Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-01-2014 01
Ran by M (administrator) on M-HP on 09-01-2014 20:22:34
Running from C:\Users\M\Downloads\ratowanie kompa
Windows 7 Professional Service Pack 1 (X64) OS Language: Polish
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2010-01-08] (Intel Corporation)
HKLM\...\Run: [HPPowerAssistant] - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1691192 2010-04-05] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2011-09-14] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-04-05] (Hewlett-Packard)
HKLM\...\Run: [acevents] - C:\Program Files\ActivIdentity\ActivClient\acevents.exe [196648 2009-06-04] (ActivIdentity)
HKLM\...\Run: [accrdsub] - C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [483880 2009-06-04] (ActivIdentity)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-17] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE [7032320 2013-12-18] (Broadcom Corporation)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [File Sanitizer] - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe [11266048 2010-01-19] (Hewlett-Packard)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2010-03-04] ()
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [3331944 2009-12-03] (Symantec Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [323128 2011-07-06] (Hewlett-Packard Company)
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-02-25] (PDF Complete Inc)
HKLM-x32\...\Run: [NokiaInternetModem_AppStart.exe] - C:\Program Files (x86)\Nokia\Nokia Internet Modem\NokiaInternetModem.exe [138368 2011-07-08] (Nokia)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)
HKLM-x32\...\runonceex: [ContentMerger] - c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-11-23] (Sonic Solutions)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
HKCU\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-10] ()
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-03-04] (Hewlett-Packard Company)
MountPoints2: {9af6db4b-5250-11e1-ac85-e02a82ca02ec} - D:\Setup.exe
HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-10] ()
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk
ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: File Sanitizer for HP ProtectTools - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Free Download Manager Click Catcher Plug-In for Netscape, Opera, Mozilla) - C:\Program Files (x86)\Google\Chrome\Application\plugins\npfdm.dll (FreeDownloadManager.org)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Unity Player) - C:\Users\M\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

==================== Services (Whitelisted) =================

R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277032 2009-06-04] (ActivIdentity)
R2 AESTFilters; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-12] (Avira Operations GmbH & Co. KG)
R3 DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [704512 2010-02-02] (McAfee, Inc.)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [462088 2010-03-31] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [362040 2009-12-07] (Hewlett-Packard Ltd)
S2 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2010-03-17] (Hewlett-Packard Development Company, L.P)
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2010-02-02] (McAfee, Inc.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [1698360 2011-07-06] (Hewlett-Packard Company)
R2 MSSQL$INSERTGT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-02-25] (PDF Complete Inc)
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [244736 2010-03-17] (IDT, Inc.)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE [48128 2013-12-18] (Broadcom Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [40760 2009-10-21] (Hewlett-Packard Development Company L.P.)
S3 nokia_usb_modem_cdc_acm; C:\Windows\System32\DRIVERS\nokia_usb_modem_cdc_acm.sys [79872 2011-06-22] (Nokia)
S3 nokia_usb_modem_cdc_ecm; C:\Windows\System32\DRIVERS\nokia_usb_modem_cdc_ecm.sys [58880 2011-06-22] (Nokia)
S3 nokia_usb_modem_cpo; C:\Windows\System32\DRIVERS\nokia_usb_modem_cpo.sys [14336 2011-06-22] (Nokia)
S3 nokia_usb_modem_ecm_enum; C:\Windows\System32\DRIVERS\nokia_usb_modem_ecm_enum.sys [56320 2011-06-22] (Nokia)
S3 nokia_usb_modem_ecm_enum_filter; C:\Windows\System32\DRIVERS\nokia_usb_modem_ecm_enum_filter.sys [56320 2011-06-22] (Nokia)
R1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [58184 2010-02-02] (McAfee, Inc.)
R1 RsvLock; C:\Windows\SysWow64\Drivers\RsvLock.sys [40088 2010-02-02] (McAfee, Inc.)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [89344 2010-01-30] (Realtek Semiconductor Corp.)
R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [56648 2010-02-02] ()
R0 SafeBoot; C:\Windows\SysWow64\Drivers\SafeBoot.sys [110520 2010-02-02] (McAfee, Inc.)
R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [60160 2009-06-04] (McAfee, Inc.)
R0 SbAlg; C:\Windows\SysWow64\Drivers\SbAlg.sys [51800 2010-02-02] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [15688 2010-02-02] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\SysWow64\Drivers\SbFsLock.sys [13256 2010-02-02] (McAfee, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-08 21:55 - 2014-01-09 20:22 - 00000000 ____D C:\Users\M\Downloads\ratowanie kompa
2014-01-08 21:05 - 2014-01-09 09:21 - 00000000 ____D C:\FRST
2014-01-01 22:05 - 2014-01-01 22:06 - 00000000 ____D C:\Users\M\Documents\mechaniczne
2013-12-19 17:17 - 2013-12-19 17:17 - 00000000 ____D C:\Users\M\Downloads\Nowy folder
2013-12-19 14:28 - 2013-12-19 14:28 - 00000000 ____D C:\Users\M\Documents\z pendrajwa
2013-12-18 00:34 - 2013-12-18 00:33 - 07849472 _____ (Broadcom Corporation) C:\windows\system32\BCMWLCPL.CPL
2013-12-18 00:34 - 2013-12-18 00:33 - 04961800 _____ (Microsoft Corporation) C:\windows\SysWOW64\vcredist_x64.exe
2013-12-18 00:34 - 2013-12-18 00:33 - 04659200 _____ (Broadcom Corporation) C:\windows\system32\bcmttls.dll
2013-12-18 00:34 - 2013-12-18 00:33 - 03161088 _____ (Microsoft Corporation) C:\windows\system32\vcredist_x64.exe
2013-12-18 00:34 - 2013-12-18 00:33 - 01063936 _____ (Broadcom Corporation) C:\windows\system32\BCMLogon.dll
2013-12-18 00:34 - 2013-12-18 00:33 - 00073216 _____ (Broadcom Corporation) C:\windows\system32\wltrynt.dll
2013-12-18 00:34 - 2013-12-18 00:33 - 00035344 _____ (CACE Technologies, Inc.) C:\windows\system32\Drivers\npf.sys
2013-12-18 00:34 - 2013-12-18 00:33 - 00023760 _____ (Broadcom Corporation) C:\windows\system32\Drivers\bcm42rly.sys
2013-12-18 00:34 - 2013-12-18 00:33 - 00000446 _____ C:\windows\SysWOW64\vcredist_x64.bat
2013-12-18 00:34 - 2013-12-18 00:33 - 00000441 _____ C:\windows\system32\vcredist_x64.bat
2013-12-18 00:33 - 2013-12-18 00:33 - 00000000 ____D C:\Users\M\AppData\Roaming\InstallShield
2013-12-13 13:36 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2013-12-13 13:36 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2013-12-13 13:36 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2013-12-13 13:36 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2013-12-13 13:35 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-12-13 13:35 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-12-13 13:34 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-12-13 13:34 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-12-13 13:34 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-12-13 13:34 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-12-13 13:34 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-12-13 13:34 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-12-13 13:34 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-12-13 13:34 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-12-13 13:34 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-12-13 13:34 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-12-13 13:34 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-12-13 13:34 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-12-13 13:34 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-12-13 13:34 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-12-13 13:34 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-12-13 13:34 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-12-13 13:34 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-12-13 13:34 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-12-13 13:34 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-12-13 13:34 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-12-13 13:34 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-12-13 13:34 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-12-13 13:34 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-12-13 13:34 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-12-13 13:34 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-12-13 13:34 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-12-13 13:34 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-12-13 13:34 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-12-13 13:34 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-12-13 11:16 - 2014-01-09 20:02 - 00000930 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-12-13 11:16 - 2013-12-13 12:02 - 00003868 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-12-12 19:09 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2013-12-12 19:09 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2013-12-12 19:09 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2013-12-12 19:09 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2013-12-12 19:09 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2013-12-12 19:09 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
2013-12-12 19:09 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-12-12 19:09 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2013-12-12 19:09 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\imagehlp.dll
2013-12-12 19:09 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2013-12-12 19:09 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2013-12-12 19:09 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshom.ocx
2013-12-12 19:09 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll
2013-12-12 19:09 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\wscript.exe
2013-12-12 19:09 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2013-12-12 19:09 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscript.exe
2013-12-12 19:09 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe
2013-12-12 19:09 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2013-12-12 19:09 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys

==================== One Month Modified Files and Folders =======

2014-01-09 20:22 - 2014-01-08 21:55 - 00000000 ____D C:\Users\M\Downloads\ratowanie kompa
2014-01-09 20:13 - 2010-09-14 02:05 - 00746420 _____ C:\windows\system32\perfh015.dat
2014-01-09 20:13 - 2010-09-14 02:05 - 00153382 _____ C:\windows\system32\perfc015.dat
2014-01-09 20:13 - 2009-07-14 06:13 - 01681106 _____ C:\windows\system32\PerfStringBackup.INI
2014-01-09 20:09 - 2012-11-04 23:28 - 00001038 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-09 20:05 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-09 20:05 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-09 20:02 - 2013-12-13 11:16 - 00000930 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2014-01-09 19:58 - 2012-11-04 23:28 - 00001034 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-09 19:57 - 2010-09-14 01:58 - 00000000 ____D C:\ProgramData\PDFC
2014-01-09 19:57 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2014-01-09 19:57 - 2009-07-14 05:51 - 00143984 _____ C:\windows\setupact.log
2014-01-09 09:25 - 2011-01-21 04:27 - 02014065 _____ C:\windows\WindowsUpdate.log
2014-01-09 09:21 - 2014-01-08 21:05 - 00000000 ____D C:\FRST
2014-01-08 21:17 - 2013-05-05 16:22 - 00000000 ____D C:\Users\M\AppData\Roaming\Free Download Manager
2014-01-08 14:38 - 2011-02-05 23:42 - 00000316 _____ C:\windows\Tasks\HPCeeScheduleForM.job
2014-01-08 12:08 - 2013-09-19 17:27 - 00000000 ____D C:\Users\M\Documents\as
2014-01-08 11:38 - 2011-02-05 23:42 - 00003162 _____ C:\windows\System32\Tasks\HPCeeScheduleForM
2014-01-08 11:37 - 2011-11-08 18:39 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-08 11:37 - 2011-02-10 23:11 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2014-01-04 19:05 - 2011-02-08 23:53 - 00000000 ____D C:\Users\M\AppData\Roaming\vlc
2014-01-01 22:06 - 2014-01-01 22:05 - 00000000 ____D C:\Users\M\Documents\mechaniczne
2013-12-30 20:53 - 2011-11-11 18:59 - 00026112 _____ C:\Users\M\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-30 07:21 - 2011-04-14 12:43 - 00000000 ____D C:\Users\M\Documents\Wiesiek
2013-12-22 13:40 - 2012-04-13 21:05 - 00000000 ____D C:\Users\M\Documents\Przepisy
2013-12-21 10:29 - 2013-09-23 14:44 - 00000000 ____D C:\Users\M\Desktop\z pulpitu
2013-12-19 22:59 - 2012-10-09 16:05 - 00001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-19 17:17 - 2013-12-19 17:17 - 00000000 ____D C:\Users\M\Downloads\Nowy folder
2013-12-19 17:16 - 2012-09-13 22:20 - 00000000 ____D C:\Users\M\Downloads\psyched
2013-12-19 16:55 - 2012-10-01 00:14 - 00000000 ____D C:\Users\M\Documents\grafiki kserodomino
2013-12-19 14:28 - 2013-12-19 14:28 - 00000000 ____D C:\Users\M\Documents\z pendrajwa
2013-12-18 09:46 - 2013-05-07 19:17 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2013-12-18 09:46 - 2013-04-06 13:54 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2013-12-18 09:46 - 2013-04-06 13:54 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2013-12-18 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\zh-HK
2013-12-18 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\tr-TR
2013-12-18 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\th-TH
2013-12-18 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\sl-SI
2013-12-18 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\sk-SK
2013-12-18 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\ro-RO
2013-12-18 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\lv-LV
2013-12-18 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\lt-LT
2013-12-18 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\hr-HR
2013-12-18 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\he-IL
2013-12-18 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\et-EE
2013-12-18 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\bg-BG
2013-12-18 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\ar-SA
2013-12-18 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Help
2013-12-18 00:33 - 2013-12-18 00:34 - 07849472 _____ (Broadcom Corporation) C:\windows\system32\BCMWLCPL.CPL
2013-12-18 00:33 - 2013-12-18 00:34 - 04961800 _____ (Microsoft Corporation) C:\windows\SysWOW64\vcredist_x64.exe
2013-12-18 00:33 - 2013-12-18 00:34 - 04659200 _____ (Broadcom Corporation) C:\windows\system32\bcmttls.dll
2013-12-18 00:33 - 2013-12-18 00:34 - 03161088 _____ (Microsoft Corporation) C:\windows\system32\vcredist_x64.exe
2013-12-18 00:33 - 2013-12-18 00:34 - 01063936 _____ (Broadcom Corporation) C:\windows\system32\BCMLogon.dll
2013-12-18 00:33 - 2013-12-18 00:34 - 00073216 _____ (Broadcom Corporation) C:\windows\system32\wltrynt.dll
2013-12-18 00:33 - 2013-12-18 00:34 - 00035344 _____ (CACE Technologies, Inc.) C:\windows\system32\Drivers\npf.sys
2013-12-18 00:33 - 2013-12-18 00:34 - 00023760 _____ (Broadcom Corporation) C:\windows\system32\Drivers\bcm42rly.sys
2013-12-18 00:33 - 2013-12-18 00:34 - 00000446 _____ C:\windows\SysWOW64\vcredist_x64.bat
2013-12-18 00:33 - 2013-12-18 00:34 - 00000441 _____ C:\windows\system32\vcredist_x64.bat
2013-12-18 00:33 - 2013-12-18 00:33 - 00000000 ____D C:\Users\M\AppData\Roaming\InstallShield
2013-12-18 00:33 - 2011-01-21 04:35 - 04749008 _____ (Broadcom Corporation) C:\windows\system32\Drivers\BCMWL664.SYS
2013-12-18 00:33 - 2011-01-21 04:35 - 03952640 _____ (Broadcom Corporation) C:\windows\system32\bcmihvsrv64.dll
2013-12-18 00:33 - 2011-01-21 04:35 - 03617792 _____ (Broadcom Corporation) C:\windows\system32\bcmihvui64.dll
2013-12-18 00:33 - 2011-01-21 04:35 - 00096560 _____ (Broadcom Corporation) C:\windows\system32\bcmwlcoi.dll
2013-12-18 00:33 - 2011-01-21 04:35 - 00006656 _____ C:\windows\system32\bcmwlrc.dll
2013-12-18 00:33 - 2009-07-27 17:14 - 00000000 ____D C:\swsetup
2013-12-16 15:12 - 2011-01-28 22:43 - 00000000 ____D C:\windows\rescache
2013-12-15 10:39 - 2013-07-16 20:52 - 00000000 ____D C:\windows\system32\MRT
2013-12-15 10:37 - 2011-01-28 15:48 - 90708896 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-12-15 01:16 - 2012-02-21 23:11 - 00006227 _____ C:\Users\M\AppData\Roaming\PrimoPDFSet.xml
2013-12-14 10:51 - 2009-07-14 06:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2013-12-14 10:42 - 2009-07-14 05:45 - 00517896 _____ C:\windows\system32\FNTCACHE.DAT
2013-12-13 13:36 - 2011-01-28 15:22 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-13 12:02 - 2013-12-13 11:16 - 00003868 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-12-13 12:02 - 2012-06-12 21:50 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-12-13 12:02 - 2011-05-23 21:47 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-12 19:04 - 2012-11-04 23:28 - 00004034 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-12 19:03 - 2012-11-04 23:28 - 00003782 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

Some content of TEMP:
====================
C:\Users\M\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-30 13:53

==================== End Of Log ============================