Users\Agnieszka\Desktop\FRST.txt
2014-01-15 21:01 - 2014-01-20 08:27 - 00000000 ____D C:\FRST
2014-01-15 21:01 - 2014-01-15 21:02 - 00031839 _____ C:\Users\Agnieszka\Desktop\Addition.txt
2014-01-15 21:00 - 2014-01-20 08:27 - 02077184 _____ (Farbar) C:\Users\Agnieszka\Desktop\FRST64.exe
2014-01-15 20:03 - 2014-01-15 20:03 - 00090450 _____ C:\Users\Agnieszka\Desktop\Extras.Txt
2014-01-15 20:01 - 2014-01-15 20:01 - 00076694 _____ C:\Users\Agnieszka\Desktop\OTL.Txt
2014-01-15 19:51 - 2014-01-16 19:45 - 00602112 _____ (OldTimer Tools) C:\Users\Agnieszka\Desktop\OTL.exe
2014-01-15 19:21 - 2014-01-15 19:21 - 00000000 ____D C:\Users\Agnieszka\AppData\Local\Avg2013
2014-01-15 19:07 - 2014-01-15 19:07 - 00030012 _____ C:\ComboFix.txt
2014-01-15 18:55 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-15 18:55 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-15 18:55 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-15 18:55 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-15 18:55 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-15 18:55 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-15 18:55 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-15 18:55 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-15 18:41 - 2014-01-16 18:39 - 05167985 ____R (Swearware) C:\Users\Agnieszka\Desktop\ComboFix.exe
2014-01-15 14:34 - 2014-01-15 14:38 - 00000000 ____D C:\Users\Agnieszka\Desktop\shexview-x64
2014-01-08 14:28 - 2010-10-08 17:00 - 01786429 _____ C:\Users\Agnieszka\Desktop\Kaziu.WMA
2013-12-30 21:54 - 2013-12-30 22:27 - 00000000 ____D C:\Users\Agnieszka\Documents\18 WoS Haulin
2013-12-30 20:18 - 2013-12-30 20:46 - 00000000 ____D C:\ProgramData\HipSoft
2013-12-27 16:38 - 2013-12-27 16:52 - 00000000 ____D C:\Users\Agnieszka\Desktop\Klendy koścół
2013-12-27 16:28 - 2013-12-27 16:28 - 00865059 _____ C:\Users\Agnieszka\Downloads\lame3.99.5-64(dobreprogramy.pl).zip
2013-12-27 16:25 - 2013-12-27 16:25 - 63600718 _____ C:\Users\Agnieszka\Desktop\Kolęda dla nieobecnych - p 0,5.wav
2013-12-27 16:22 - 2014-01-14 19:55 - 00002644 _____ C:\Users\Agnieszka\daemonprocess.txt
2013-12-27 16:22 - 2013-12-27 16:55 - 00000000 ____D C:\Users\Agnieszka\AppData\Roaming\Audacity
2013-12-27 16:22 - 2013-12-27 16:22 - 00000971 _____ C:\Users\Public\Desktop\Audacity.lnk
2013-12-27 16:22 - 2013-12-27 16:22 - 00000000 ____D C:\Users\Agnieszka\AppData\Local\cache
2013-12-27 16:22 - 2013-12-27 16:22 - 00000000 ____D C:\Users\Agnieszka\.android
2013-12-27 16:21 - 2013-12-27 16:22 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-12-27 16:19 - 2013-12-27 16:19 - 22180353 _____ (Audacity Team                                               ) C:\Users\Agnieszka\Downloads\audacity-win-2.0.5.exe
2013-12-21 16:11 - 2013-12-21 16:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-01-20 08:39 - 2014-01-15 21:01 - 00011324 _____ C:\Users\Agnieszka\Desktop\FRST.txt
2014-01-20 08:38 - 2013-10-30 20:38 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-20 08:37 - 2013-06-12 11:22 - 00146488 _____ C:\Windows\setupact.log
2014-01-20 08:37 - 2009-10-11 00:51 - 00000282 _____ C:\ProgramData\hpqp.ini
2014-01-20 08:35 - 2009-10-11 00:25 - 01840296 _____ C:\Windows\WindowsUpdate.log
2014-01-20 08:35 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-20 08:34 - 2014-01-20 08:32 - 00000000 ____D C:\AdwCleaner
2014-01-20 08:33 - 2009-09-06 00:03 - 00710794 _____ C:\Windows\system32\perfh015.dat
2014-01-20 08:33 - 2009-09-06 00:03 - 00139644 _____ C:\Windows\system32\perfc015.dat
2014-01-20 08:33 - 2009-07-14 06:13 - 01576452 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-20 08:32 - 2014-01-20 08:32 - 01236282 _____ C:\Users\Agnieszka\Downloads\AdwCleaner.exe
2014-01-20 08:31 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-20 08:31 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-20 08:28 - 2014-01-20 08:28 - 00000000 ____D C:\Users\Agnieszka\Desktop\Stare dane programu Firefox
2014-01-20 08:27 - 2014-01-20 08:27 - 00000000 ____D C:\Users\Agnieszka\Desktop\FRST-OlderVersion
2014-01-20 08:27 - 2014-01-15 21:01 - 00000000 ____D C:\FRST
2014-01-20 08:27 - 2014-01-15 21:00 - 02077184 _____ (Farbar) C:\Users\Agnieszka\Desktop\FRST64.exe
2014-01-20 08:24 - 2012-11-11 12:37 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-20 08:23 - 2013-06-12 11:22 - 00073014 _____ C:\Windows\PFRO.log
2014-01-20 08:23 - 2012-02-25 15:04 - 00000350 _____ C:\Windows\Tasks\HPCeeScheduleForAgnieszka.job
2014-01-19 22:41 - 2012-02-25 15:04 - 00003212 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAgnieszka
2014-01-19 22:41 - 2010-03-02 22:42 - 00000000 ____D C:\Users\Agnieszka
2014-01-19 22:40 - 2009-09-05 15:32 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-16 21:36 - 2009-07-14 05:45 - 00394424 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 21:28 - 2013-07-16 19:12 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 21:28 - 2010-03-09 14:10 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-16 21:16 - 2013-03-10 22:01 - 00000944 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1300177389-4011910773-4023719696-1000UA.job
2014-01-16 19:45 - 2014-01-15 19:51 - 00602112 _____ (OldTimer Tools) C:\Users\Agnieszka\Desktop\OTL.exe
2014-01-16 18:39 - 2014-01-15 18:41 - 05167985 ____R (Swearware) C:\Users\Agnieszka\Desktop\ComboFix.exe
2014-01-16 08:46 - 2014-01-16 08:46 - 00000000 ____D C:\Users\Agnieszka\Desktop\SafeMSI.exe
2014-01-16 08:25 - 2009-09-05 14:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-15 21:02 - 2014-01-15 21:01 - 00031839 _____ C:\Users\Agnieszka\Desktop\Addition.txt
2014-01-15 20:03 - 2014-01-15 20:03 - 00090450 _____ C:\Users\Agnieszka\Desktop\Extras.Txt
2014-01-15 20:01 - 2014-01-15 20:01 - 00076694 _____ C:\Users\Agnieszka\Desktop\OTL.Txt
2014-01-15 19:21 - 2014-01-15 19:21 - 00000000 ____D C:\Users\Agnieszka\AppData\Local\Avg2013
2014-01-15 19:21 - 2012-11-17 07:35 - 00000000 ____D C:\ProgramData\MFAData
2014-01-15 19:07 - 2014-01-15 19:07 - 00030012 _____ C:\ComboFix.txt
2014-01-15 19:07 - 2013-11-25 10:35 - 00000000 ____D C:\Qoobox
2014-01-15 19:04 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-15 18:54 - 2012-09-24 17:30 - 00002243 _____ C:\Windows\epplauncher.mif
2014-01-15 17:57 - 2010-03-11 15:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2014-01-15 17:48 - 2013-12-14 05:33 - 00000000 ____D C:\ProgramData\Recovery
2014-01-15 14:38 - 2014-01-15 14:34 - 00000000 ____D C:\Users\Agnieszka\Desktop\shexview-x64
2014-01-14 19:55 - 2013-12-27 16:22 - 00002644 _____ C:\Users\Agnieszka\daemonprocess.txt
2014-01-14 12:15 - 2013-03-10 22:01 - 00000922 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1300177389-4011910773-4023719696-1000Core.job
2014-01-12 16:28 - 2013-11-02 14:44 - 00000000 ___RD C:\Users\Agnieszka\Desktop\Mateusz
2014-01-12 16:28 - 2010-03-03 13:56 - 00000000 ____D C:\Users\Agnieszka\AppData\Local\QuickPlay
2014-01-12 16:28 - 2009-10-11 10:13 - 00000000 ___RD C:\Users\Public\Recorded TV
2014-01-12 16:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2014-01-10 16:01 - 2013-11-02 15:38 - 00000000 ____D C:\Users\Agnieszka\Desktop\Babcia
2014-01-08 18:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-30 22:27 - 2013-12-30 21:54 - 00000000 ____D C:\Users\Agnieszka\Documents\18 WoS Haulin
2013-12-30 22:05 - 2009-09-05 14:42 - 00000000 ____D C:\ProgramData\WildTangent
2013-12-30 20:46 - 2013-12-30 20:18 - 00000000 ____D C:\ProgramData\HipSoft
2013-12-30 20:43 - 2013-12-03 16:29 - 00000000 ____D C:\Users\Agnieszka\Desktop\Gosia podkłady
2013-12-27 16:55 - 2013-12-27 16:22 - 00000000 ____D C:\Users\Agnieszka\AppData\Roaming\Audacity
2013-12-27 16:52 - 2013-12-27 16:38 - 00000000 ____D C:\Users\Agnieszka\Desktop\Klendy koścół
2013-12-27 16:45 - 2013-12-02 10:06 - 00000000 ____D C:\Users\Agnieszka\Desktop\muzyka świateczna
2013-12-27 16:28 - 2013-12-27 16:28 - 00865059 _____ C:\Users\Agnieszka\Downloads\lame3.99.5-64(dobreprogramy.pl).zip
2013-12-27 16:25 - 2013-12-27 16:25 - 63600718 _____ C:\Users\Agnieszka\Desktop\Kolęda dla nieobecnych - p 0,5.wav
2013-12-27 16:22 - 2013-12-27 16:22 - 00000971 _____ C:\Users\Public\Desktop\Audacity.lnk
2013-12-27 16:22 - 2013-12-27 16:22 - 00000000 ____D C:\Users\Agnieszka\AppData\Local\cache
2013-12-27 16:22 - 2013-12-27 16:22 - 00000000 ____D C:\Users\Agnieszka\.android
2013-12-27 16:22 - 2013-12-27 16:21 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-12-27 16:19 - 2013-12-27 16:19 - 22180353 _____ (Audacity Team                                               ) C:\Users\Agnieszka\Downloads\audacity-win-2.0.5.exe
2013-12-22 12:00 - 2012-05-29 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-21 20:41 - 2013-11-14 22:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-12-21 16:12 - 2013-12-21 16:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

Some content of TEMP:
====================
C:\Users\Agnieszka\AppData\Local\Temp\Quarantine.exe
C:\Users\Agnieszka\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-09 15:57

==================== End Of Log ============================