FRST.txt

MSI CR500 explorer.exe w ogóle nie działa, win xp

Zrobiłem jak kazałeś, chociaż przy ponownym uruchomieniu sie po skryptach otl, lapek wieszal sie na "zamykanie systemu" wylaczylem przyciskiem zasilania i uruchomilem skrypt jeszcze raz, znowu sie zawiesil, ale log pokazuje ze wszystko ok chyba. tez go dorzuce. FRST juz dziala tez dolaczam zalaczniki.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by ppp (administrator) on USER-2A31ACAC4F on 19-09-2014 14:46:28
Running from C:\Documents and Settings\ppp\Pulpit
Platform: Microsoft Windows XP Professional Dodatek Service Pack 2 (X86) OS Language: Polski
Internet Explorer Version 6
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
() C:\Program Files\Winamp\winampa.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(BitLeader) C:\Program Files\lg_fwupdate\fwupdate.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCD.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Ares Development Group) C:\Program Files\Ares\Ares.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] = & gt; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] = & gt; nwiz.exe /install
HKLM\...\Run: [RTHDCPL] = & gt; C:\WINDOWS\RTHDCPL.EXE [17531392 2009-03-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [WinampAgent] = & gt; C:\Program Files\Winamp\winampa.exe [37888 2009-07-01] ()
HKLM\...\Run: [RemoteControl] = & gt; C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [71216 2007-03-14] (Cyberlink Corp.)
HKLM\...\Run: [LGODDFU] = & gt; C:\Program Files\lg_fwupdate\fwupdate.exe [557056 2010-07-19] (BitLeader)
HKLM\...\Run: [InCD] = & gt; C:\Program Files\Nero\Nero 7\InCD\InCD.exe [1057064 2008-02-18] (Nero AG)
HKLM\...\Run: [PCSuiteTrayApplication] = & gt; C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [227328 2007-03-23] (Nokia)
HKLM\...\Run: [Adobe Photo Downloader] = & gt; C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [57344 2005-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SecurDisc] = & gt; C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [1629480 2008-02-18] (Nero AG)
HKLM\...\Run: [ITSecMng] = & gt; C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [79232 2008-08-27] (TOSHIBA CORPORATION)
HKLM\...\Run: [Plus Internet] = & gt; C:\Program Files\Plus Internet\PlusInternetChecker.exe [645040 2012-09-28] ()
HKLM\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...99B7938DA9E4}\LocalServer32: [Default-wmiprvse] & lt; ==== ATTENTION!
HKU\.DEFAULT\...\Run: [Nokia.PCSync] = & gt; C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [1744896 2007-03-27] (Time Information Services Ltd.)
HKU\S-1-5-21-1960408961-343818398-682003330-1003\...\Run: [MSMSGS] = & gt; C:\Program Files\Messenger\msmsgs.exe [1667584 2004-08-04] (Microsoft Corporation)
HKU\S-1-5-21-1960408961-343818398-682003330-1003\...\Run: [ares] = & gt; C:\Program Files\Ares\Ares.exe [1015808 2010-10-27] (Ares Development Group)
HKU\S-1-5-21-1960408961-343818398-682003330-1003\...\Run: [Google Update] = & gt; C:\Documents and Settings\ppp\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [136176 2012-01-28] (Google Inc.)
HKU\S-1-5-21-1960408961-343818398-682003330-1003\...\Run: [LightScribe Control Panel] = & gt; C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [455968 2007-10-18] (Hewlett-Packard Company)
HKU\S-1-5-21-1960408961-343818398-682003330-1003\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-1960408961-343818398-682003330-1003\...\MountPoints2: {043d3374-6163-11e2-8f5a-406186134ebd} - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isi32.exe
HKU\S-1-5-21-1960408961-343818398-682003330-1003\...\MountPoints2: {95f6227c-7f6f-11df-8bb4-406186134ebd} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
HKU\S-1-5-21-1960408961-343818398-682003330-1003\...\MountPoints2: {963dbd64-6fa5-11e1-8e9d-406186134ebd} - F:\urDrive.exe
HKU\S-1-5-21-1960408961-343818398-682003330-1003\...\MountPoints2: {aaca9732-7bac-11e2-8f5d-406186134ebd} - F:\AutoRun.exe
HKU\S-1-5-21-1960408961-343818398-682003330-1003\...\MountPoints2: {aaca9737-7bac-11e2-8f5d-406186134ebd} - G:\AutoRun.exe
HKU\S-1-5-21-1960408961-343818398-682003330-1003\...\MountPoints2: {fb183ba6-29e6-11e4-9236-d87f1f48942e} - F:\DTLplus_Launcher.exe
AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\DataMngr\datamngr.dll = & gt; C:\Program Files\iMesh Applications\MediaBar\DataMngr\datamngr.dll [367024 2010-03-24] (iMesh, Inc)
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk - & gt; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk - & gt; C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: GGDriveOverlay1 - & gt; {E68D0A50-3C40-4712-B90D-DCFA93FF2534} = & gt; C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
ShellIconOverlayIdentifiers: GGDriveOverlay2 - & gt; {E68D0A51-3C40-4712-B90D-DCFA93FF2534} = & gt; C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
ShellIconOverlayIdentifiers: GGDriveOverlay3 - & gt; {E68D0A52-3C40-4712-B90D-DCFA93FF2534} = & gt; C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
ShellIconOverlayIdentifiers: GGDriveOverlay4 - & gt; {E68D0A53-3C40-4712-B90D-DCFA93FF2534} = & gt; C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
AlternateShell:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sklep.mieloch.pl/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie & ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie & pver=6 & ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie & ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie & ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD} & clcid={SUB_CLSID} & pver={SUB_PVER} & ar=home
BHO: AcroIEHlprObj Class - & gt; {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - & gt; C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Browser Helper - & gt; {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - & gt; C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - & Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - & Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\ppp\Dane aplikacji\Mozilla\Firefox\Profiles\gat08n3h.default
FF Homepage: hxxp://www.google.pl
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - & gt; C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - & gt; C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @java.com/DTPlugin,version=10.67.2 - & gt; C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 - & gt; C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - & gt; C:\Documents and Settings\ppp\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - & gt; C:\Documents and Settings\ppp\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\libdivx.dll (The OpenSSL Project, http://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ssldivx.dll (The OpenSSL Project, http://www.openssl.org/)
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-19]

Chrome:
=======
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\ppp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\ppp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\ppp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\37.0.2062.120\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Skype Toolbars) - C:\Documents and Settings\ppp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U12) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll (DivX,Inc.)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\ppp\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR CustomProfile: C:\Documents and Settings\ppp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Documents and Settings\ppp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-28]
CHR Extension: (Google Search) - C:\Documents and Settings\ppp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-28]
CHR Extension: (Poczta o2) - C:\Documents and Settings\ppp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kdhkhehdcicfckijbllglgdkegdnhplm [2014-04-02]
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\ppp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-03-30]
CHR Extension: (Google Wallet) - C:\Documents and Settings\ppp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-19]
CHR Extension: (Gmail) - C:\Documents and Settings\ppp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-28]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\ppp\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [1553704 2008-02-18] (Nero AG)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-09-19] (Oracle Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [292864 2007-03-26] (Nokia.) [File not signed]
R2 Skype C2C Service; C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21419 2010-01-08] (Meetinghouse Data Communications) [File not signed]
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
S3 ASNDIS5; C:\WINDOWS\system32\ASNDIS5.SYS [16269 2002-09-09] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-04] (Microsoft Corporation)
R4 InCDfs; C:\WINDOWS\System32\drivers\InCDFs.sys [118952 2008-02-18] (Nero AG)
R1 InCDPass; C:\WINDOWS\System32\drivers\InCDPass.sys [36648 2008-02-18] (Nero AG)
U1 InCDrec; C:\WINDOWS\System32\drivers\InCDRec.sys [16040 2008-02-18] (Nero AG)
R1 incdrm; C:\WINDOWS\System32\drivers\InCDRm.sys [38312 2008-02-18] (Nero AG)
S3 massfilter; C:\WINDOWS\System32\drivers\massfilter.sys [9216 2012-09-28] (MBB Incorporated)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-04] (Microsoft Corporation)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54784 2008-07-07] (NVIDIA Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [55840 2009-05-01] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2008-07-07] (NVIDIA Corporation)
S3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [722432 2009-06-30] (Ralink Technology, Corp.) [File not signed]
S3 RT73; C:\WINDOWS\System32\DRIVERS\rt73.sys [459520 2008-01-15] (Ralink Technology, Corp.) [File not signed]
R3 RT80x86; C:\WINDOWS\System32\DRIVERS\RT2860.sys [1042176 2009-08-04] (Ralink Technology, Corp.)
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2004-07-17] ()
S3 ZTEusbnet; C:\WINDOWS\System32\DRIVERS\ZTEusbnet.sys [130048 2012-09-28] (ZTE Corporation)
S3 AVPsys; \??\C:\WINDOWS\system32\drivers\cdaudio.sys [X]
S1 Cdaudio; No ImagePath
S4 IntelIde; No ImagePath
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 14:46 - 2014-09-19 14:46 - 00018077 _____ () C:\Documents and Settings\ppp\Pulpit\FRST.txt
2014-09-19 14:35 - 2014-09-19 14:35 - 00000000 ____D () C:\_OTL
2014-09-19 14:34 - 2014-09-19 14:34 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-09-19 14:34 - 2014-09-19 14:34 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Java
2014-09-19 14:34 - 2014-09-19 14:34 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Sun
2014-09-19 14:34 - 2014-09-19 14:33 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-09-19 14:34 - 2014-09-19 14:33 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-09-19 14:34 - 2014-09-19 14:33 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-09-19 14:34 - 2014-09-19 14:33 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-09-19 14:34 - 2014-09-19 14:33 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-09-19 14:33 - 2014-09-19 14:33 - 00271872 _____ (Secure By Design Inc.) C:\Documents and Settings\ppp\Pulpit\Ninite Java Installer.exe
2014-09-19 14:33 - 2014-09-19 14:33 - 00000000 ____D () C:\Program Files\Java
2014-09-19 01:09 - 2014-09-19 01:09 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-19 00:14 - 2014-09-19 00:14 - 00039664 _____ () C:\Documents and Settings\ppp\Pulpit\Extras.Txt
2014-09-19 00:13 - 2014-09-19 00:13 - 00086726 _____ () C:\Documents and Settings\ppp\Pulpit\OTL.Txt
2014-09-19 00:07 - 2014-09-19 00:07 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\ppp\Pulpit\OTL.exe
2014-09-19 00:03 - 2014-09-19 00:03 - 00100420 _____ () C:\Documents and Settings\ppp\Pulpit\bookmarks.html
2014-09-19 00:03 - 2014-09-19 00:03 - 00045048 _____ () C:\Documents and Settings\ppp\Pulpit\bookmarks-2014-09-19.json
2014-09-19 00:02 - 2014-09-19 00:02 - 00000000 ____D () C:\Documents and Settings\NetworkService\Dane aplikacji\McAfee
2014-09-18 20:30 - 2014-09-19 14:46 - 00000000 ____D () C:\FRST
2014-09-18 20:28 - 2014-09-18 20:28 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2014-09-18 20:17 - 2014-09-18 20:17 - 01097728 ____N (Farbar) C:\Documents and Settings\ppp\Pulpit\FRST.exe
2014-09-17 22:50 - 2014-09-17 22:50 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-17 22:50 - 2014-09-17 22:50 - 00000000 ____D () C:\Documents and Settings\ppp\tmp
2014-09-17 22:50 - 2014-09-17 22:50 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Adtrustmedia
2014-09-17 22:22 - 2014-09-17 22:22 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Avira
2014-09-17 20:37 - 2014-09-19 00:02 - 00011534 _____ () C:\WINDOWS\setupapi.log
2014-09-17 19:42 - 2014-09-19 14:40 - 00001829 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-17 19:31 - 2014-09-17 19:31 - 00000682 ____N () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
2014-09-17 19:19 - 2014-09-19 14:28 - 00065536 _____ () C:\WINDOWS\system32\config\COMODO I.evt
2014-09-17 19:07 - 2014-09-19 14:29 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Comodo
2014-09-16 19:03 - 2014-09-16 19:04 - 00000000 ____D () C:\Documents and Settings\ppp\Pulpit\AeroX 2008
2014-09-05 17:06 - 2014-09-05 17:11 - 00000000 ____D () C:\Documents and Settings\ppp\Pulpit\sx85
2014-08-31 20:11 - 2014-08-31 20:12 - 00000000 ____D () C:\Documents and Settings\ppp\Pulpit\Nowy folder
2014-08-31 15:51 - 2014-08-31 15:52 - 00000000 ____D () C:\Documents and Settings\ppp\Pulpit\z750
2014-08-24 08:28 - 2014-08-24 08:28 - 00000000 ____D () C:\Documents and Settings\ppp\Pulpit\megatek
2014-08-24 08:27 - 2014-08-25 15:05 - 00000000 ____D () C:\Documents and Settings\ppp\Pulpit\ktm sxf 2011

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 14:46 - 2014-09-19 14:46 - 00018077 _____ () C:\Documents and Settings\ppp\Pulpit\FRST.txt
2014-09-19 14:46 - 2014-09-18 20:30 - 00000000 ____D () C:\FRST
2014-09-19 14:46 - 2010-01-02 04:33 - 00000000 ____D () C:\Documents and Settings\ppp\Ustawienia lokalne\Temp
2014-09-19 14:46 - 2010-01-02 04:33 - 00000000 ____D () C:\Documents and Settings\ppp\Pulpit
2014-09-19 14:45 - 2010-04-06 10:33 - 00000337 _____ () C:\WINDOWS\lgfwup.ini
2014-09-19 14:45 - 2010-04-06 10:33 - 00000000 ____D () C:\Program Files\lg_fwupdate
2014-09-19 14:45 - 2010-01-01 21:51 - 00201852 _____ () C:\WINDOWS\system32\nvapps.xml
2014-09-19 14:44 - 2010-01-02 04:37 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-09-19 14:44 - 2010-01-02 04:37 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-09-19 14:44 - 2010-01-02 04:29 - 00000000 ____D () C:\WINDOWS\system32\ias
2014-09-19 14:43 - 2010-01-02 03:58 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-19 14:40 - 2014-09-17 19:42 - 00001829 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-19 14:40 - 2010-01-02 03:58 - 00032598 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-19 14:35 - 2014-09-19 14:35 - 00000000 ____D () C:\_OTL
2014-09-19 14:34 - 2014-09-19 14:34 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-09-19 14:34 - 2014-09-19 14:34 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Java
2014-09-19 14:34 - 2014-09-19 14:34 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Sun
2014-09-19 14:34 - 2010-01-02 04:34 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji
2014-09-19 14:33 - 2014-09-19 14:34 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-09-19 14:33 - 2014-09-19 14:34 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-09-19 14:33 - 2014-09-19 14:34 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-09-19 14:33 - 2014-09-19 14:34 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-09-19 14:33 - 2014-09-19 14:34 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-09-19 14:33 - 2014-09-19 14:33 - 00271872 _____ (Secure By Design Inc.) C:\Documents and Settings\ppp\Pulpit\Ninite Java Installer.exe
2014-09-19 14:33 - 2014-09-19 14:33 - 00000000 ____D () C:\Program Files\Java
2014-09-19 14:29 - 2014-09-17 19:07 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Comodo
2014-09-19 14:28 - 2014-09-17 19:19 - 00065536 _____ () C:\WINDOWS\system32\config\COMODO I.evt
2014-09-19 14:26 - 2014-04-02 15:53 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-19 14:26 - 2010-01-02 04:34 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2014-09-19 14:19 - 2012-05-29 01:08 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-19 14:19 - 2010-01-02 04:34 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
2014-09-19 14:19 - 2010-01-02 04:34 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy
2014-09-19 14:19 - 2010-01-02 04:33 - 00000000 __RHD () C:\Documents and Settings\ppp\Dane aplikacji
2014-09-19 14:18 - 2010-01-02 04:35 - 00984842 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-19 14:18 - 2001-10-26 18:15 - 00448242 _____ () C:\WINDOWS\system32\perfh015.dat
2014-09-19 14:18 - 2001-10-26 18:15 - 00074428 _____ () C:\WINDOWS\system32\perfc015.dat
2014-09-19 07:00 - 2012-01-28 00:15 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-343818398-682003330-1003UA.job
2014-09-19 01:09 - 2014-09-19 01:09 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-19 00:14 - 2014-09-19 00:14 - 00039664 _____ () C:\Documents and Settings\ppp\Pulpit\Extras.Txt
2014-09-19 00:13 - 2014-09-19 00:13 - 00086726 _____ () C:\Documents and Settings\ppp\Pulpit\OTL.Txt
2014-09-19 00:07 - 2014-09-19 00:07 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\ppp\Pulpit\OTL.exe
2014-09-19 00:03 - 2014-09-19 00:03 - 00100420 _____ () C:\Documents and Settings\ppp\Pulpit\bookmarks.html
2014-09-19 00:03 - 2014-09-19 00:03 - 00045048 _____ () C:\Documents and Settings\ppp\Pulpit\bookmarks-2014-09-19.json
2014-09-19 00:02 - 2014-09-19 00:02 - 00000000 ____D () C:\Documents and Settings\NetworkService\Dane aplikacji\McAfee
2014-09-19 00:02 - 2014-09-17 20:37 - 00011534 _____ () C:\WINDOWS\setupapi.log
2014-09-19 00:02 - 2010-01-02 03:54 - 00000000 ____D () C:\Documents and Settings\NetworkService\Dane aplikacji
2014-09-19 00:01 - 2011-02-22 00:02 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-09-18 21:07 - 2010-01-02 04:29 - 00000000 ____D () C:\WINDOWS\repair
2014-09-18 21:07 - 2010-01-02 03:49 - 00000000 ____D () C:\WINDOWS\Registration
2014-09-18 20:28 - 2014-09-18 20:28 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2014-09-18 20:17 - 2014-09-18 20:17 - 01097728 ____N (Farbar) C:\Documents and Settings\ppp\Pulpit\FRST.exe
2014-09-17 22:50 - 2014-09-17 22:50 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-17 22:50 - 2014-09-17 22:50 - 00000000 ____D () C:\Documents and Settings\ppp\tmp
2014-09-17 22:50 - 2014-09-17 22:50 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Adtrustmedia
2014-09-17 22:50 - 2010-01-07 00:06 - 00000000 ___SD () C:\Documents and Settings\ppp\UserData
2014-09-17 22:50 - 2010-01-02 04:33 - 00000000 ___HD () C:\Documents and Settings\ppp\Ustawienia lokalne\Dane aplikacji
2014-09-17 22:50 - 2010-01-02 04:33 - 00000000 ____D () C:\Documents and Settings\ppp
2014-09-17 22:50 - 2010-01-02 03:58 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-09-17 22:50 - 2010-01-02 03:58 - 00000000 ___HD () C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji
2014-09-17 22:50 - 2010-01-02 03:54 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-09-17 22:22 - 2014-09-17 22:22 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Avira
2014-09-17 22:21 - 2010-01-02 03:49 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-09-17 19:42 - 2010-01-02 04:33 - 00000292 ___SH () C:\Documents and Settings\ppp\ntuser.ini
2014-09-17 19:38 - 2010-10-11 14:47 - 00000000 ____D () C:\WINDOWS\Minidump
2014-09-17 19:38 - 2010-01-01 21:38 - 00000000 ____D () C:\Documents and Settings\ppp\Dane aplikacji\Skype
2014-09-17 19:31 - 2014-09-17 19:31 - 00000682 ____N () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
2014-09-17 19:28 - 2010-01-02 04:33 - 00000000 ___RD () C:\Documents and Settings\ppp\Menu Start
2014-09-17 19:17 - 2010-01-01 21:37 - 00002521 ____N () C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Word.lnk
2014-09-17 17:46 - 2013-02-21 00:31 - 00000000 ____D () C:\Documents and Settings\ppp\Ustawienia lokalne\Dane aplikacji\iPQ
2014-09-17 10:28 - 2010-01-02 04:33 - 00000000 ___RD () C:\Documents and Settings\ppp\Moje dokumenty
2014-09-16 19:04 - 2014-09-16 19:03 - 00000000 ____D () C:\Documents and Settings\ppp\Pulpit\AeroX 2008
2014-09-16 18:49 - 2001-07-22 00:17 - 00002206 ____N () C:\WINDOWS\system32\wpa.dbl
2014-09-10 12:27 - 2014-04-02 15:53 - 00701104 ____N (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-09-10 12:27 - 2012-03-21 21:28 - 00071344 ____N (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-09-05 17:11 - 2014-09-05 17:06 - 00000000 ____D () C:\Documents and Settings\ppp\Pulpit\sx85
2014-09-03 21:52 - 2010-01-01 21:42 - 00000000 ____D () C:\Documents and Settings\ppp\Dane aplikacji\Winamp
2014-09-03 21:44 - 2013-08-02 16:38 - 00045556 ____N () C:\Documents and Settings\ppp\Dane aplikacji\crashdump.dmp
2014-08-31 20:12 - 2014-08-31 20:11 - 00000000 ____D () C:\Documents and Settings\ppp\Pulpit\Nowy folder
2014-08-31 15:52 - 2014-08-31 15:51 - 00000000 ____D () C:\Documents and Settings\ppp\Pulpit\z750
2014-08-26 13:00 - 2012-01-28 00:15 - 00001072 ____N () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-343818398-682003330-1003Core.job
2014-08-25 15:05 - 2014-08-24 08:27 - 00000000 ____D () C:\Documents and Settings\ppp\Pulpit\ktm sxf 2011
2014-08-24 08:28 - 2014-08-24 08:28 - 00000000 ____D () C:\Documents and Settings\ppp\Pulpit\megatek

Some content of TEMP:
====================
C:\Documents and Settings\ppp\Ustawienia lokalne\Temp\contentDATs.exe
C:\Documents and Settings\ppp\Ustawienia lokalne\Temp\FP_PL_PFS_INSTALLER_32bit.exe
C:\Documents and Settings\ppp\Ustawienia lokalne\Temp\ggdrive-menu.exe
C:\Documents and Settings\ppp\Ustawienia lokalne\Temp\ggdrive-overlay.exe
C:\Documents and Settings\ppp\Ustawienia lokalne\Temp\installstats.exe
C:\Documents and Settings\ppp\Ustawienia lokalne\Temp\killproc.dll
C:\Documents and Settings\ppp\Ustawienia lokalne\Temp\Quarantine.exe
C:\Documents and Settings\ppp\Ustawienia lokalne\Temp\SecurityScan_Release.exe
C:\Documents and Settings\ppp\Ustawienia lokalne\Temp\setup_wm.exe
C:\Documents and Settings\ppp\Ustawienia lokalne\Temp\SkypeSetup.exe
C:\Documents and Settings\ppp\Ustawienia lokalne\Temp\update.exe
C:\Documents and Settings\ppp\Ustawienia lokalne\Temp\{3226FFB3-B2DF-4B3C-B6B5-98618C4D6FE3}-28.0.1500.72_27.0.1453.116_chrome_updater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe = & gt; File is digitally signed
C:\WINDOWS\system32\winlogon.exe = & gt; File is digitally signed
C:\WINDOWS\system32\svchost.exe = & gt; File is digitally signed
C:\WINDOWS\system32\services.exe = & gt; File is digitally signed
C:\WINDOWS\system32\User32.dll = & gt; File is digitally signed
C:\WINDOWS\system32\userinit.exe = & gt; File is digitally signed
C:\WINDOWS\system32\rpcss.dll = & gt; File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys = & gt; File is digitally signed

==================== End Of Log ============================