Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-12-2013 02
Ran by Rafal (administrator) on PANDORA on 03-12-2013 21:45:43
Running from C:\Documents and Settings\Rafal\Moje dokumenty\Pobieranie
Microsoft Windows XP Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

==================== Could not list processes ===============

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CorelDRAW ESSENTIALS14] - C:\Program Files\Corel\CorelDRAW ESSENTIALS 2\Register\Registration.exe /title="CorelDRAW ESSENTIALS" /date=042413 serial=ES02WBD-0090061-FBU
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [159456 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\winampa.exe [74752 2010-12-02] (Nullsoft, Inc.)
HKLM\...\Run: [VirtualCloneDrive] - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [NWEReboot] - [x]
HKLM\...\Run: [NPSStartup] - [x]
HKLM\...\Run: [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208 2011-01-12] (Hewlett-Packard)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [gbrspcontrol] - C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe [2327248 2013-11-28] (Comodo Security Solutions, Inc.)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\Comodo\COMODO Internet Security\cfp.exe [6756048 2012-11-08] (COMODO)
HKLM\...\Run: [Cmaudio] - RunDll32 cmicnfg.cpl,CMICtrlWnd
HKLM\...\Run: [UserFaultCheck] - %systemroot%\system32\dumprep 0 -u
HKLM\...\Run: [SoundMan] - C:\WINDOWS\SOUNDMAN.EXE [65024 2004-02-09] (Realtek Semiconductor Corp.)
HKLM\...\Run: [ATICCC] - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe [45056 2006-01-02] (ATI Technologies Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxsrvc.dll (Intel Corporation)
Winlogon\Notify\poiudio: C:\Documents and Settings\Rafal\Ustawienia lokalne\Dane aplikacji\poiudio.dll [X]
HKCU\...\Run: [Google Update] - C:\Documents and Settings\Rafal\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [136176 2011-05-08] (Google Inc.)
MountPoints2: {85c55744-f71c-11e0-af35-000b6a8ae885} - E:\MicroLauncher.exe
MountPoints2: {ccc44de8-c5d7-11e2-acdc-000b6a8ae885} - E:\Startme.exe
AppInit_DLLs: C:\WINDOWS\system32\guard32.dll [ 2012-11-08] (COMODO)
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Start GeekBuddy.lnk
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {8D66BE73-BF64-40DD-B49B-F94E657F0438} URL = http://startsear.ch/?aff=1&src=sp&cf=a33a8d6e-760e-11e1-8b9d-000b6a8ae885&q={searchTerms}
SearchScopes: HKCU - {8D66BE73-BF64-40DD-B49B-F94E657F0438} URL = http://startsear.ch/?aff=1&src=sp&cf=a33a8d6e-760e-11e1-8b9d-000b6a8ae885&q={searchTerms}
SearchScopes: HKCU - {9F4229F9-44B1-4306-9B3F-FBEFAE098920} URL = http://startsear.ch/?src=sp&aff=67&cf=92f518ca-6cd5-11e2-acbd-000b6a8ae885&q={searchTerms}
SearchScopes: HKCU - {C6A5DCED-F8C5-4FD8-8482-1FB3B23FE25F} URL = http://search.us.com/serp?guid={86A8C5B0-CF1F-4603-A670-210DD952A3D3}&action=default_search&serpv=5&k={searchTerms}
BHO: ALLYouTubeDownloader - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLYouTubeDownloader\ALLYouTubeDownloader.dll (ALLCinema Ltd.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1299942451405
DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8491520 2012-06-08] (Microsoft Corporation)
Tcpip\..\Interfaces\{CCC8DD7F-B042-4E78-8CC2-F0146A6E117C}: [NameServer]213.134.128.19,213.134.128.20

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Rafal\Dane aplikacji\Mozilla\Firefox\Profiles\l4pdi90o.default
FF Homepage: hxxp://www.wp.pl/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @ganymede/GanymedeNetPlugin,version=1.0 - C:\Program Files\Ganymede\Plugins\npganymedenet.dll ( )
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandasecurity.com/activescan - C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Rafal\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Rafal\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Visualisateur 3D de 20-20 - C:\Documents and Settings\Rafal\Dane aplikacji\Mozilla\Firefox\Profiles\l4pdi90o.default\Extensions\2020Player_IKEA@2020Technologies.com
FF Extension: Iplex to ALLPlayer - C:\Documents and Settings\Rafal\Dane aplikacji\Mozilla\Firefox\Profiles\l4pdi90o.default\Extensions\IplextoALL@ALLPlayer.org
FF Extension: PEKAO S.A. Sign Plugin - C:\Documents and Settings\Rafal\Dane aplikacji\Mozilla\Firefox\Profiles\l4pdi90o.default\Extensions\SignPlugin@pekao.pl
FF Extension: ALLYouTubeDownloader - C:\Documents and Settings\Rafal\Dane aplikacji\Mozilla\Firefox\Profiles\l4pdi90o.default\Extensions\YouTubetoALL@ALLPlayer.org
FF Extension: IplextoALL - C:\Documents and Settings\Rafal\Dane aplikacji\Mozilla\Firefox\Profiles\l4pdi90o.default\Extensions\IplextoALL@ALLPlayer.org.xpi
FF Extension: prefs - C:\Documents and Settings\Rafal\Dane aplikacji\Mozilla\Firefox\Profiles\l4pdi90o.default\Extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}.xpi
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF Extension: z - C:\Program Files\Mozilla Firefox\extensions\{fe18a26b-6e93-ddee-055b-fb85b09dca01}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome: 
=======
CHR HomePage: hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=0459000B6A8AE885&affID=119357&tt=040713_ctrl&tsp=4934
CHR RestoreOnStartup: "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=0459000B6A8AE885&affID=119357&tt=040713_ctrl&tsp=4934"
CHR DefaultSearchURL: (Search.us) - http://search.us.com/serp?guid={86A8C5B0-CF1F-4603-A670-210DD952A3D3}&action=default_search&serpv=5&k={searchTerms}
CHR DefaultSuggestURL: (Search.us) -       "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Rafal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\28.0.1500.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Rafal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Rafal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\28.0.1500.95\pdf.dll No File
CHR Plugin: (GanymedeNet.Detector) - C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll ( )
CHR Plugin: (Imagine Plugin) - C:\Program Files\Mozilla Firefox\plugins\npImagine.dll ()
CHR Plugin: (Winamp Application Detector) - C:\Program Files\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Microsoft\u00C2\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00C2\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Documents and Settings\Rafal\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Panda ActiveScan 2.0) - C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\DOCUME~1\Rafal\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\Rafal\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\DOCUME~1\Rafal\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Rafal\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [520192 2006-05-03] ()
R2 CLPSLauncher; C:\Program Files\Common Files\Comodo\launcher_service.exe [70352 2013-11-28] (Comodo Security Solutions, Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1990464 2012-11-08] (COMODO)
R2 GeekBuddyRSP; C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe [2327248 2013-11-28] (Comodo Security Solutions, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [548864 2008-10-21] (Magix AG)
S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [3602752 2013-03-04] (RealVNC Ltd)
R2 ZuneBusEnum; C:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
S2 WinVNC4; "C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service [x]

==================== Drivers (Whitelisted) ====================

R3 ALCXSENS; C:\Windows\System32\drivers\ALCXSENS.SYS [391424 2003-12-11] (Sensaura Ltd)
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [611441 2004-02-23] (Realtek Semiconductor Corp.)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [36112 2013-05-07] (Windows (R) Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [18096 2012-11-08] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [497952 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [32640 2012-11-08] (COMODO)
S3 cmuda; C:\Windows\System32\drivers\cmuda.sys [812416 2004-01-08] (C-Media Inc)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
R3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2009-03-31] ()
R1 HMD; C:\Windows\System32\DRIVERS\hmd.sys [14272 2013-10-07] ()
R0 Inspect; C:\Windows\System32\DRIVERS\inspect.sys [99080 2012-11-08] (COMODO)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2013-11-27] (Malwarebytes Corporation)
S3 nv4; C:\Windows\System32\DRIVERS\nv4.sys [731648 2001-08-17] (NVIDIA Corporation)
R0 pavboot; C:\Windows\System32\drivers\pavboot.sys [28552 2009-06-30] (Panda Security, S.L.)
R3 RTL8023xp; C:\Windows\System32\DRIVERS\Rtlnicxp.sys [74496 2005-03-04] (Realtek Semiconductor Corporation                           )
S3 rtl8139; C:\Windows\System32\DRIVERS\R8139n51.SYS [45568 2002-06-13] (Realtek Semiconductor Corporation)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation)
R0 ViBus; C:\Windows\System32\DRIVERS\ViBus.sys [16896 2007-03-26] (VIA Technologies, Inc.)
R0 videX32; C:\Windows\System32\DRIVERS\videX32.sys [9216 2007-03-29] (VIA Technologies, Inc.)
R0 ViPrt; C:\Windows\System32\DRIVERS\ViPrt.sys [52224 2007-03-26] (VIA Technologies, Inc.)
R3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2013-03-04] (RealVNC Ltd.)
R2 zumbus; C:\Windows\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
S3 {6080A529-897E-4629-A488-ABA0C29B635E}; C:\Windows\System32\drivers\ialmsbw.sys [113504 2003-04-15] (Intel Corporation)
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}; C:\Windows\System32\drivers\ialmkchw.sys [78752 2003-04-15] (Intel Corporation)
S4 hpt3xx; No ImagePath
S4 InCDFs; system32\drivers\InCDFs.sys [x]
S1 InCDPass; system32\drivers\InCDPass.sys [x]
S1 InCDRm; system32\drivers\InCDRm.sys [x]
S4 IntelIde; No ImagePath
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-03 21:44 - 2013-12-03 21:44 - 00000000 ____D C:\FRST
2013-11-27 07:41 - 2013-11-27 08:58 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2013-11-22 18:00 - 2013-11-23 12:57 - 00012971 _____ C:\Documents and Settings\Rafal\Moje dokumenty\my.dg
2013-11-22 18:00 - 2013-11-22 18:00 - 00000000 ____D C:\Documents and Settings\Rafal\Moje dokumenty\my_monografie
2013-11-22 17:58 - 2013-11-22 17:58 - 00000000 ____D C:\Documents and Settings\Rafal\Moje dokumenty\drzewo
2013-11-22 16:45 - 2013-11-22 16:45 - 00000856 _____ C:\Documents and Settings\Rafal\Pulpit\Drzewo Genealogiczne II.lnk
2013-11-22 16:44 - 2013-11-22 16:45 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Drzewo Genealogiczne II
2013-11-22 16:44 - 2013-11-22 16:44 - 00000000 ____D C:\Program Files\Drzewo Genealogiczne II
2013-11-22 16:44 - 2013-11-22 16:44 - 00000000 ____D C:\Documents and Settings\Rafal\Dane aplikacji\pl-soft
2013-11-22 16:01 - 2013-11-22 17:54 - 00000000 ____D C:\Documents and Settings\Rafal\Pulpit\Nowy folder
2013-11-14 09:54 - 2013-11-14 09:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 09:53 - 2013-11-14 09:54 - 00009128 _____ C:\WINDOWS\KB2900986.log
2013-11-14 09:53 - 2013-11-14 09:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 09:52 - 2013-11-14 09:52 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 09:52 - 2013-11-14 09:52 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 09:45 - 2013-11-14 09:50 - 00011624 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-14 08:42 - 2013-11-14 09:55 - 00015121 _____ C:\WINDOWS\KB2868626.log
2013-11-14 08:42 - 2013-11-14 09:53 - 00014080 _____ C:\WINDOWS\KB2862152.log
2013-11-14 08:41 - 2013-11-14 09:52 - 00013721 _____ C:\WINDOWS\KB2876331.log

==================== One Month Modified Files and Folders =======

2013-12-03 21:56 - 2012-02-08 21:08 - 00001034 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-03 21:53 - 2012-11-04 00:06 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2013-12-03 21:45 - 2011-03-12 20:13 - 00000000 ____D C:\Documents and Settings\Rafal\Moje dokumenty\Pobieranie
2013-12-03 21:44 - 2013-12-03 21:44 - 00000000 ____D C:\FRST
2013-12-03 21:17 - 2013-01-12 13:44 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-03 21:17 - 2011-03-12 15:58 - 00032624 _____ C:\WINDOWS\SchedLgU.Txt
2013-12-03 21:04 - 2011-05-08 11:28 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-220523388-1085031214-725345543-1004UA.job
2013-12-03 18:02 - 2011-03-12 16:07 - 01696220 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-03 17:33 - 2011-03-12 15:44 - 00000211 _____ C:\WINDOWS\wiadebug.log
2013-12-03 08:56 - 2012-02-08 21:08 - 00001030 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-02 23:03 - 2011-05-08 11:28 - 00001080 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-220523388-1085031214-725345543-1004Core.job
2013-12-02 20:42 - 2011-03-14 16:25 - 00068096 _____ C:\Documents and Settings\Rafal\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-02 20:13 - 2011-03-17 16:29 - 00000000 ____D C:\Documents and Settings\Rafal\Ustawienia lokalne\Dane aplikacji\Adobe
2013-12-02 20:04 - 2001-10-30 13:00 - 00012598 _____ C:\WINDOWS\system32\wpa.dbl
2013-12-02 20:02 - 2011-03-12 15:44 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-12-02 20:01 - 2013-05-21 15:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallWudf01000$
2013-12-02 20:01 - 2011-03-12 15:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-02 20:00 - 2011-03-12 19:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB950762_0$
2013-12-02 14:19 - 2011-04-30 15:17 - 00000000 ____D C:\Documents and Settings\Rafal\Pulpit\rozne
2013-12-02 14:04 - 2011-04-04 13:44 - 00000000 ___RD C:\Documents and Settings\Rafal\Pulpit\MOJE
2013-12-02 14:03 - 2011-03-12 16:03 - 00000000 ____D C:\Documents and Settings\Rafal\Pulpit
2013-12-01 11:08 - 2013-09-14 08:32 - 00162497 _____ C:\WINDOWS\setupapi.log
2013-12-01 00:09 - 2011-03-12 20:11 - 00000000 ____D C:\Program Files\Steam
2013-11-30 18:16 - 2011-03-12 15:41 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit
2013-11-28 20:18 - 2013-07-26 06:11 - 00001780 _____ C:\Documents and Settings\All Users\Pulpit\GeekBuddy.lnk
2013-11-28 20:18 - 2011-03-12 15:41 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
2013-11-28 20:17 - 2013-02-06 19:21 - 00000000 ____D C:\Program Files\Common Files\Comodo
2013-11-27 08:58 - 2013-11-27 07:41 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2013-11-25 16:31 - 2011-03-15 17:08 - 00000120 _____ C:\Documents and Settings\Rafal\default.pls
2013-11-25 16:31 - 2011-03-15 17:07 - 00000116 _____ C:\WINDOWS\NeroDigital.ini
2013-11-25 16:31 - 2011-03-12 16:03 - 00000000 ____D C:\Documents and Settings\Rafal
2013-11-23 12:57 - 2013-11-22 18:00 - 00012971 _____ C:\Documents and Settings\Rafal\Moje dokumenty\my.dg
2013-11-22 18:00 - 2013-11-22 18:00 - 00000000 ____D C:\Documents and Settings\Rafal\Moje dokumenty\my_monografie
2013-11-22 18:00 - 2011-03-12 16:03 - 00000000 ___RD C:\Documents and Settings\Rafal\Moje dokumenty
2013-11-22 17:58 - 2013-11-22 17:58 - 00000000 ____D C:\Documents and Settings\Rafal\Moje dokumenty\drzewo
2013-11-22 17:54 - 2013-11-22 16:01 - 00000000 ____D C:\Documents and Settings\Rafal\Pulpit\Nowy folder
2013-11-22 16:45 - 2013-11-22 16:45 - 00000856 _____ C:\Documents and Settings\Rafal\Pulpit\Drzewo Genealogiczne II.lnk
2013-11-22 16:45 - 2013-11-22 16:44 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Drzewo Genealogiczne II
2013-11-22 16:44 - 2013-11-22 16:44 - 00000000 ____D C:\Program Files\Drzewo Genealogiczne II
2013-11-22 16:44 - 2013-11-22 16:44 - 00000000 ____D C:\Documents and Settings\Rafal\Dane aplikacji\pl-soft
2013-11-22 16:44 - 2011-03-12 16:03 - 00000000 __RHD C:\Documents and Settings\Rafal\Dane aplikacji
2013-11-22 16:44 - 2011-03-12 15:41 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy
2013-11-22 15:05 - 2011-03-12 15:41 - 00036692 _____ C:\WINDOWS\setupact.log
2013-11-20 23:21 - 2013-09-26 20:08 - 00001871 _____ C:\Documents and Settings\Rafal\Pulpit\Nowy Dokument tekstowy.txt
2013-11-20 20:04 - 2011-04-16 14:45 - 00569856 ___SH C:\Documents and Settings\Rafal\Pulpit\Thumbs.db
2013-11-15 02:17 - 2011-05-08 11:34 - 00002308 _____ C:\Documents and Settings\Rafal\Pulpit\Google Chrome.lnk
2013-11-14 20:16 - 2013-09-21 12:52 - 00131072 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2013-11-14 20:16 - 2011-03-12 16:03 - 00000292 ___SH C:\Documents and Settings\Rafal\ntuser.ini
2013-11-14 09:55 - 2013-11-14 08:42 - 00015121 _____ C:\WINDOWS\KB2868626.log
2013-11-14 09:55 - 2011-03-12 15:42 - 00996157 _____ C:\WINDOWS\ocgen.log
2013-11-14 09:55 - 2011-03-12 15:42 - 00792412 _____ C:\WINDOWS\tsoc.log
2013-11-14 09:55 - 2011-03-12 15:42 - 00579028 _____ C:\WINDOWS\comsetup.log
2013-11-14 09:55 - 2011-03-12 15:42 - 00350488 _____ C:\WINDOWS\ntdtcsetup.log
2013-11-14 09:55 - 2011-03-12 15:42 - 00325569 _____ C:\WINDOWS\iis6.log
2013-11-14 09:55 - 2011-03-12 15:42 - 00107017 _____ C:\WINDOWS\ocmsn.log
2013-11-14 09:55 - 2011-03-12 15:42 - 00103201 _____ C:\WINDOWS\msgsocm.log
2013-11-14 09:55 - 2011-03-12 15:42 - 00001393 _____ C:\WINDOWS\imsins.log
2013-11-14 09:54 - 2013-11-14 09:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 09:54 - 2013-11-14 09:53 - 00009128 _____ C:\WINDOWS\KB2900986.log
2013-11-14 09:54 - 2011-03-12 19:38 - 00265310 _____ C:\WINDOWS\updspapi.log
2013-11-14 09:54 - 2011-03-12 15:42 - 02056820 _____ C:\WINDOWS\FaxSetup.log
2013-11-14 09:54 - 2011-03-12 15:42 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-11-14 09:53 - 2013-11-14 09:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 09:53 - 2013-11-14 08:42 - 00014080 _____ C:\WINDOWS\KB2862152.log
2013-11-14 09:52 - 2013-11-14 09:52 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 09:52 - 2013-11-14 09:52 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 09:52 - 2013-11-14 08:41 - 00013721 _____ C:\WINDOWS\KB2876331.log
2013-11-14 09:50 - 2013-11-14 09:45 - 00011624 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-14 09:48 - 2011-03-12 19:58 - 00000000 ____D C:\WINDOWS\ie8updates
2013-11-14 09:44 - 2013-08-09 05:38 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-14 09:09 - 2011-03-12 17:17 - 80340640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-07 21:25 - 2011-03-12 15:42 - 01089352 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-07 21:25 - 2001-10-30 13:00 - 00490712 _____ C:\WINDOWS\system32\perfh015.dat
2013-11-07 21:25 - 2001-10-30 13:00 - 00084088 _____ C:\WINDOWS\system32\perfc015.dat

Files to move or delete:
====================
C:\Documents and Settings\Ognisko\netcache.dat


Some content of TEMP:
====================
C:\Documents and Settings\Rafal\Ustawienia lokalne\Temp\install_flashplayer11x32au_mssd_aaa_aih.exe
C:\Documents and Settings\Rafal\Ustawienia lokalne\Temp\jre-7u45-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2001-10-30 13:00] - [2008-04-14 18:21] - 1035264 ____A (Microsoft Corporation) 

C:\Windows\System32\winlogon.exe
[2001-10-30 13:00] - [2008-04-14 18:21] - 0510464 ____N (Microsoft Corporation) 

C:\Windows\System32\svchost.exe
[2001-10-30 13:00] - [2008-04-14 18:21] - 0014336 ____N (Microsoft Corporation) 

C:\Windows\System32\services.exe
[2001-10-30 13:00] - [2009-02-09 12:25] - 0111104 ____N (Microsoft Corporation) 

C:\Windows\System32\User32.dll
[2001-10-30 13:00] - [2008-04-14 18:20] - 0580096 ____N (Microsoft Corporation) 

C:\Windows\System32\userinit.exe
[2001-10-30 13:00] - [2008-04-14 18:21] - 0026624 ____N (Microsoft Corporation) 

C:\Windows\System32\Drivers\volsnap.sys
[2001-10-30 13:00] - [2008-04-14 17:01] - 0052864 ____N (Microsoft Corporation) 


==================== End Of Log ============================