Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-05-2014
Ran by POMOST (administrator) on KSIEGOWY on 18-05-2014 15:10:13
Running from C:\Documents and Settings\POMOST\Moje dokumenty\Pobieranie
Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgemcx.exe
( ) C:\WINDOWS\system32\lmabcoms.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL$SJOBESTIASQL\Binn\sqlservr.exe
() C:\Program Files\CDBurnerXP\NMSAccessU.exe
(O2Micro International) C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
(Panasonic System Networks Co., Ltd.) C:\PROGRA~1\PANASO~1\LocalCom\LMSRVNT.EXE
(Panasonic) C:\Program Files\Panasonic\TrapMonitor\Trapmnnt.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgidsagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL$SJOBESTIASQL\Binn\sqlagent.EXE
(TOSHIBA Inc.) C:\Program Files\TOSHIBA\Windows Utilities\Hotkey.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Chicony) C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
(Panasonic System Networks Co., Ltd.) C:\Program Files\Panasonic\Device Monitor\DMWakeup.exe
(Unizeto Technologies SA) C:\Program Files\Unizeto\proCertum CardManager\cryptoCertumScanner.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
() C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcsrvx.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Toshiba Hotkey Utility] => C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe [1773568 2008-05-09] (TOSHIBA Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1024000 2007-11-29] (Synaptics, Inc.)
HKLM\...\Run: [Camera Assistant Software] => C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [413696 2007-10-25] (Chicony)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Panasonic Device Monitor Wakeup] => C:\Program Files\Panasonic\Device Monitor\dmwakeup.exe [413696 2010-01-09] (Panasonic System Networks Co., Ltd.)
HKLM\...\Run: [AutoRegisterCerts] => C:\Program Files\Unizeto\proCertum CardManager\cryptoCertumScanner.exe [154624 2013-08-26] (Unizeto Technologies SA)
HKLM\...\Run: [AVG_TRAY] => C:\Program Files\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [413696 2009-05-26] (Apple Inc.)
Winlogon\Notify\WgaLogon: WgaLogon.dll [X]
HKU\S-1-5-21-823518204-1229272821-1417001333-1003\...\Run: [TOSCDSPD] => C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [65536 2005-04-12] (TOSHIBA)
HKU\S-1-5-21-823518204-1229272821-1417001333-1003\...\Run: [Google Update] => C:\Documents and Settings\POMOST\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [136176 2012-02-07] (Google Inc.)
HKU\S-1-5-21-823518204-1229272821-1417001333-1003\...\MountPoints2: {131fdc78-4219-11df-a93a-001e686ef4c7} - F:\AutoRun.exe
HKU\S-1-5-21-823518204-1229272821-1417001333-1003\...\MountPoints2: {42aa9bfa-c21f-11df-a9bd-001e686ef4c7} - F:\d9c.bat
HKU\S-1-5-21-823518204-1229272821-1417001333-1003\...\MountPoints2: {54fc08c0-3bbf-11df-a92c-001e686ef4c7} - F:\mi9al8rs.exe
HKU\S-1-5-21-823518204-1229272821-1417001333-1003\...\MountPoints2: {62f07c96-5748-11df-a957-001e686ef4c7} - F:\yudald.bat
HKU\S-1-5-21-823518204-1229272821-1417001333-1003\...\MountPoints2: {789873d8-4216-11df-a936-001e686ef4c7} - F:\AutoRun.exe
HKU\S-1-5-21-823518204-1229272821-1417001333-1003\...\MountPoints2: {789873dc-4216-11df-a936-001e686ef4c7} - F:\AutoRun.exe
HKU\S-1-5-21-823518204-1229272821-1417001333-1003\...\MountPoints2: {ad1ddfa9-5d8c-11df-a95e-001e686ef4c7} - F:\12gn6id2.exe
HKU\S-1-5-21-823518204-1229272821-1417001333-1003\...\MountPoints2: {e670acaf-3342-11df-a915-cd392ea6461e} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe
HKU\S-1-5-21-823518204-1229272821-1417001333-1003\...\MountPoints2: {ff584871-fea6-11df-a9f5-001e686ef4c7} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Service Manager.lnk
ShortcutTarget: Service Manager.lnk -> C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {8241CB3B-1E83-4A9E-AE5B-6D2E4DB01A53} URL = http://startsear.ch/?aff=1&src=sp&cf=0affc9ba-14de-11e1-ab34-001e686ef4c7&q={searchTerms}
SearchScopes: HKCU - {2E14D921-A49A-4D65-B36F-5F8F751815B2} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=EA7AC7C1-744D-4B38-B871-88207B6FA02C&apn_sauid=14C8EC48-69F1-4DD5-A62D-FEF67759E8F2
SearchScopes: HKCU - {3144968B-AF1C-4518-A810-68276614AAE0} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=616163&p={searchTerms}
SearchScopes: HKCU - {5A0EF2D3-6570-4DE9-B339-5036FEC451EA} URL = http://www.google.com/search?hl=pl&q={searchTerms}
SearchScopes: HKCU - {8241CB3B-1E83-4A9E-AE5B-6D2E4DB01A53} URL = http://startsear.ch/?aff=1&src=sp&cf=0affc9ba-14de-11e1-ab34-001e686ef4c7&q={searchTerms}
SearchScopes: HKCU - {B209833B-A999-4451-BAA5-079AB928C494} URL = http://search.avg.com/route/?d=4ba33b22&v=6.10.6.4&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Tcpip\Parameters: [DhcpNameServer] 10.0.0.2

FireFox:
========
FF ProfilePath: C:\Documents and Settings\POMOST\Dane aplikacji\Mozilla\Firefox\Profiles\3fj7nxmh.default-1399440330500
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\POMOST\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\POMOST\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: ArcaBit Ext. - C:\Program Files\Mozilla Firefox\extensions\arcabit@www.arcabit.pl [2014-04-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-04-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-04-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-04-30]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\
FF Extension: AVG Do Not Track - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ []

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\POMOST\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\POMOST\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\POMOST\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\34.0.1847.131\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Documents and Settings\POMOST\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\POMOST\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Wallet) - C:\Documents and Settings\POMOST\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\POMOST\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\avgidsagent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
S2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136192 2010-03-03] (HP)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-14] (Oracle Corporation)
R2 lmab_device; C:\WINDOWS\system32\LMabcoms.exe [593920 2009-09-06] ( )
R2 MSSQL$SJOBESTIASQL; C:\Program Files\Microsoft SQL Server\MSSQL$SJOBESTIASQL\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation)
S3 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation)
R2 NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()
R2 o2flash; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [65536 2007-02-12] (O2Micro International)
R2 Panasonic Local Printer Service; C:\Program Files\Panasonic\LocalCom\LMSRVNT.EXE [49152 2010-01-09] (Panasonic System Networks Co., Ltd.)
R2 Panasonic Trap Monitor Service; C:\Program Files\Panasonic\TrapMonitor\Trapmnnt.exe [69632 2004-02-26] (Panasonic)
R2 SQLAgent$SJOBESTIASQL; C:\Program Files\Microsoft SQL Server\MSSQL$SJOBESTIASQL\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation)
S2 vToolbarUpdater18.1.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

S3 A38CCID; C:\WINDOWS\System32\DRIVERS\a38ccid.sys [38016 2009-12-16] (Advanced Card Systems Ltd.)
S3 ACSSCR; C:\WINDOWS\System32\DRIVERS\a38usb.sys [37632 2009-12-15] (Advanced Card Systems Ltd)
R3 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [142176 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\WINDOWS\System32\DRIVERS\avgidsfilterx.sys [24144 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [17232 2011-12-23] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [250080 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [41040 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [31952 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [302368 2013-04-11] (AVG Technologies CZ, s.r.o.)
R3 BoiHwsetup; C:\WINDOWS\System32\drivers\BoiHwSetup.sys [5504 2005-06-10] (Quanta Computer Corp)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 CnxtHdAudAddService; C:\WINDOWS\System32\drivers\CHDAud.sys [732160 2008-02-01] (Conexant Systems Inc.)
S3 GT680xNT; C:\WINDOWS\System32\drivers\gt680x.sys [17932 2012-03-21] (   )
S3 HPFXBULK; C:\WINDOWS\System32\drivers\hpfxbulk.sys [17432 2010-05-18] (Hewlett Packard)
S3 HPFXFAX; C:\WINDOWS\System32\drivers\hpfxfax.sys [20504 2007-07-16] (Hewlett Packard)
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [211456 2007-11-01] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [989696 2007-11-01] (Conexant Systems, Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [3636864 2008-11-17] (Intel Corporation)
S3 nm; C:\WINDOWS\System32\DRIVERS\NMnt.sys [40320 2008-04-15] (Microsoft Corporation)
R3 QIOMem; C:\WINDOWS\System32\DRIVERS\QIOMem.sys [6912 2007-05-29] (TOSHIBA)
R3 qkbfiltr; C:\WINDOWS\System32\drivers\qkbfiltr.sys [31872 2006-01-12] (Quanta Computer, Inc.)
R3 qmofiltr; C:\WINDOWS\System32\drivers\qmofiltr.sys [7936 2005-05-05] (Quanta Computer, Inc.)
R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5504 2009-11-12] ()
R3 UVCFTR; C:\WINDOWS\System32\Drivers\UVCFTR_S.SYS [18432 2007-12-17] (Chicony Electronics Co., Ltd.)
S1 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [31872 2008-04-14] (Microsoft Corporation)
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [285952 2007-12-28] (Marvell)
S1 avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys [X]
U5 BTHPORT; C:\Windows\System32\Drivers\BTHPORT.sys [273024 2008-06-14] (Microsoft Corporation)
U2 CertPropSvc; 
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S4 IntelIde; No ImagePath
S3 IRENUM; system32\DRIVERS\irenum.sys [X]
U1 WS2IFSL; 
U3 fxtdqpow; \??\C:\DOCUME~1\POMOST\USTAWI~1\Temp\fxtdqpow.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-18 15:09 - 2014-05-18 15:10 - 00000000 ____D () C:\FRST
2014-05-18 15:06 - 2014-05-18 15:06 - 00080374 _____ () C:\Documents and Settings\POMOST\Pulpit\OTL.Txt
2014-05-18 15:06 - 2014-05-18 15:06 - 00051080 _____ () C:\Documents and Settings\POMOST\Pulpit\Extras.Txt
2014-05-18 14:19 - 2014-05-18 15:00 - 00004803 _____ () C:\Documents and Settings\POMOST\Pulpit\GMER.txt
2014-05-18 14:03 - 2014-05-18 12:59 - 01325827 _____ () C:\Documents and Settings\POMOST\Pulpit\AdwCleaner.exe
2014-05-18 13:15 - 2014-05-18 13:16 - 00000000 ____D () C:\AdwCleaner
2014-05-18 13:09 - 2014-05-18 14:02 - 00031726 _____ () C:\WINDOWS\setupapi.log
2014-05-18 12:53 - 2014-05-18 13:40 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-05-18 12:53 - 2014-05-18 13:40 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-05-18 12:53 - 2014-05-18 13:38 - 00011376 _____ () C:\WINDOWS\SchedLgU.Txt
2014-05-18 12:53 - 2014-05-18 12:53 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-05-18 12:51 - 2014-05-18 14:09 - 00032236 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-18 12:45 - 2014-05-18 12:51 - 00000188 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-05-18 12:45 - 2010-03-19 12:25 - 00001599 _____ () C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk
2014-05-18 12:45 - 2010-03-19 12:25 - 00000788 _____ () C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk
2014-05-18 12:44 - 2014-05-18 12:47 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-05-18 12:44 - 2010-03-22 10:23 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji
2014-05-18 12:44 - 2010-03-22 10:23 - 00000000 ____D () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft Help
2014-05-18 12:44 - 2010-03-19 13:13 - 00000000 __RHD () C:\Documents and Settings\Administrator\Dane aplikacji
2014-05-18 12:44 - 2010-03-19 13:13 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart
2014-05-18 12:44 - 2010-03-19 13:13 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start
2014-05-18 12:44 - 2010-03-19 13:13 - 00000000 ___HD () C:\Documents and Settings\Administrator\Ustawienia lokalne
2014-05-18 12:44 - 2010-03-19 13:13 - 00000000 ____D () C:\Documents and Settings\Administrator\Ulubione
2014-05-18 12:44 - 2010-03-19 13:13 - 00000000 ____D () C:\Documents and Settings\Administrator\Pulpit
2014-05-18 12:44 - 2010-03-19 13:13 - 00000000 ____D () C:\Documents and Settings\Administrator\Moje dokumenty
2014-05-18 12:44 - 2010-03-19 12:25 - 00000000 __SHD () C:\Documents and Settings\Administrator\Ustawienia lokalne\Historia
2014-05-18 12:44 - 2010-03-19 12:25 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache
2014-05-18 12:44 - 2010-03-19 12:25 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria
2014-05-18 12:44 - 2010-03-19 12:25 - 00000000 ___RD () C:\Documents and Settings\Administrator\Menu Start\Programy
2014-05-18 12:44 - 2010-03-19 12:21 - 00000000 ___HD () C:\Documents and Settings\Administrator\Szablony
2014-05-15 09:50 - 2014-05-15 09:50 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-15 09:17 - 2014-05-15 15:11 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2014-05-15 09:16 - 2014-05-15 09:16 - 00000000 ____D () C:\Documents and Settings\POMOST\Ustawienia lokalne\Dane aplikacji\AVG
2014-05-15 09:16 - 2014-05-15 09:16 - 00000000 ____D () C:\Documents and Settings\POMOST\Dane aplikacji\AVG
2014-05-15 09:12 - 2014-05-15 09:20 - 00000000 __SHD () C:\Documents and Settings\All Users\Dane aplikacji\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-05-15 09:12 - 2014-05-15 09:17 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\AVG
2014-05-09 10:04 - 2014-05-09 10:05 - 215315968 _____ () C:\IKwartał2014.bak
2014-05-09 07:15 - 2014-05-18 13:34 - 00017408 _____ () C:\WINDOWS\system32\rpcnetp.exe
2014-04-30 13:12 - 2014-04-30 13:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-29 11:08 - 2014-04-29 11:08 - 00013641 _____ () C:\Documents and Settings\POMOST\Moje dokumenty\wykresy sprawozdanie roczne.xlsx
2014-04-28 09:17 - 2014-04-28 09:17 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Java
2014-04-28 09:17 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-04-28 09:17 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-04-28 09:17 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-04-28 09:17 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-04-28 09:17 - 2014-04-14 19:47 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-04-28 09:16 - 2014-04-28 09:17 - 00004088 _____ () C:\WINDOWS\system32\jupdate-1.7.0_55-b14.log
2014-04-24 14:48 - 2014-04-24 14:48 - 00009423 _____ () C:\Documents and Settings\POMOST\Moje dokumenty\Zeszyt1.xlsx

==================== One Month Modified Files and Folders =======

2014-05-18 15:10 - 2014-05-18 15:09 - 00000000 ____D () C:\FRST
2014-05-18 15:10 - 2010-03-30 09:34 - 00000464 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{06A6553D-F4A8-4F61-8A56-055C027EF9FB}.job
2014-05-18 15:10 - 2010-03-19 13:11 - 00000000 ____D () C:\Documents and Settings\POMOST\Moje dokumenty\Pobieranie
2014-05-18 15:08 - 2010-03-19 12:33 - 00000000 ____D () C:\Documents and Settings\POMOST\Pulpit
2014-05-18 15:06 - 2014-05-18 15:06 - 00080374 _____ () C:\Documents and Settings\POMOST\Pulpit\OTL.Txt
2014-05-18 15:06 - 2014-05-18 15:06 - 00051080 _____ () C:\Documents and Settings\POMOST\Pulpit\Extras.Txt
2014-05-18 15:00 - 2014-05-18 14:19 - 00004803 _____ () C:\Documents and Settings\POMOST\Pulpit\GMER.txt
2014-05-18 14:58 - 2012-04-18 07:29 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-18 14:50 - 2012-02-07 13:20 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1229272821-1417001333-1003UA.job
2014-05-18 14:22 - 2014-04-15 07:05 - 00000000 ____D () C:\WINDOWS\system32\Drivers\AVG
2014-05-18 14:09 - 2014-05-18 12:51 - 00032236 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-18 14:02 - 2014-05-18 13:09 - 00031726 _____ () C:\WINDOWS\setupapi.log
2014-05-18 13:40 - 2014-05-18 12:53 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-05-18 13:40 - 2014-05-18 12:53 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-05-18 13:39 - 2014-03-28 10:07 - 00000224 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job
2014-05-18 13:39 - 2010-03-19 12:27 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-18 13:38 - 2014-05-18 12:53 - 00011376 _____ () C:\WINDOWS\SchedLgU.Txt
2014-05-18 13:38 - 2010-03-19 12:33 - 00000188 ___SH () C:\Documents and Settings\POMOST\ntuser.ini
2014-05-18 13:35 - 2014-01-15 08:13 - 00017408 _____ () C:\WINDOWS\system32\rpcnetp.dll
2014-05-18 13:34 - 2014-05-09 07:15 - 00017408 _____ () C:\WINDOWS\system32\rpcnetp.exe
2014-05-18 13:32 - 2010-03-19 12:33 - 00000000 ____D () C:\Documents and Settings\POMOST
2014-05-18 13:16 - 2014-05-18 13:15 - 00000000 ____D () C:\AdwCleaner
2014-05-18 13:16 - 2010-03-19 13:13 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji
2014-05-18 13:16 - 2010-03-19 12:33 - 00000000 __RHD () C:\Documents and Settings\POMOST\Dane aplikacji
2014-05-18 13:16 - 2010-03-19 12:33 - 00000000 ___HD () C:\Documents and Settings\POMOST\Ustawienia lokalne\Dane aplikacji
2014-05-18 12:59 - 2014-05-18 14:03 - 01325827 _____ () C:\Documents and Settings\POMOST\Pulpit\AdwCleaner.exe
2014-05-18 12:53 - 2014-05-18 12:53 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-05-18 12:51 - 2014-05-18 12:45 - 00000188 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-05-18 12:49 - 2010-12-21 15:05 - 00000000 ____D () C:\WINDOWS\pss
2014-05-18 12:49 - 2010-03-19 13:13 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
2014-05-18 12:47 - 2014-05-18 12:44 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-05-18 12:30 - 2008-04-15 14:00 - 00002278 _____ () C:\WINDOWS\system32\wpa.dbl
2014-05-16 14:31 - 2012-08-07 11:54 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\firebird
2014-05-16 14:27 - 2010-03-19 13:00 - 00043008 _____ (Absolute Software Corp.) C:\WINDOWS\system32\agremove.exe
2014-05-16 14:17 - 2008-04-15 14:00 - 00001007 _____ () C:\WINDOWS\win.ini
2014-05-16 12:53 - 2012-02-07 13:21 - 00002317 _____ () C:\Documents and Settings\POMOST\Pulpit\Google Chrome.lnk
2014-05-16 12:49 - 2012-02-07 13:20 - 00001084 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1229272821-1417001333-1003Core.job
2014-05-15 15:11 - 2014-05-15 09:17 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2014-05-15 13:33 - 2010-03-19 12:33 - 00000000 ___RD () C:\Documents and Settings\POMOST\Moje dokumenty
2014-05-15 12:32 - 2010-03-19 13:13 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy
2014-05-15 12:32 - 2010-03-19 13:13 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2014-05-15 11:58 - 2011-11-04 13:49 - 00000000 ____D () C:\Program Files\SJOBestia
2014-05-15 11:51 - 2012-08-28 07:15 - 00002347 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader X.lnk
2014-05-15 11:07 - 2010-03-29 15:11 - 00000000 ____D () C:\WINDOWS\system32\LogFiles
2014-05-15 09:53 - 2013-08-14 15:17 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-15 09:53 - 2010-03-19 12:54 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2014-05-15 09:50 - 2014-05-15 09:50 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-15 09:50 - 2010-04-01 09:47 - 90547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-15 09:20 - 2014-05-15 09:12 - 00000000 __SHD () C:\Documents and Settings\All Users\Dane aplikacji\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-05-15 09:20 - 2014-02-26 15:45 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\HomeNet
2014-05-15 09:20 - 2010-03-19 13:14 - 00000000 ____D () C:\Documents and Settings\POMOST\Pulpit\Sterowniki
2014-05-15 09:20 - 2010-03-19 12:33 - 00000000 ___RD () C:\Documents and Settings\POMOST\Menu Start\Programy
2014-05-15 09:20 - 2010-03-19 12:33 - 00000000 ___RD () C:\Documents and Settings\POMOST\Menu Start
2014-05-15 09:17 - 2014-05-15 09:12 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\AVG
2014-05-15 09:16 - 2014-05-15 09:16 - 00000000 ____D () C:\Documents and Settings\POMOST\Ustawienia lokalne\Dane aplikacji\AVG
2014-05-15 09:16 - 2014-05-15 09:16 - 00000000 ____D () C:\Documents and Settings\POMOST\Dane aplikacji\AVG
2014-05-15 09:14 - 2010-03-19 12:46 - 00000000 ____D () C:\Program Files\AVG
2014-05-14 15:10 - 2012-03-21 11:52 - 00000016 _____ () C:\WINDOWS\SCNDRVU.INI
2014-05-14 15:10 - 2010-03-19 13:07 - 00000000 ____D () C:\WINDOWS\twain_32
2014-05-14 12:58 - 2012-04-18 07:29 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-05-14 12:58 - 2012-01-20 09:17 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-05-09 10:05 - 2014-05-09 10:04 - 215315968 _____ () C:\IKwartał2014.bak
2014-05-09 07:16 - 2014-04-15 07:05 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\AVG2012
2014-05-08 15:00 - 2014-03-28 10:07 - 00000218 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job
2014-05-08 14:05 - 2010-03-19 13:14 - 00000000 ____D () C:\Documents and Settings\POMOST\Pulpit\ośrodkowe
2014-05-07 15:01 - 2010-03-19 13:12 - 00000000 ____D () C:\Documents and Settings\POMOST\Pulpit\dot projektu
2014-05-07 13:09 - 2010-06-02 08:35 - 00023083 _____ () C:\Documents and Settings\POMOST\Moje dokumenty\pk.xlsx
2014-05-07 06:52 - 2010-03-19 13:12 - 00358544 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-06 11:22 - 2010-03-19 11:28 - 00089040 _____ () C:\Documents and Settings\POMOST\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2014-05-06 07:37 - 2010-03-19 12:04 - 00000000 ____D () C:\Program Files\HP
2014-05-06 07:31 - 2010-12-03 11:59 - 00000000 ____D () C:\Program Files\Lexmark
2014-05-06 07:31 - 2010-12-03 11:59 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Lexmark
2014-05-06 07:31 - 2010-12-03 11:58 - 00008414 _____ () C:\WINDOWS\system32\LexFiles.ulf
2014-05-06 07:30 - 2012-06-25 12:04 - 00004865 _____ () C:\Documents and Settings\All Users\lmab.log
2014-05-06 07:30 - 2010-12-03 11:59 - 00000000 ____D () C:\Program Files\Lexmark_HostCD
2014-05-05 15:14 - 2014-01-22 15:44 - 00651192 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
2014-05-05 15:14 - 2010-03-19 13:27 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-05-05 15:14 - 2010-03-19 12:27 - 00000000 ___HD () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji
2014-05-05 14:45 - 2012-10-02 08:20 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-05 08:45 - 2014-01-02 09:01 - 00000396 _____ () C:\WINDOWS\KmPcFax.INI
2014-05-05 07:31 - 2011-04-15 10:00 - 00221035 _____ () C:\ADS_ERR.DBF
2014-05-05 07:00 - 2014-04-10 12:48 - 00004297 _____ () C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log
2014-05-05 07:00 - 2012-01-05 09:22 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-05-05 06:57 - 2014-04-10 12:52 - 00000121 _____ () C:\WINDOWS\system32\msiexec.log
2014-04-30 13:12 - 2014-04-30 13:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-30 10:12 - 2010-03-19 13:15 - 06022144 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-04-30 10:12 - 2009-06-30 21:54 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-29 15:01 - 2012-01-02 09:07 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Fakt
2014-04-29 11:08 - 2014-04-29 11:08 - 00013641 _____ () C:\Documents and Settings\POMOST\Moje dokumenty\wykresy sprawozdanie roczne.xlsx
2014-04-28 09:17 - 2014-04-28 09:17 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Java
2014-04-28 09:17 - 2014-04-28 09:16 - 00004088 _____ () C:\WINDOWS\system32\jupdate-1.7.0_55-b14.log
2014-04-28 09:17 - 2013-07-01 07:09 - 00000000 ____D () C:\Program Files\Java
2014-04-28 09:16 - 2014-04-11 07:07 - 00006276 _____ () C:\WINDOWS\system32\PerfStringBackup.TMP
2014-04-28 09:16 - 2008-04-15 14:00 - 00644332 _____ () C:\WINDOWS\system32\perfh015.dat
2014-04-28 09:16 - 2008-04-15 14:00 - 00139596 _____ () C:\WINDOWS\system32\perfc015.dat
2014-04-28 09:09 - 2014-02-28 09:54 - 00013241 _____ () C:\Documents and Settings\POMOST\Moje dokumenty\racunek do umowy zlecenie asystent.xlsx
2014-04-25 11:40 - 2010-03-19 13:11 - 00000000 ____D () C:\Documents and Settings\POMOST\Moje dokumenty\Dokumenty AFi
2014-04-24 14:48 - 2014-04-24 14:48 - 00009423 _____ () C:\Documents and Settings\POMOST\Moje dokumenty\Zeszyt1.xlsx
2014-04-22 11:14 - 2013-02-01 10:38 - 00011828 _____ () C:\Documents and Settings\POMOST\Pulpit\dekretacja.odt
2014-04-18 07:32 - 2012-01-10 11:16 - 00000000 ____D () C:\PIT Format 2011

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2008-04-15 14:00] - [2008-04-15 14:00] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a 

C:\WINDOWS\system32\winlogon.exe
[2008-04-15 14:00] - [2008-04-15 14:00] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 

C:\WINDOWS\system32\svchost.exe
[2008-04-15 14:00] - [2008-04-15 14:00] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce 

C:\WINDOWS\system32\services.exe
[2008-04-15 14:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f 

C:\WINDOWS\system32\User32.dll
[2008-04-15 14:00] - [2008-04-15 14:00] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 

C:\WINDOWS\system32\userinit.exe
[2008-04-15 14:00] - [2008-04-15 14:00] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 

C:\WINDOWS\system32\rpcss.dll
[2008-04-15 14:00] - [2009-02-09 12:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2008-04-15 14:00] - [2008-04-15 14:00] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 


==================== End Of Log ============================