Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-08-2013
Ran by Tata (administrator) on 07-08-2013 12:19:54
Running from F:\
Microsoft Windows XP Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

==================== Could not list processes ===============

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [337256 2010-07-01] (Lenovo.)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [176128 2009-09-09] (Alps Electric Co., Ltd.)
HKLM\...\Run: [LenovoAutoScrollUtility] - C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe [43960 2010-04-01] (Lenovo Group Limited)
HKLM\...\Run: [PWRMGRTR] - C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL [746856 2011-02-04] (Lenovo Group Limited)
HKLM\...\Run: [TVT Scheduler Proxy] - C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [1093632 2010-09-11] (Lenovo Group Limited)
HKLM\...\Run: [TPFNF7] - C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe [62312 2010-03-26] (Lenovo Group Limited)
HKLM\...\Run: [EZEJMNAP] - C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [256576 2009-12-01] (Lenovo Group Ltd.)
HKLM\...\Run: [TPKMAPHELPER] - C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe [868352 2007-01-09] (Lenovo)
HKLM\...\Run: [LPManager] - C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe [185688 2009-07-23] (Lenovo Group Limited)
HKLM\...\Run: [LPMailChecker] - C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe [124248 2009-07-23] (Lenovo Group Limited)
HKLM\...\Run: [AwaySch] - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE [91688 2006-11-07] (Lenovo Group Limited)
HKLM\...\Run: [Eraser] - C:\PROGRA~1\Eraser\Eraser.exe [979344 2010-04-10] (The Eraser Project)
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [30248 2007-01-29] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46632 2007-01-29] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] - C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [255528 2007-02-01] (Nuance Communications, Inc.)
HKLM\...\Run: [BrMfcWnd] - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [663552 2007-03-12] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] - C:\Program Files\Brother\ControlCenter3\brctrcen.exe [65536 2007-01-26] (Brother Industries, Ltd.)
HKLM\...\Run: [snpstd] - C:\WINDOWS\vsnpstd.exe [339968 2005-10-11] ()
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [BluetoothAuthenticationAgent] - rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent [x]
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2285232 2013-08-01] ()
HKLM\...\Run: [PrintDisp] - C:\WINDOWS\system32\PrintDisp.exe [975360 2010-07-23] (ActMask Co.,Ltd - http://www.all2pdf.com)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1464536 2013-07-08] (COMODO)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [X]
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKCU\...\Run: [Facebook Update] - C:\Documents and Settings\Tata\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe [138096 2012-09-24] (Facebook Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\Documents and Settings\Tata\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pl.yahoo.com?fr=fp-comodo
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=HITACHI_HTS541616J9SA00_SB3441GRJZ6PGEJZ6PGEX&ts=1351506495
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://pl.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.v9.com/web/?q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com/web/?q={searchTerms}
SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://pl.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={DD6875B5-0F2E-4739-B46B-C2E940866790}&mid=1ab012523c6047d0b4ccd155f976e396-1a13bbe4f5613cd3d3c673f2096976fce82be711&lang=pl&ds=xn011&pr=sa&d=2012-09-29 20:17:53&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.4.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.4.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
Handler: ipp - No CLSID Value - 
Handler: msdaipp - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.4.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 120.10.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Tata\Dane aplikacji\Mozilla\Firefox\Profiles\oayckntn.default
FF NetworkProxy: "no_proxies_on", "127.0.0.1"
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 9050
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "type", 1
FF Homepage: hxxp://pl.yahoo.com?fr=fp-comodo
FF SelectedSearchEngine: Yahoo
FF Keyword.URL: hxxp://pl.search.yahoo.com/search?fr=ytff-comodo&p=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.4.0\\npsitesafety.dll (AVG Technologies)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @adobe.com/Acrobat,version=5.1 - C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\Tata\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\v9.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
FF Extension: No Name - C:\Documents and Settings\Tata\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: autoproxy - C:\Documents and Settings\Tata\Dane aplikacji\Mozilla\Firefox\Profiles\oayckntn.default\Extensions\autoproxy@autoproxy.org.xpi
FF Extension: No Name - C:\Documents and Settings\Tata\Dane aplikacji\Mozilla\Firefox\Profiles\oayckntn.default\Extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [avg@toolbar] C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\FireFoxExt\15.4.0.5
FF Extension: AVG Security Toolbar - C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\FireFoxExt\15.4.0.5
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome: 
=======
CHR HomePage: hxxp://pl.yahoo.com?fr=fpc-comodo
CHR RestoreOnStartup: "hxxp://www.google.com", "hxxp://pl.yahoo.com?fr=fpc-comodo"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\DOCUME~1\Tata\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\Tata\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Skype Click to Call) - C:\DOCUME~1\Tata\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (AVG Secure Search) - C:\DOCUME~1\Tata\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\15.4.0.5_0
CHR Extension: (Gmail) - C:\DOCUME~1\Tata\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\ChromeExt\15.4.0.5\avg.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4801304 2013-07-08] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [127192 2013-06-18] (COMODO)
R2 IPSSVC; C:\Windows\system32\IPSSVC.EXE [108080 2007-01-30] (Lenovo Group Limited)
S2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [45496 2010-11-24] (Lenovo Group Limited)
R2 NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2010-03-05] ()
S2 Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [61440 2011-02-04] ()
R2 Printer Control; C:\WINDOWS\system32\PrintCtrl.exe [65536 2009-10-28] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM)
R2 S24EventMonitor; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [966656 2010-10-19] (Intel(R) Corporation)
R2 Skype C2C Service; C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [28672 2011-07-25] (Lenovo Group Limited)
R2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [99328 2010-12-03] (Lenovo Group Limited)
R2 TpKmpSVC; C:\WINDOWS\system32\TpKmpSVC.exe [32768 2006-06-29] ()
R2 TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [1118208 2010-09-11] ()
R2 TVT Scheduler; C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [1171456 2010-09-11] (Lenovo Group Limited)
R2 vToolbarUpdater15.4.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [1616048 2013-08-01] (AVG Secure Search)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
S4 HidServ; %SystemRoot%\System32\hidserv.dll [x]
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

R3 atmeltpm; C:\Windows\System32\DRIVERS\atmeltpm.sys [15872 2005-05-17] (Atmel, Inc.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-08-01] (AVG Technologies)
S3 b57w2k; C:\Windows\System32\DRIVERS\b57xp32.sys [163328 2007-11-29] (Broadcom Corporation)
S3 BrScnUsb; C:\Windows\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [18528 2013-06-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [587352 2013-07-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [32816 2013-06-18] (COMODO)
S3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [87424 2008-04-04] (Gemalto)
R3 HdAudAddService; C:\Windows\System32\drivers\CHDAudN.sys [666112 2007-04-27] (Conexant Systems Inc.)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)
R0 Inspect; C:\Windows\System32\DRIVERS\inspect.sys [99520 2013-06-18] (COMODO)
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NETwLx32; C:\Windows\System32\DRIVERS\NETwLx32.sys [6609920 2010-10-07] (Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
R2 pmem; C:\WINDOWS\System32\drivers\pmemnt.sys [7012 2011-03-24] (Microsoft Corporation)
R2 PROCDD; C:\Windows\System32\DRIVERS\PROCDD.SYS [12080 2006-11-06] (Lenovo Group Limited)
R2 s24trans; C:\Windows\System32\DRIVERS\s24trans.sys [13952 2010-05-19] (Intel Corporation)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [12560 2009-03-13] (UPEK Inc.)
S3 snpstd; C:\Windows\System32\DRIVERS\snpstd.sys [390656 2005-11-18] ()
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [7168 2009-11-12] ()
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation)
R1 TPHKDRV; C:\Windows\System32\DRIVERS\TPHKDRV.sys [17844 2008-05-12] (Lenovo Group Limited)
R1 TPPWRIF; C:\Windows\System32\drivers\Tppwrif.sys [12144 2011-02-04] (Lenovo Group Limited)
R1 TSMAPIP; C:\Windows\System32\drivers\TSMAPIP.SYS [4608 2010-03-26] ()
S3 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation)
S3 ZDPSp50; C:\Windows\System32\Drivers\ZDPSp50.sys [17664 2012-11-23] (Printing Communications Assoc., Inc. (PCAUSA))
S3 catchme; \??\C:\DOCUME~1\Tata\USTAWI~1\Temp\catchme.sys [x]
U2 CertPropSvc; 
S3 dgderdrv; System32\drivers\dgderdrv.sys [x]
S4 IntelIde; No ImagePath
U3 TlntSvr; 
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]
S3 ZD1211BU(Atheros); system32\DRIVERS\zd1211Bu.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-07 12:19 - 2013-08-07 12:19 - 00000000 ____D C:\FRST
2013-08-06 14:31 - 2013-08-06 14:44 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2013-08-05 14:33 - 2013-08-05 14:33 - 00006914 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2013-08-05 14:31 - 2013-08-05 14:31 - 00000000 ___HD C:\VTRoot
2013-08-05 14:05 - 2013-08-05 14:05 - 00000000 ____D C:\Program Files\Common Files\Java
2013-08-05 14:05 - 2013-08-05 14:04 - 00263592 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-08-05 14:05 - 2013-08-05 14:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-08-05 14:05 - 2013-08-05 14:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-08-05 14:05 - 2013-08-05 14:04 - 00144896 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2013-08-05 14:05 - 2013-08-05 14:04 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-08-05 14:04 - 2013-08-05 14:04 - 00000000 ____D C:\Program Files\Java
2013-08-05 13:52 - 2013-08-07 12:19 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2013-08-05 13:51 - 2013-08-07 12:19 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2013-08-05 13:51 - 2013-08-07 12:19 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
2013-08-05 13:51 - 2013-08-07 12:19 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
2013-08-05 13:48 - 2013-08-05 13:48 - 00000000 ____D C:\Program Files\COMODO
2013-08-01 08:31 - 2013-08-01 08:31 - 00000000 ____D C:\WINDOWS\system32\cache
2013-07-23 04:31 - 2013-07-23 04:31 - 00122880 _____ C:\WINDOWS\Minidump\Mini072313-01.dmp
2013-07-21 14:01 - 2013-07-21 14:07 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-07-19 18:02 - 2013-07-19 18:02 - 00018907 _____ C:\ComboFix.txt
2013-07-14 11:41 - 2013-07-14 11:41 - 00005473 _____ C:\WINDOWS\KB2834904.log
2013-07-14 11:41 - 2013-07-14 11:41 - 00005131 _____ C:\WINDOWS\KB2834886.log
2013-07-14 11:41 - 2013-07-14 11:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-14 11:41 - 2013-07-14 11:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-14 11:41 - 2013-07-14 11:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-14 11:40 - 2013-07-14 11:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-12 18:42 - 2013-07-12 18:45 - 00133286 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-12 03:26 - 2013-07-14 11:41 - 00013386 _____ C:\WINDOWS\KB2850851.log
2013-07-12 03:26 - 2013-07-14 11:40 - 00011819 _____ C:\WINDOWS\KB2845187.log
2013-07-12 03:15 - 2013-07-11 03:36 - 00069584 ____H C:\WINDOWS\Minidump\Mini071213-01.dmp

==================== One Month Modified Files and Folders =======

2013-08-07 12:20 - 2012-11-15 15:26 - 00000466 _____ C:\WINDOWS\Tasks\SystemToolsDailyTest.job
2013-08-07 12:19 - 2013-08-07 12:19 - 00000000 ____D C:\FRST
2013-08-07 12:19 - 2013-08-05 13:52 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2013-08-07 12:19 - 2013-08-05 13:51 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2013-08-07 12:19 - 2013-08-05 13:51 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
2013-08-07 12:19 - 2013-08-05 13:51 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
2013-08-07 12:18 - 2012-04-09 18:34 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-07 12:18 - 2011-03-24 13:04 - 00000259 _____ C:\WINDOWS\wiadebug.log
2013-08-07 12:16 - 2013-05-01 10:56 - 00664929 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2013-08-07 12:16 - 2012-04-09 18:34 - 00001028 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-07 12:16 - 2011-03-24 13:04 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-08-07 12:16 - 2011-03-24 12:53 - 00000302 _____ C:\WINDOWS\Tasks\PMTask.job
2013-08-07 12:16 - 2011-03-24 12:18 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-08-07 12:16 - 2007-06-19 15:13 - 00000380 _____ C:\WINDOWS\system32\IPSCtrl.INI
2013-08-07 12:16 - 2007-01-29 12:36 - 00025229 _____ C:\WINDOWS\system32\PROCDB.INI
2013-08-07 12:16 - 2004-08-04 14:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-08-07 05:40 - 2011-03-24 12:12 - 01319650 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-07 05:39 - 2011-03-24 16:38 - 00000188 ___SH C:\Documents and Settings\Tata\ntuser.ini
2013-08-07 05:39 - 2011-03-24 12:18 - 00032590 _____ C:\WINDOWS\SchedLgU.Txt
2013-08-07 05:23 - 2012-10-10 14:18 - 00001006 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1275210071-879983540-682003330-1004UA.job
2013-08-06 18:44 - 2011-03-24 16:38 - 00000000 ___RD C:\Documents and Settings\Tata\Ulubione
2013-08-06 18:40 - 2012-04-18 21:42 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-08-06 14:44 - 2013-08-06 14:31 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2013-08-06 12:19 - 2013-04-13 04:17 - 00101267 _____ C:\WINDOWS\setupapi.log
2013-08-05 14:33 - 2013-08-05 14:33 - 00006914 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2013-08-05 14:31 - 2013-08-05 14:31 - 00000000 ___HD C:\VTRoot
2013-08-05 14:23 - 2012-10-10 14:18 - 00000984 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1275210071-879983540-682003330-1004Core.job
2013-08-05 14:05 - 2013-08-05 14:05 - 00000000 ____D C:\Program Files\Common Files\Java
2013-08-05 14:04 - 2013-08-05 14:05 - 00263592 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-08-05 14:04 - 2013-08-05 14:05 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-08-05 14:04 - 2013-08-05 14:05 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-08-05 14:04 - 2013-08-05 14:05 - 00144896 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2013-08-05 14:04 - 2013-08-05 14:05 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-08-05 14:04 - 2013-08-05 14:04 - 00000000 ____D C:\Program Files\Java
2013-08-05 14:04 - 2012-10-28 21:14 - 00867240 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll
2013-08-05 14:04 - 2012-10-28 21:14 - 00789416 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll
2013-08-05 13:49 - 2011-03-24 13:01 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji
2013-08-05 13:49 - 2011-03-24 13:01 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit
2013-08-05 13:48 - 2013-08-05 13:48 - 00000000 ____D C:\Program Files\COMODO
2013-08-04 16:06 - 2012-09-24 19:01 - 00000998 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1275210071-879983540-682003330-1005UA.job
2013-08-01 08:31 - 2013-08-01 08:31 - 00000000 ____D C:\WINDOWS\system32\cache
2013-08-01 08:31 - 2012-09-29 20:17 - 00037664 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
2013-08-01 08:31 - 2012-09-29 20:17 - 00000000 ____D C:\Program Files\AVG Secure Search
2013-08-01 08:05 - 2011-03-24 12:09 - 00004870 _____ C:\WINDOWS\DtcInstall.log
2013-08-01 00:22 - 2011-03-24 12:19 - 00000188 ___SH C:\Documents and Settings\Alicja\ntuser.ini
2013-07-29 19:06 - 2012-09-24 19:01 - 00000976 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1275210071-879983540-682003330-1005Core.job
2013-07-23 04:31 - 2013-07-23 04:31 - 00122880 _____ C:\WINDOWS\Minidump\Mini072313-01.dmp
2013-07-23 04:31 - 2011-03-24 14:58 - 00000000 ____D C:\WINDOWS\Minidump
2013-07-21 14:07 - 2013-07-21 14:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-07-19 20:50 - 2011-03-24 13:23 - 00000000 ____D C:\SWSHARE
2013-07-19 18:02 - 2013-07-19 18:02 - 00018907 _____ C:\ComboFix.txt
2013-07-19 18:02 - 2013-05-03 15:24 - 00000000 ____D C:\Qoobox
2013-07-19 18:02 - 2011-03-24 16:38 - 00000000 ___HD C:\Documents and Settings\Tata\Ustawienia lokalne
2013-07-19 18:02 - 2011-03-24 13:01 - 00000000 __RHD C:\Documents and Settings\Default User\Ustawienia lokalne
2013-07-19 18:02 - 2011-03-24 12:18 - 00000000 ___HD C:\Documents and Settings\LocalService\Ustawienia lokalne
2013-07-19 18:02 - 2011-03-24 12:17 - 00000000 ___HD C:\Documents and Settings\NetworkService\Ustawienia lokalne
2013-07-19 17:59 - 2004-08-04 14:00 - 00000227 _____ C:\WINDOWS\system.ini
2013-07-19 17:58 - 2011-03-24 16:38 - 00000000 ____D C:\Documents and Settings\Tata\Pulpit
2013-07-19 17:49 - 2011-03-24 16:38 - 00000000 __RHD C:\Documents and Settings\Tata\Dane aplikacji
2013-07-19 17:40 - 2012-04-22 16:41 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-07-18 05:38 - 2011-03-24 12:48 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-07-15 03:36 - 2011-03-24 13:00 - 00153976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-07-14 11:41 - 2013-07-14 11:41 - 00005473 _____ C:\WINDOWS\KB2834904.log
2013-07-14 11:41 - 2013-07-14 11:41 - 00005131 _____ C:\WINDOWS\KB2834886.log
2013-07-14 11:41 - 2013-07-14 11:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-14 11:41 - 2013-07-14 11:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-14 11:41 - 2013-07-14 11:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-14 11:41 - 2013-07-12 03:26 - 00013386 _____ C:\WINDOWS\KB2850851.log
2013-07-14 11:41 - 2011-03-24 13:02 - 01947531 _____ C:\WINDOWS\FaxSetup.log
2013-07-14 11:41 - 2011-03-24 13:02 - 00941094 _____ C:\WINDOWS\ocgen.log
2013-07-14 11:41 - 2011-03-24 13:02 - 00748725 _____ C:\WINDOWS\tsoc.log
2013-07-14 11:41 - 2011-03-24 13:02 - 00538444 _____ C:\WINDOWS\comsetup.log
2013-07-14 11:41 - 2011-03-24 13:02 - 00324763 _____ C:\WINDOWS\ntdtcsetup.log
2013-07-14 11:41 - 2011-03-24 13:02 - 00308565 _____ C:\WINDOWS\iis6.log
2013-07-14 11:41 - 2011-03-24 13:02 - 00099511 _____ C:\WINDOWS\ocmsn.log
2013-07-14 11:41 - 2011-03-24 13:02 - 00097690 _____ C:\WINDOWS\msgsocm.log
2013-07-14 11:41 - 2011-03-24 13:02 - 00001374 _____ C:\WINDOWS\imsins.log
2013-07-14 11:41 - 2011-03-24 13:02 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-07-14 11:40 - 2013-07-14 11:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-14 11:40 - 2013-07-12 03:26 - 00011819 _____ C:\WINDOWS\KB2845187.log
2013-07-14 08:29 - 2011-05-04 17:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 18:54 - 2011-03-24 13:02 - 01045198 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-12 18:54 - 2004-08-04 14:00 - 00491314 _____ C:\WINDOWS\system32\perfh015.dat
2013-07-12 18:54 - 2004-08-04 14:00 - 00084526 _____ C:\WINDOWS\system32\perfc015.dat
2013-07-12 18:45 - 2013-07-12 18:42 - 00133286 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-12 18:45 - 2011-03-24 14:30 - 00000000 ____D C:\WINDOWS\ie8updates
2013-07-12 18:45 - 2011-03-24 13:57 - 00471041 _____ C:\WINDOWS\updspapi.log
2013-07-12 18:28 - 2011-03-24 12:49 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2013-07-11 03:36 - 2013-07-12 03:15 - 00069584 ____H C:\WINDOWS\Minidump\Mini071213-01.dmp
2013-07-11 00:33 - 2012-11-15 15:26 - 00000528 _____ C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
2013-07-10 05:08 - 2011-11-19 05:54 - 00000000 ____D C:\Documents and Settings\Tata\Pulpit\Własne
2013-07-09 16:47 - 2012-10-15 10:37 - 00000000 ____D C:\Documents and Settings\Tata\Pulpit\MARCIN MRÓZ
2013-07-08 22:59 - 2013-01-16 19:51 - 00587352 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdGuard.sys

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2011-03-24 14:45] - [2008-04-14 19:21] - 1035264 ____A (Microsoft Corporation) 

C:\Windows\System32\winlogon.exe
[2011-03-24 14:44] - [2008-04-14 19:21] - 0510464 ____A (Microsoft Corporation) 

C:\Windows\System32\svchost.exe
[2011-03-24 14:45] - [2008-04-14 19:21] - 0014336 ____A (Microsoft Corporation) 

C:\Windows\System32\services.exe
[2011-03-24 14:44] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 

C:\Windows\System32\User32.dll
[2011-03-24 14:45] - [2008-04-14 19:20] - 0580096 ____A (Microsoft Corporation) 

C:\Windows\System32\userinit.exe
[2011-03-24 14:44] - [2008-04-14 19:21] - 0026624 ____A (Microsoft Corporation) 

C:\Windows\System32\Drivers\volsnap.sys
[2011-03-24 14:44] - [2008-04-14 18:01] - 0052864 ____A (Microsoft Corporation) 


==================== End Of Log ============================