Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by anna (administrator) on XP on 05-04-2014 20:02:09
Running from C:\Documents and Settings\anna\Moje dokumenty\Downloads\Programs
Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTsvcCDA.exe
(Sony Ericsson Mobile Communications) C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe
(Sony Ericsson Mobile Communications) C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe
() C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe
(Creative Technology Ltd) C:\WINDOWS\CTHELPER.EXE
(Creative Technology Ltd) C:\WINDOWS\system32\CTXFIHLP.EXE
(Creative Technology Ltd.) C:\WINDOWS\V0420Mon.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
(Creative Technology Ltd) C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\update\realsched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(IVONA Software Sp. z o.o.) C:\Program Files\IVONA\IVONA ControlCenter\IVONA ControlCenter.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) c:\program files\teamviewer\version9\TeamViewer_Desktop.exe
(VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller\revouninstaller.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Farbar) C:\Documents and Settings\anna\Moje dokumenty\Downloads\Programs\FRST_2.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [VolPanel] - C:\Program Files\Creative\Volume Panel\VolPanlu.exe [233576 2008-08-06] (Creative Technology Ltd)
HKLM\...\Run: [CTHelper] - C:\WINDOWS\CTHELPER.EXE [17920 2006-05-24] (Creative Technology Ltd)
HKLM\...\Run: [CTxfiHlp] - C:\WINDOWS\SYSTEM32\CTXFIHLP.EXE [25600 2009-06-04] (Creative Technology Ltd)
HKLM\...\Run: [V0420Mon.exe] - C:\WINDOWS\V0420Mon.exe [32768 2007-04-30] (Creative Technology Ltd.)
HKLM\...\Run: [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [UpdateLBPShortCut] - C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [RemoteControl8] - C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [PDVD8LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [UpdatePPShortCut] - C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [15494464 2012-02-29] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\SYSTEM32\NvMCTray.dll [108352 2012-02-29] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1634112 2012-03-01] ()
HKLM\...\Run: [BluetoothAuthenticationAgent] - rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2516296 2010-03-25] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenuEx] - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-10-27] (RealNetworks, Inc.)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-1935655697-602162358-682003330-1004\...\Run: [ALLUpdate] - C:\Program Files\ALLPlayer\ALLUpdate.exe [3000680 2013-11-01] (ALLPlayer Group Ltd.)
HKU\S-1-5-21-1935655697-602162358-682003330-1004\...\Run: [AQQ] - C:\Program Files\WapSter\WapSter AQQ\AQQ.exe [8432128 2014-03-05] (AQQ Sp. z o.o.)
HKU\S-1-5-21-1935655697-602162358-682003330-1004\...\Run: [GG] - C:\Documents and Settings\anna\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe [4023360 2014-04-03] (GG Network S.A.)
HKU\S-1-5-21-1935655697-602162358-682003330-1004\...\Run: [IVONA ControlCenter] - C:\Program Files\IVONA\IVONA ControlCenter\IVONA ControlCenter.exe [2251128 2013-06-11] (IVONA Software Sp. z o.o.)
HKU\S-1-5-21-1935655697-602162358-682003330-1004\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1935655697-602162358-682003330-1004\...\Run: [IDMan] - C:\Program Files\Internet Download Manager\IDMan.exe [3829328 2014-03-18] (Tonec Inc.)
HKU\S-1-5-21-1935655697-602162358-682003330-1004\...\MountPoints2: {a4c994b5-aaf4-11e0-8fad-001e101f5507} - M:\AutoRun.exe
HKU\S-1-5-21-1935655697-602162358-682003330-1004\...\MountPoints2: {f867ae0a-59f2-11df-8e34-806d6172696f} - G:\Autorun.exe
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=153
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: IVONA Reader - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files\IVONA\IVONA Reader\integr\IR_iexplorer2.dll (IVONA Software Sp. z o.o.)
BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
Toolbar: HKLM - IVONA Reader - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files\IVONA\IVONA Reader\integr\IR_iexplorer2.dll (IVONA Software Sp. z o.o.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} http://176.109.163.26/WebClient.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Documents and Settings\anna\Dane aplikacji\Mozilla\Firefox\Profiles\v1o16a7s.default-1374781936062
FF Homepage: hxxp://www.gazeta.pl/0,0.html?p=153
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @ganymede/DOMINO,version=1.0 - C:\Program Files\Ganymede\Plugins\DOMINO\NPDOMINO.dll (Ganymede Technologies)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Iplex to ALLPlayer - C:\Documents and Settings\anna\Dane aplikacji\Mozilla\Firefox\Profiles\v1o16a7s.default-1374781936062\Extensions\IplextoALL@ALLPlayer.org.xpi [2013-11-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-07-25]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-10-27]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Documents and Settings\anna\Dane aplikacji\IDM\idmmzcc5
FF Extension: IDM CC - C:\Documents and Settings\anna\Dane aplikacji\IDM\idmmzcc5 [2014-04-05]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Documents and Settings\anna\Dane aplikacji\IDM\idmmzcc5
FF Extension: IDM CC - C:\Documents and Settings\anna\Dane aplikacji\IDM\idmmzcc5 [2014-04-05]

========================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd)
R2 EmmaDevMgmtSvc; C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe [306296 2010-04-27] (Sony Ericsson Mobile Communications)
R2 EmmaUpdMgmtSvc; C:\Program Files\Common Files\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe [162936 2010-04-27] (Sony Ericsson Mobile Communications)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [271760 2009-04-15] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1805624 2014-03-31] (AVG)
R2 UxTuneUp; C:\WINDOWS\System32\uxtuneup.dll [35640 2014-03-31] (AVG)

==================== Drivers (Whitelisted) ====================

R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43520 2006-06-19] (Advanced Micro Devices)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [120600 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [210712 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [149272 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [22808 2014-01-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [176952 2013-11-01] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [347080 2009-06-04] (Creative Technology Ltd)
R3 CXEAGLE; C:\WINDOWS\System32\DRIVERS\VMXVid.sys [272256 2008-06-02] (Compro Tech., Inc.)
S3 gdrv; C:\WINDOWS\gdrv.sys [15600 2009-11-17] (Windows (R) 2000 DDK provider)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-03-07] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-03-07] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-03-07] (HP)
R1 IDMTDI; C:\WINDOWS\System32\DRIVERS\idmtdi.sys [121184 2013-11-28] (Tonec Inc.)
S3 k510bus; C:\WINDOWS\System32\DRIVERS\k510bus.sys [58288 2010-09-29] (MCCI)
S3 k510mdfl; C:\WINDOWS\System32\DRIVERS\k510mdfl.sys [8336 2010-09-29] (MCCI)
S3 k510mdm; C:\WINDOWS\System32\DRIVERS\k510mdm.sys [94064 2010-09-29] (MCCI)
S3 k510mgmt; C:\WINDOWS\System32\DRIVERS\k510mgmt.sys [85408 2010-09-29] (MCCI)
S3 k510obex; C:\WINDOWS\System32\DRIVERS\k510obex.sys [83344 2010-09-29] (MCCI)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [45824 2007-06-28] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [20480 2007-06-28] (NVIDIA Corporation)
S3 s0017bus; C:\WINDOWS\System32\DRIVERS\s0017bus.sys [86824 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\WINDOWS\System32\DRIVERS\s0017mdfl.sys [15016 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\WINDOWS\System32\DRIVERS\s0017mdm.sys [114600 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\WINDOWS\System32\DRIVERS\s0017mgmt.sys [108328 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\WINDOWS\System32\DRIVERS\s0017nd5.sys [26024 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\WINDOWS\System32\DRIVERS\s0017obex.sys [104616 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\WINDOWS\System32\DRIVERS\s0017unic.sys [109736 2008-10-21] (MCCI Corporation)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [466008 2013-02-11] (Duplex Secure Ltd.)
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [33608 2013-08-08] (The OpenVPN Project)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2013-12-16] (TuneUp Software)
S3 V0420VID; C:\WINDOWS\System32\DRIVERS\V0420Vid.sys [99648 2007-05-31] (Creative Technology Ltd.)
S4 IntelIde; No ImagePath
U1 WS2IFSL; 
U3 a2te9q8w; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-05 19:34 - 2014-04-05 19:34 - 00000000 ____D () C:\Documents and Settings\anna\Menu Start\Programy\Internet Download Manager
2014-04-05 19:34 - 2014-04-05 19:34 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Internet Download Manager
2014-04-05 19:30 - 2014-04-05 19:31 - 05851704 _____ (Tonec Inc.) C:\Documents and Settings\anna\Pulpit\idman618build11f.exe
2014-04-05 16:58 - 2014-04-05 16:58 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\AVG
2014-04-03 17:25 - 2014-04-03 17:25 - 00000000 ____D () C:\Documents and Settings\anna\Ustawienia lokalne\Dane aplikacji\AVG
2014-04-03 17:25 - 2014-03-31 13:20 - 00035640 _____ (AVG) C:\WINDOWS\system32\uxtuneup.dll
2014-04-02 16:57 - 2014-04-02 16:57 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\AVG
2014-04-01 19:09 - 2014-04-01 19:09 - 00000114 _____ () C:\Documents and Settings\anna\Pulpit\kamery.txt
2014-03-30 20:47 - 2014-04-05 19:46 - 00000220 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job
2014-03-30 20:47 - 2014-04-01 17:22 - 00000214 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job
2014-03-30 03:14 - 2014-03-30 03:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-30 03:13 - 2014-03-30 03:14 - 00004349 _____ () C:\WINDOWS\KB2934207.log
2014-03-30 02:17 - 2014-04-05 20:02 - 00000000 ____D () C:\FRST
2014-03-30 02:10 - 2014-04-05 19:00 - 00000000 ____D () C:\Documents and Settings\anna\Pulpit\LOGI
2014-03-30 00:54 - 2014-03-30 00:54 - 00002052 _____ () C:\Documents and Settings\anna\Pulpit\raport.csv
2014-03-29 23:22 - 2014-04-05 18:58 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-29 21:39 - 2014-02-27 01:28 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-03-29 21:39 - 2014-02-27 01:28 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-03-20 12:51 - 2014-04-05 19:46 - 00000276 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1935655697-602162358-682003330-1004.job
2014-03-14 17:15 - 2014-03-14 17:15 - 00000000 ____D () C:\Documents and Settings\Default User\Dane aplikacji\TuneUp Software
2014-03-13 23:41 - 2014-03-13 23:42 - 00131779 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-13 23:41 - 2014-03-13 23:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-13 23:41 - 2014-03-13 23:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-13 13:27 - 2014-03-20 17:47 - 00000000 ____D () C:\Documents and Settings\anna\Pulpit\aneta
2014-03-13 13:12 - 2014-03-13 23:41 - 00130381 _____ () C:\WINDOWS\KB2930275.log
2014-03-13 13:12 - 2014-03-13 23:41 - 00128045 _____ () C:\WINDOWS\KB2929961.log

==================== One Month Modified Files and Folders =======

2014-04-05 20:02 - 2014-03-30 02:17 - 00000000 ____D () C:\FRST
2014-04-05 19:59 - 2009-11-17 17:57 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
2014-04-05 19:59 - 2009-11-17 17:57 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start
2014-04-05 19:55 - 2009-11-17 17:56 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji
2014-04-05 19:55 - 2009-11-17 17:11 - 00000000 ____D () C:\Documents and Settings\anna\Pulpit
2014-04-05 19:55 - 2009-11-17 17:11 - 00000000 ____D () C:\Documents and Settings\anna\Menu Start\Programy
2014-04-05 19:50 - 2009-11-17 22:12 - 00000000 ____D () C:\Documents and Settings\anna\Dane aplikacji\Skype
2014-04-05 19:49 - 2010-07-10 21:52 - 00000000 ____D () C:\Documents and Settings\anna\Dane aplikacji\DMCache
2014-04-05 19:48 - 2013-08-21 17:54 - 00000000 ____D () C:\Documents and Settings\anna\Dane aplikacji\GG
2014-04-05 19:47 - 2009-11-17 17:07 - 01228855 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-05 19:46 - 2014-03-30 20:47 - 00000220 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job
2014-04-05 19:46 - 2014-03-20 12:51 - 00000276 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1935655697-602162358-682003330-1004.job
2014-04-05 19:46 - 2013-10-27 23:25 - 00000284 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1935655697-602162358-682003330-1004.job
2014-04-05 19:46 - 2012-06-05 21:44 - 00000000 ____D () C:\Documents and Settings\anna\Menu Start\Programy\LG Power Tools
2014-04-05 19:45 - 2009-11-17 17:59 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-04-05 19:45 - 2009-11-17 17:59 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-04-05 19:45 - 2009-11-17 17:10 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-05 19:43 - 2014-03-02 14:11 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2014-04-05 19:43 - 2014-01-16 13:57 - 00362176 _____ () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
2014-04-05 19:43 - 2009-11-17 17:10 - 00032466 _____ () C:\WINDOWS\SchedLgU.Txt
2014-04-05 19:43 - 2009-11-17 17:10 - 00000000 ___HD () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji
2014-04-05 19:40 - 2009-11-17 17:57 - 01200616 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-05 19:40 - 2008-04-15 14:00 - 00536284 _____ () C:\WINDOWS\system32\perfh015.dat
2014-04-05 19:40 - 2008-04-15 14:00 - 00095498 _____ () C:\WINDOWS\system32\perfc015.dat
2014-04-05 19:36 - 2013-07-10 17:48 - 00399426 _____ () C:\WINDOWS\setupapi.log
2014-04-05 19:36 - 2010-07-22 00:24 - 00000000 ____D () C:\Documents and Settings\anna\Dane aplikacji\IDM
2014-04-05 19:34 - 2014-04-05 19:34 - 00000000 ____D () C:\Documents and Settings\anna\Menu Start\Programy\Internet Download Manager
2014-04-05 19:34 - 2014-04-05 19:34 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Internet Download Manager
2014-04-05 19:34 - 2014-01-09 01:08 - 00000696 _____ () C:\Documents and Settings\anna\Pulpit\Internet Download Manager.lnk
2014-04-05 19:34 - 2010-07-22 00:24 - 00000000 ____D () C:\Program Files\Internet Download Manager
2014-04-05 19:34 - 2009-11-17 17:57 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy
2014-04-05 19:31 - 2014-04-05 19:30 - 05851704 _____ (Tonec Inc.) C:\Documents and Settings\anna\Pulpit\idman618build11f.exe
2014-04-05 19:16 - 2012-06-05 19:55 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
2014-04-05 19:16 - 2009-11-17 17:11 - 00000000 __RHD () C:\Documents and Settings\anna\Dane aplikacji
2014-04-05 19:07 - 2012-03-21 22:02 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2014-04-05 19:05 - 2012-04-24 23:48 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-05 19:00 - 2014-03-30 02:10 - 00000000 ____D () C:\Documents and Settings\anna\Pulpit\LOGI
2014-04-05 18:58 - 2014-03-29 23:22 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-05 18:28 - 2012-03-21 23:22 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\MFAData
2014-04-05 16:58 - 2014-04-05 16:58 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\AVG
2014-04-05 16:54 - 2010-02-03 16:06 - 00000000 ____D () C:\Documents and Settings\anna\Moje dokumenty\Pobieranie
2014-04-04 16:38 - 2009-11-17 17:11 - 00000188 ___SH () C:\Documents and Settings\anna\ntuser.ini
2014-04-04 16:38 - 2009-11-17 17:11 - 00000000 ____D () C:\Documents and Settings\anna
2014-04-04 16:32 - 2013-06-26 17:47 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\CanonIJPLM
2014-04-03 17:27 - 2009-11-17 17:11 - 00000000 ___RD () C:\Documents and Settings\anna\Menu Start
2014-04-03 17:25 - 2014-04-03 17:25 - 00000000 ____D () C:\Documents and Settings\anna\Ustawienia lokalne\Dane aplikacji\AVG
2014-04-03 17:25 - 2009-11-17 17:11 - 00000000 ___HD () C:\Documents and Settings\anna\Ustawienia lokalne\Dane aplikacji
2014-04-02 16:57 - 2014-04-02 16:57 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\AVG
2014-04-02 16:57 - 2014-03-02 13:46 - 00000732 _____ () C:\Documents and Settings\All Users\Pulpit\AVG 2014.lnk
2014-04-01 19:09 - 2014-04-01 19:09 - 00000114 _____ () C:\Documents and Settings\anna\Pulpit\kamery.txt
2014-04-01 17:22 - 2014-03-30 20:47 - 00000214 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job
2014-04-01 17:15 - 2012-04-25 10:30 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-01 17:15 - 2008-04-15 14:00 - 00012636 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-31 13:21 - 2014-03-02 14:11 - 00036152 _____ (AVG) C:\WINDOWS\system32\TURegOpt.exe
2014-03-31 13:20 - 2014-04-03 17:25 - 00035640 _____ (AVG) C:\WINDOWS\system32\uxtuneup.dll
2014-03-30 03:14 - 2014-03-30 03:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-30 03:14 - 2014-03-30 03:13 - 00004349 _____ () C:\WINDOWS\KB2934207.log
2014-03-30 03:14 - 2009-11-17 17:57 - 02187848 _____ () C:\WINDOWS\FaxSetup.log
2014-03-30 03:14 - 2009-11-17 17:57 - 01055237 _____ () C:\WINDOWS\ocgen.log
2014-03-30 03:14 - 2009-11-17 17:57 - 00842191 _____ () C:\WINDOWS\tsoc.log
2014-03-30 03:14 - 2009-11-17 17:57 - 00736121 _____ () C:\WINDOWS\comsetup.log
2014-03-30 03:14 - 2009-11-17 17:57 - 00444654 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-30 03:14 - 2009-11-17 17:57 - 00347671 _____ () C:\WINDOWS\iis6.log
2014-03-30 03:14 - 2009-11-17 17:57 - 00136757 _____ () C:\WINDOWS\ocmsn.log
2014-03-30 03:14 - 2009-11-17 17:57 - 00109639 _____ () C:\WINDOWS\msgsocm.log
2014-03-30 03:14 - 2009-11-17 17:57 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-30 02:29 - 2010-01-11 17:09 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-03-30 00:54 - 2014-03-30 00:54 - 00002052 _____ () C:\Documents and Settings\anna\Pulpit\raport.csv
2014-03-20 18:11 - 2013-08-14 18:35 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-20 18:07 - 2009-11-18 05:13 - 87350280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-20 17:47 - 2014-03-13 13:27 - 00000000 ____D () C:\Documents and Settings\anna\Pulpit\aneta
2014-03-20 15:20 - 2013-08-21 17:53 - 00000000 ____D () C:\Documents and Settings\anna\Ustawienia lokalne\Dane aplikacji\GG
2014-03-14 17:15 - 2014-03-14 17:15 - 00000000 ____D () C:\Documents and Settings\Default User\Dane aplikacji\TuneUp Software
2014-03-14 17:15 - 2009-11-17 17:56 - 00000000 __RHD () C:\Documents and Settings\Default User\Dane aplikacji
2014-03-14 17:01 - 2010-02-16 20:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 17:01 - 2009-11-17 17:56 - 00325112 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-13 23:42 - 2014-03-13 23:41 - 00131779 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-13 23:42 - 2009-11-18 04:00 - 00361947 _____ () C:\WINDOWS\updspapi.log
2014-03-13 23:42 - 2009-11-17 17:57 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-13 23:41 - 2014-03-13 23:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-13 23:41 - 2014-03-13 23:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-13 23:41 - 2014-03-13 13:12 - 00130381 _____ () C:\WINDOWS\KB2930275.log
2014-03-13 23:41 - 2014-03-13 13:12 - 00128045 _____ () C:\WINDOWS\KB2929961.log
2014-03-13 23:41 - 2010-04-11 18:17 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-03-13 23:40 - 2010-09-29 23:50 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2014-03-13 23:39 - 2010-06-05 15:44 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight
2014-03-13 16:46 - 2010-05-18 21:00 - 00000000 ____D () C:\Documents and Settings\Administrator.DOM-ED3482B591D
2014-03-13 16:46 - 2010-01-11 17:09 - 00000000 ___SD () C:\Documents and Settings\Administrator
2014-03-13 16:46 - 2009-11-17 17:10 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-03-13 16:46 - 2009-11-17 17:10 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-03-13 15:05 - 2012-04-24 23:48 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-13 15:05 - 2011-06-06 18:39 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2008-04-15 14:00] - [2008-04-15 14:00] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a 

C:\WINDOWS\system32\winlogon.exe
[2008-04-15 14:00] - [2008-04-15 14:00] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 

C:\WINDOWS\system32\svchost.exe
[2008-04-15 14:00] - [2008-04-15 14:00] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce 

C:\WINDOWS\system32\services.exe
[2008-04-15 14:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f 

C:\WINDOWS\system32\User32.dll
[2008-04-15 14:00] - [2008-04-15 14:00] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 

C:\WINDOWS\system32\userinit.exe
[2008-04-15 14:00] - [2008-04-15 14:00] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 

C:\WINDOWS\system32\rpcss.dll
[2008-04-15 14:00] - [2009-02-09 12:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2008-04-15 14:00] - [2008-04-15 14:00] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 


==================== End Of Log ============================