Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013
Ran by maria (administrator) on TECZA on 11-10-2013 10:21:53
Running from C:\Documents and Settings\maria\Moje dokumenty\Pobieranie
Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\DVDRAMSV.exe
(France Telecom SA) C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
() C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TODDSrv.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ATI Technologies, Inc.) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
(Agere Systems) C:\WINDOWS\AGRSMMSG.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Inc.) C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TPSMain.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TPSBattM.exe
(TOSHIBA) C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
() C:\Program Files\Winamp\winampa.exe
(Hewlett-Packard Company) C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
(Hewlett-Packard Co.) C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(France Telecom SA) C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\RAMASST.exe
(Hewlett-Packard Company) C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ATIPTA] - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064 2005-12-11] (ATI Technologies, Inc.)
HKLM\...\Run: [AGRSMMSG] - C:\Windows\AGRSMMSG.exe [89541 2006-03-18] (Agere Systems)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761946 2006-04-07] (Synaptics, Inc.)
HKLM\...\Run: [Toshiba Hotkey Utility] - C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe [1773568 2006-08-01] (TOSHIBA Inc.)
HKLM\...\Run: [TPSMain] - C:\Windows\system32\TPSMain.exe [266240 2005-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [NDSTray.exe] - NDSTray.exe
HKLM\...\Run: [SmoothView] - C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe [118784 2005-05-13] (TOSHIBA Corporation)
HKLM\...\Run: [PadTouch] - C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe [1077329 2005-12-22] (TOSHIBA)
HKLM\...\Run: [DDWMon] - C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe [262144 2006-04-28] (TOSHIBA Corporation)
HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\winampa.exe [35328 2006-05-25] ()
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [98304 2007-03-09] (Apple Computer, Inc.)
HKLM\...\Run: [HP Component Manager] - C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [241664 2003-12-22] (Hewlett-Packard Company)
HKLM\...\Run: [HPDJ Taskbar Utility] - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [172032 2004-03-04] (HP)
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [49152 2005-02-17] (Hewlett-Packard Co.)
HKLM\...\Run: [NeroCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [NWEReboot] - [x]
HKLM\...\Run: [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [OpwareSE4] - C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM\...\Run: [VirtualCloneDrive] - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)
HKLM\...\Run: [CardDetectorHUAWEI1752_1552] - C:\Program Files\CardDetector\HUAWEI1752_1552\CardDetector.exe [282624 2009-10-14] (France Telecom SA)
HKLM\...\Run: [BEWINTERNET-PLSessionManager] - C:\Program Files\OrangeBS\BEWInternet-PL\SessionManager\SessionManager.exe [140016 2009-10-14] (France Telecom SA)
HKLM\...\Run: [avast5] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [65536 2005-04-12] (TOSHIBA)
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [94208 2005-09-03] (Nero AG)
HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [ 2005-04-12] (TOSHIBA)
HKU\Default User\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files\Common Files\Ahead\Lib\NeroScoutOptions.exe [ 2005-09-04] (Nero AG)
HKU\dzieci\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [ 2005-04-12] (TOSHIBA)
HKU\dzieci\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\dzieci\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [ 2005-09-03] (Nero AG)
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Kalendarz PTAKI.lnk
ShortcutTarget: Kalendarz PTAKI.lnk -> C:\Program Files\KalendarzeNS\Kalendarzns_ptaki.exe (Fundacja Nasza Szkoła)
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\RAMASST.lnk
ShortcutTarget: RAMASST.lnk -> C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_page_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_page_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\IEXPLORE.EXE %1
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -&Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU -&Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} -  No File
DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} http://acs.pandasoftware.com/activescan/as5free/asinst.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
Tcpip\..\Interfaces\{E4F18F23-EF76-407D-A35A-8AC9429F4DEB}: [NameServer]213.134.128.19,213.134.128.20

FireFox:
========
FF ProfilePath: C:\Documents and Settings\maria\Dane aplikacji\Mozilla\Firefox\Profiles\j9i03vgp.default
FF Homepage: www.wp.pl
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandasecurity.com/activescan - C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF Plugin: @real.com/nppl3260;version=6.0.11.2105 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1212 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\maria\Dane aplikacji\Mozilla\Firefox\Profiles\j9i03vgp.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: jid1-MA2AfbgHyjJd9g - C:\Documents and Settings\maria\Dane aplikacji\Mozilla\Firefox\Profiles\j9i03vgp.default\Extensions\jid1-MA2AfbgHyjJd9g@jetpack.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF

========================== Services (Whitelisted) =================

S2 ACS; C:\WINDOWS\system32\acs.exe [36864 2005-09-26] ()
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [110592 2004-08-28] (Matsushita Electric Industrial Co., Ltd.)
R2 FTRTSVC; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [90112 2009-10-14] (France Telecom SA)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1247600 2007-09-21] ()
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
S3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [x]

==================== Drivers (Whitelisted) ====================

R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21035 2007-03-02] (Meetinghouse Data Communications)
R3 AR5211; C:\Windows\System32\DRIVERS\ar5211.sys [471264 2006-04-01] (Atheros Communications, Inc.)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49760 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177864 2013-08-30] ()
R3 BoiHwsetup; C:\Windows\System32\drivers\BoiHwSetup.sys [5504 2005-06-10] (Quanta Computer Corp)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [26024 2009-12-18] (Elaborate Bytes AG)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2006-03-20] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2006-03-20] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2006-03-20] (HP)
S3 hwusbfake; C:\Windows\System32\DRIVERS\ewusbfake.sys [102656 2009-08-04] (Huawei Technologies Co., Ltd.)
S3 Iviaspi; C:\Windows\System32\drivers\iviaspi.sys [21060 2003-09-10] (InterVideo, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R1 meiudf; C:\Windows\System32\Drivers\meiudf.sys [102384 2005-06-02] (Matsushita Electric Industrial Co.,Ltd.)
R2 Netdevio; C:\Windows\System32\DRIVERS\netdevio.sys [12032 2003-01-29] (TOSHIBA Corporation.)
S3 npkcrypt; C:\Program Files\Lineage II\system\npkcrypt.sys [23217 2008-05-09] (INCA Internet Co., Ltd.)
R0 pavboot; C:\Windows\System32\drivers\pavboot.sys [28552 2009-06-30] (Panda Security, S.L.)
S3 PCAMPR5; C:\WINDOWS\system32\PCAMPR5.SYS [34688 2009-08-04] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCANDIS5; C:\WINDOWS\system32\PCANDIS5.SYS [32128 2009-08-04] (Printing Communications Assoc., Inc. (PCAUSA))
S3 Pfc; C:\Windows\System32\drivers\pfc.sys [10368 2003-09-19] (Padus, Inc.)
R3 qkbfiltr; C:\Windows\System32\drivers\qkbfiltr.sys [31872 2006-01-12] (Quanta Computer, Inc.)
R3 qmofiltr; C:\Windows\System32\drivers\qmofiltr.sys [7936 2005-05-05] (Quanta Computer, Inc.)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation)
R1 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5632 2006-07-24] ()
R2 symlcbrd; C:\WINDOWS\system32\drivers\symlcbrd.sys [10344 2006-09-04] (Symantec Corporation)
R2 tdudf; C:\Windows\System32\DRIVERS\tdudf.sys [98816 2006-06-28] (TOSHIBA Corporation)
S4 InCDFs; system32\drivers\InCDFs.sys [x]
S1 InCDPass; system32\drivers\InCDPass.sys [x]
S1 InCDRm; system32\drivers\InCDRm.sys [x]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-11 10:20 - 2013-10-11 10:20 - 00000000 ____D C:\FRST
2013-10-11 09:30 - 2013-10-11 09:30 - 00000000 ____D C:\Documents and Settings\maria\Dane aplikacji\Malwarebytes
2013-10-11 09:28 - 2013-10-11 09:29 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-11 09:28 - 2013-10-11 09:28 - 00000784 _____ C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
2013-10-11 09:28 - 2013-10-11 09:28 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
2013-10-11 09:28 - 2013-10-11 09:28 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2013-10-11 09:28 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-10-11 01:56 - 2013-10-11 01:57 - 00004516 _____ C:\WINDOWS\KB2847311.log
2013-10-11 01:55 - 2013-10-11 01:57 - 00057426 _____ C:\WINDOWS\KB2879017-IE7.log
2013-10-11 01:55 - 2013-10-11 01:55 - 00000000 ____D C:\WINDOWS\LastGood
2013-09-18 15:03 - 2013-09-18 20:26 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-18 14:52 - 2013-09-18 14:54 - 00000000 ___RD C:\Documents and Settings\maria\Moje dokumenty\Dysk Google
2013-09-18 14:52 - 2013-09-18 14:52 - 00001457 _____ C:\Documents and Settings\maria\Pulpit\Dysk Google.lnk
2013-09-18 14:26 - 2013-09-18 14:26 - 00001769 _____ C:\Documents and Settings\All Users\Pulpit\Google Slides.lnk
2013-09-18 14:26 - 2013-09-18 14:26 - 00001765 _____ C:\Documents and Settings\All Users\Pulpit\Google Sheets.lnk
2013-09-18 14:26 - 2013-09-18 14:26 - 00001753 _____ C:\Documents and Settings\All Users\Pulpit\Google Docs.lnk
2013-09-18 14:26 - 2013-09-18 14:26 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Google Drive
2013-09-13 07:33 - 2013-09-13 07:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$
2013-09-13 07:33 - 2013-09-13 07:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2013-09-13 07:31 - 2013-09-13 07:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2013-09-12 20:24 - 2013-09-12 20:33 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2013-09-12 02:29 - 2013-09-13 07:34 - 00019109 _____ C:\WINDOWS\KB2876315.log
2013-09-12 02:28 - 2013-09-13 07:33 - 00108073 _____ C:\WINDOWS\KB2870699-IE7.log
2013-09-12 02:28 - 2013-09-13 07:33 - 00018131 _____ C:\WINDOWS\KB2876217.log
2013-09-12 02:28 - 2013-09-13 07:31 - 00011137 _____ C:\WINDOWS\KB2864063.log

==================== One Month Modified Files and Folders =======

2013-10-11 10:20 - 2013-10-11 10:20 - 00000000 ____D C:\FRST
2013-10-11 09:30 - 2013-10-11 09:30 - 00000000 ____D C:\Documents and Settings\maria\Dane aplikacji\Malwarebytes
2013-10-11 09:30 - 2007-03-02 18:06 - 00000000 __RHD C:\Documents and Settings\maria\Dane aplikacji
2013-10-11 09:29 - 2013-10-11 09:28 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-11 09:28 - 2013-10-11 09:28 - 00000784 _____ C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
2013-10-11 09:28 - 2013-10-11 09:28 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
2013-10-11 09:28 - 2013-10-11 09:28 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2013-10-11 09:28 - 2006-09-04 12:55 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy
2013-10-11 09:28 - 2006-09-04 12:55 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit
2013-10-11 09:28 - 2006-09-04 12:54 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji
2013-10-11 09:26 - 2011-01-08 11:05 - 00000000 ____D C:\Documents and Settings\maria\Moje dokumenty\Pobieranie
2013-10-11 09:25 - 2012-03-19 10:00 - 00001034 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-11 09:25 - 2012-03-19 10:00 - 00001030 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-11 04:53 - 2013-05-30 00:25 - 00000366 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-10-11 01:58 - 2006-09-04 11:01 - 01436347 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-11 01:57 - 2013-10-11 01:56 - 00004516 _____ C:\WINDOWS\KB2847311.log
2013-10-11 01:57 - 2013-10-11 01:55 - 00057426 _____ C:\WINDOWS\KB2879017-IE7.log
2013-10-11 01:55 - 2013-10-11 01:55 - 00000000 ____D C:\WINDOWS\LastGood
2013-10-10 04:53 - 2006-09-04 11:06 - 00032620 _____ C:\WINDOWS\SchedLgU.Txt
2013-10-09 18:31 - 2006-09-04 10:48 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2013-10-09 18:30 - 2006-09-04 12:58 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-10-09 18:30 - 2006-09-04 12:58 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-10-09 18:29 - 2006-09-04 11:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-09 18:06 - 2007-03-02 18:06 - 00000188 ___SH C:\Documents and Settings\maria\ntuser.ini
2013-10-08 15:30 - 2009-07-05 16:15 - 00616939 _____ C:\WINDOWS\setupapi.log
2013-09-30 23:43 - 2007-03-02 18:06 - 00000000 ___RD C:\Documents and Settings\maria\Moje dokumenty\Moje obrazy
2013-09-21 13:55 - 2007-03-02 18:06 - 00000000 ____D C:\Documents and Settings\maria\Pulpit
2013-09-19 11:07 - 2012-05-12 21:40 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-18 20:26 - 2013-09-18 15:03 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-18 16:56 - 2013-08-17 22:16 - 00000000 ____D C:\Documents and Settings\maria\Pulpit\kolonia serock 20013
2013-09-18 14:54 - 2013-09-18 14:52 - 00000000 ___RD C:\Documents and Settings\maria\Moje dokumenty\Dysk Google
2013-09-18 14:52 - 2013-09-18 14:52 - 00001457 _____ C:\Documents and Settings\maria\Pulpit\Dysk Google.lnk
2013-09-18 14:52 - 2007-03-02 18:06 - 00000000 ___RD C:\Documents and Settings\maria\Moje dokumenty
2013-09-18 14:26 - 2013-09-18 14:26 - 00001769 _____ C:\Documents and Settings\All Users\Pulpit\Google Slides.lnk
2013-09-18 14:26 - 2013-09-18 14:26 - 00001765 _____ C:\Documents and Settings\All Users\Pulpit\Google Sheets.lnk
2013-09-18 14:26 - 2013-09-18 14:26 - 00001753 _____ C:\Documents and Settings\All Users\Pulpit\Google Docs.lnk
2013-09-18 14:26 - 2013-09-18 14:26 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Google Drive
2013-09-18 14:26 - 2012-03-19 09:59 - 00000000 ____D C:\Program Files\Google
2013-09-18 14:26 - 2012-03-19 09:59 - 00000000 ____D C:\Documents and Settings\maria\Ustawienia lokalne\Dane aplikacji\Google
2013-09-16 16:53 - 2007-03-02 18:06 - 00000000 ____D C:\Documents and Settings\maria
2013-09-16 16:53 - 2006-09-04 11:03 - 00002596 _____ C:\WINDOWS\system32\CONFIG.NT
2013-09-15 21:58 - 2007-09-20 17:12 - 00000137 _____ C:\Documents and Settings\maria\default.pls
2013-09-15 21:58 - 2007-09-20 17:12 - 00000116 _____ C:\WINDOWS\NeroDigital.ini
2013-09-13 21:38 - 2012-12-16 09:06 - 00002347 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk
2013-09-13 08:52 - 2012-12-16 08:38 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-09-13 08:52 - 2011-05-22 09:59 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-09-13 08:24 - 2006-09-04 12:54 - 00153176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-09-13 07:34 - 2013-09-12 02:29 - 00019109 _____ C:\WINDOWS\KB2876315.log
2013-09-13 07:34 - 2006-09-04 12:55 - 02769074 _____ C:\WINDOWS\FaxSetup.log
2013-09-13 07:34 - 2006-09-04 12:55 - 01326370 _____ C:\WINDOWS\ocgen.log
2013-09-13 07:34 - 2006-09-04 12:55 - 01064885 _____ C:\WINDOWS\tsoc.log
2013-09-13 07:34 - 2006-09-04 12:55 - 00904874 _____ C:\WINDOWS\comsetup.log
2013-09-13 07:34 - 2006-09-04 12:55 - 00547327 _____ C:\WINDOWS\ntdtcsetup.log
2013-09-13 07:34 - 2006-09-04 12:55 - 00438890 _____ C:\WINDOWS\iis6.log
2013-09-13 07:34 - 2006-09-04 12:55 - 00167842 _____ C:\WINDOWS\ocmsn.log
2013-09-13 07:34 - 2006-09-04 12:55 - 00138529 _____ C:\WINDOWS\msgsocm.log
2013-09-13 07:34 - 2006-09-04 12:55 - 00001374 _____ C:\WINDOWS\imsins.log
2013-09-13 07:33 - 2013-09-13 07:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$
2013-09-13 07:33 - 2013-09-13 07:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2013-09-13 07:33 - 2013-09-12 02:28 - 00108073 _____ C:\WINDOWS\KB2870699-IE7.log
2013-09-13 07:33 - 2013-09-12 02:28 - 00018131 _____ C:\WINDOWS\KB2876217.log
2013-09-13 07:33 - 2007-03-17 15:03 - 00000000 ____D C:\WINDOWS\system32\pl-pl
2013-09-13 07:33 - 2006-09-04 12:55 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-09-13 07:33 - 2006-09-04 11:17 - 00417497 _____ C:\WINDOWS\updspapi.log
2013-09-13 07:32 - 2007-03-17 15:19 - 00000000 ____D C:\WINDOWS\ie7updates
2013-09-13 07:31 - 2013-09-13 07:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2013-09-13 07:31 - 2013-09-12 02:28 - 00011137 _____ C:\WINDOWS\KB2864063.log
2013-09-13 07:27 - 2013-08-16 12:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-09-13 07:22 - 2007-03-17 13:04 - 76725432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-09-12 20:33 - 2013-09-12 20:24 - 00000000 ____D C:\WINDOWS\system32\NtmsData

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2006-09-04 10:47] - [2008-04-14 19:21] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a 

C:\Windows\System32\winlogon.exe
[2006-09-04 10:48] - [2008-04-14 19:21] - 0510464 ____N (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 

C:\Windows\System32\svchost.exe
[2006-09-04 10:48] - [2008-04-14 19:21] - 0014336 ____N (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce 

C:\Windows\System32\services.exe
[2006-09-04 10:48] - [2009-02-09 13:25] - 0111104 ____N (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f 

C:\Windows\System32\User32.dll
[2006-09-04 10:48] - [2008-04-14 19:20] - 0580096 ____N (Microsoft Corporation) a435c5c069afd901751ac323ad238793 

C:\Windows\System32\userinit.exe
[2006-09-04 10:48] - [2008-04-14 19:21] - 0026624 ____N (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 

C:\Windows\System32\Drivers\volsnap.sys
[2006-09-04 10:48] - [2008-04-14 18:01] - 0052864 ____N (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 


==================== End Of Log ============================