REKLAMA

FRST.txt

Gameharbor.org - jak zatrzymać samoczynne uruchamianie strony?

Witam, ja również mam ten problem. Proszę o rozwiązanie i z góry dziękuję za pomoc :)


Pobierz plik - link do postu

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by komputer (administrator) on ALA on 19-09-2014 20:12:51
Running from G:\Downloads
Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 2 (X86) OS Language: Polski
Internet Explorer Version 7
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
() C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe
(Oracle Corporation) E:\bin\jqs.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) E:\iTunes\iTunesHelper.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Spotify Ltd) C:\Documents and Settings\komputer\Dane aplikacji\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Logitech, Inc.) C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe
(Logitech, Inc.) C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SkyTel] = & gt; C:\WINDOWS\SkyTel.EXE [1822720 2007-04-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] = & gt; C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [LWS] = & gt; C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-08-12] (Logitech Inc.)
HKLM\...\Run: [KernelFaultCheck] = & gt; %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [APSDaemon] = & gt; C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] = & gt; C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] = & gt; E:\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM\...\Run: [tuto4pc_pl_20] = & gt; [X]
HKLM\...\Run: [Adobe ARM] = & gt; C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [tuto4pc_pl_31] = & gt; [X]
HKLM\...\Run: [tuto4pc_pl_32] = & gt; [X]
HKLM\...\Run: [egui] = & gt; C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5110672 2013-09-12] (ESET)
HKLM\...99B7938DA9E4}\LocalServer32: [Default-wmiprvse] & lt; ==== ATTENTION!
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\Run: [Mobile Partner] = & gt; C:\Program Files\PLAY Web partner\PLAY Web partner
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\Run: [Skype] = & gt; C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\Run: [Spotify Web Helper] = & gt; C:\Documents and Settings\komputer\Dane aplikacji\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-30] (Spotify Ltd)
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\Run: [CMD] = & gt; cmd.exe /c start http://extendedunlimited.org & & exit & lt; ===== ATTENTION
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {06239ed4-2aab-11e3-9233-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {06a9ee08-2801-11e3-922f-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {0734cae3-507d-11e3-928b-001d60db5a20} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {0e12bf74-052a-11e4-93d3-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {1ab6efc9-16da-11e3-9210-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {2b06bd38-3da5-11e0-b00e-001d60db5a20} - F:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {3f881a3a-06b6-11e4-93d6-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {4127ca64-2cd4-11e3-923a-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {50995e06-1d62-11e0-aff5-001d60db5a20} - F:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {6790463c-9722-11e3-9308-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {7fef8492-3b67-11e4-9405-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {80505c00-363a-11e3-9252-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {87b77e28-2db2-11e3-923b-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {8de08fd6-6bda-11e3-92c2-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {8e01b1aa-a089-11e3-9317-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {907b5b6b-1859-11e3-9216-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {93b67cce-d2b2-11e3-936d-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {9442f03c-f14d-11e3-93bb-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {9442f03e-f14d-11e3-93bb-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {a14ea34a-a2e0-11e3-9318-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {b2746963-b8f5-11e3-933a-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {b2b54400-3aab-11e4-9404-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {d2c6f5fa-3256-11e1-b1df-001d60db5a20} - F:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {d537af6e-09d1-11e4-93d9-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {dd5fde5a-6fb2-11e3-92c3-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {e36242c6-2f3d-11e3-923d-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {f39c64d2-0a84-11e4-93da-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {f3b38f8e-b27f-11e3-9336-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {f5b6007e-0b7a-11e4-93db-001d60db5a20} - H:\AutoRun.exe
HKU\S-1-5-21-602162358-823518204-725345543-1004\...\MountPoints2: {fe6a6f72-2900-11df-aeed-001d60db5a20} - F:\AutoRun.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
SearchScopes: HKLM - {0DB1BF52-F365-DBA1-92FE-00A7CCB86533} URL = http://search.portaldosites.com/web/?utm_source=b & utm_medium=fox & from=fox & uid=WDCXWD1600JB-00GVA0_WD-WCAL91854111 & ts=0
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {D6933059-6773-4C85-8A54-13E4FA4A0E2D} URL = http://www.searchya.com/?q={searchTerms} & f=4 & a=syd72 & cd=2XzuyEtN2Y1L1QzutDtDtC0DyCtD0D0ByD0AtBtDtDyDyB0EtN0D0Tzu0SyDzytAtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu0D1F1S1C1P0P1C1F1N1C1T1H2UtF1E1I1V0S1J2U1E1P & cr=247775043 & ir=
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; E:\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; E:\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - & Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - & Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{DB059DB0-3F5A-4A6C-A77A-05246308444E}: [NameServer] 10.0.0.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\komputer\Dane aplikacji\Mozilla\Firefox\Profiles\bs8544a5.default
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - & gt; C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - & gt; E:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - & gt; C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin: @java.com/DTPlugin,version=10.25.2 - & gt; C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - & gt; E:\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - & gt; C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - & gt; C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-03-09]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-02-03]
FF Extension: No Name - C:\Documents and Settings\komputer\Moje dokumenty\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR CustomProfile: C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default
CHR Extension: (Show the YouTube Channel bar or the name.) - C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-01-01]
CHR Extension: (YouTube) - C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-01]
CHR Extension: (Archive Poster) - C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ceakpicibkmdilicebgddflnfbpmcpgd [2014-01-01]
CHR Extension: (Google Search) - C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-01]
CHR Extension: (Stylish) - C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-01-01]
CHR Extension: (Nice Tumblr) - C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\fpfdfdgcjljkdijjbaipabnalhakbcok [2014-01-01]
CHR Extension: (Last.fm Scrobbler) - C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\hhinaapppaileiechjoiifaancjggfjm [2014-01-06]
CHR Extension: (Hangouts) - C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-07-06]
CHR Extension: (Google Wallet) - C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-19]
CHR Extension: (Gmail) - C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-01]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx []

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

ATTENTION: = & gt; Could not perform signature verification. Cryptographic Service is not running.

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1337752 2013-09-12] (ESET)
R2 HWDeviceService.exe; C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
R2 JavaQuickStarterService; E:\bin\jqs.exe [182184 2013-08-17] (Oracle Corporation)
R2 MSSQL$INSERTGT; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29263712 2008-11-24] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45408 2008-11-24] (Microsoft Corporation)
R2 Skype C2C Service; C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3063968 2012-04-09] (Skype Technologies S.A.)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2011-08-19] (Logitech Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AtcL002; C:\WINDOWS\System32\DRIVERS\atl02_xp.sys [28416 2006-10-31] (Attansic Technology corporation.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [42272 2014-05-02] (AVG Technologies)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-03] (Microsoft Corporation)
R1 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [184664 2013-09-17] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [118768 2013-09-17] (ESET)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-10-29] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-10-29] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-10-29] (HP)
R3 huawei_cdcacm; C:\WINDOWS\System32\DRIVERS\ew_jucdcacm.sys [89856 2011-09-09] (Huawei Technologies Co., Ltd.)
R3 huawei_cdcecm; C:\WINDOWS\System32\DRIVERS\ew_jucdcecm.sys [66688 2011-09-09] (Huawei Technologies Co., Ltd.)
R3 huawei_ext_ctrl; C:\WINDOWS\System32\DRIVERS\ew_juextctrl.sys [26624 2011-09-09] (Huawei Technologies Co., Ltd.)
R3 mf; C:\WINDOWS\System32\DRIVERS\mf.sys [63744 2006-03-02] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-03] (Microsoft Corporation)
R1 NmPar; C:\WINDOWS\System32\DRIVERS\NmPar.sys [76416 2006-10-11] (Windows (R) 2000 DDK provider)
R2 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [11376 2008-08-14] ()
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [239488 2011-10-24] (Huawei Technologies Co., Ltd.)
S4 IntelIde; No ImagePath
S3 qfzzxkas; \??\C:\WINDOWS\system32\02.tmp [X]
S3 tnznc; \??\C:\WINDOWS\system32\01.tmp [X]
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

NETSVC: wrqvpgnum - & gt; No Registry Path.

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 20:12 - 2014-09-19 20:12 - 00000000 ____D () C:\FRST
2014-09-17 09:27 - 2014-09-17 09:29 - 00032297 _____ () C:\WINDOWS\setupapi.log
2014-09-17 09:27 - 2014-09-17 09:28 - 00004966 _____ () C:\WINDOWS\setupact.log
2014-09-17 09:27 - 2014-09-17 09:27 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-09-15 08:16 - 2014-09-19 20:08 - 00006514 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-14 22:40 - 2014-09-19 20:07 - 00009153 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-14 18:20 - 2014-09-14 18:20 - 00000682 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
2014-09-14 18:20 - 2014-09-14 18:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-14 18:20 - 2014-09-14 18:20 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
2014-09-13 18:41 - 2011-10-24 16:31 - 00239488 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbnet.sys
2014-09-13 18:41 - 2011-09-09 11:50 - 00089856 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcacm.sys
2014-09-13 18:41 - 2011-09-09 11:50 - 00073984 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys
2014-09-13 18:41 - 2011-09-09 11:50 - 00066688 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcecm.sys
2014-09-13 18:41 - 2011-09-09 11:50 - 00026624 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juextctrl.sys
2014-09-13 18:41 - 2011-08-16 17:17 - 00195200 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbmdm.sys
2014-09-13 18:41 - 2010-10-08 16:55 - 00025856 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\system32\Drivers\ewdcsc.sys
2014-09-13 18:41 - 2010-09-26 18:09 - 00019200 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwupgrade.sys
2014-09-13 18:41 - 2010-08-06 07:42 - 00861696 _____ (DiBcom SA) C:\WINDOWS\system32\Drivers\mod7700.sys
2014-09-13 18:41 - 2010-07-27 09:52 - 00102784 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwusbdev.sys
2014-09-13 18:41 - 2010-03-20 12:06 - 00011136 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbenumfilter.sys
2014-09-13 18:41 - 2005-05-13 16:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccid.sys
2014-09-09 22:17 - 2014-09-10 15:02 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Package Cache
2014-09-07 21:24 - 2014-09-07 21:35 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\Origin
2014-09-07 21:08 - 2014-09-13 23:43 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Origin
2014-09-07 21:04 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2014-09-07 21:04 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2014-09-07 21:04 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2014-09-07 21:04 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2014-09-07 21:04 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2014-09-07 21:04 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2014-09-07 21:04 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2014-09-04 13:33 - 2014-09-06 22:38 - 00000000 ____D () C:\Documents and Settings\komputer\Pulpit\random
2014-08-30 18:32 - 2014-08-30 18:32 - 00000000 ____D () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Spotify
2014-08-30 18:31 - 2014-08-30 18:37 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\Spotify
2014-08-30 18:31 - 2014-08-30 18:31 - 00001867 _____ () C:\Documents and Settings\komputer\Menu Start\Programy\Spotify.lnk
2014-08-30 18:31 - 2014-08-30 18:31 - 00001861 _____ () C:\Documents and Settings\komputer\Pulpit\Spotify.lnk
2014-08-28 16:16 - 2014-09-14 18:15 - 00001919 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
2014-08-28 16:16 - 2014-08-28 16:16 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome
2014-08-28 16:14 - 2014-08-28 16:14 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-25 16:44 - 2014-08-25 16:44 - 00000676 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\e-Deklaracje.lnk
2014-08-25 16:44 - 2014-08-25 16:44 - 00000670 _____ () C:\Documents and Settings\All Users\Pulpit\e-Deklaracje.lnk
2014-08-25 16:44 - 2014-08-25 16:44 - 00000000 ____D () C:\Program Files\e-Deklaracje

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 20:13 - 2008-07-15 14:23 - 00000000 ____D () C:\Documents and Settings\komputer\Ustawienia lokalne\Temp
2014-09-19 20:12 - 2014-09-19 20:12 - 00000000 ____D () C:\FRST
2014-09-19 20:08 - 2014-09-15 08:16 - 00006514 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-19 20:08 - 2008-07-15 16:14 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-09-19 20:08 - 2008-07-15 16:14 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-09-19 20:08 - 2008-07-15 14:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-19 20:07 - 2014-09-14 22:40 - 00009153 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-19 20:07 - 2014-01-09 18:23 - 00000000 ____D () C:\AdwCleaner
2014-09-19 20:07 - 2008-07-15 14:24 - 00000188 ___SH () C:\Documents and Settings\komputer\ntuser.ini
2014-09-19 08:33 - 2006-03-02 14:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-09-17 09:29 - 2014-09-17 09:27 - 00032297 _____ () C:\WINDOWS\setupapi.log
2014-09-17 09:28 - 2014-09-17 09:27 - 00004966 _____ () C:\WINDOWS\setupact.log
2014-09-17 09:27 - 2014-09-17 09:27 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-09-14 18:23 - 2014-06-03 22:05 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\BitTorrent
2014-09-14 18:23 - 2011-05-21 18:54 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\Media Player Classic
2014-09-14 18:23 - 2010-05-21 17:00 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\Skype
2014-09-14 18:22 - 2010-01-08 13:28 - 00000000 ____D () C:\WINDOWS\Minidump
2014-09-14 18:22 - 2008-07-15 14:23 - 00000000 ____D () C:\Documents and Settings\komputer
2014-09-14 18:20 - 2014-09-14 18:20 - 00000682 _____ () C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk
2014-09-14 18:20 - 2014-09-14 18:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-14 18:20 - 2014-09-14 18:20 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
2014-09-14 18:20 - 2008-07-15 16:12 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2014-09-14 18:20 - 2008-07-15 16:12 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy
2014-09-14 18:15 - 2014-08-28 16:16 - 00001919 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
2014-09-13 23:43 - 2014-09-07 21:08 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Origin
2014-09-13 23:43 - 2008-07-15 16:12 - 00000000 __RHD () C:\Documents and Settings\All Users\Dane aplikacji
2014-09-13 23:43 - 2008-07-15 14:23 - 00000000 ___HD () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji
2014-09-13 00:34 - 2008-07-15 14:23 - 00000000 ____D () C:\Documents and Settings\komputer\Pulpit
2014-09-13 00:23 - 2013-10-01 09:37 - 00000000 ____D () C:\Documents and Settings\komputer\Moje dokumenty\Moje obrazy
2014-09-11 20:57 - 2011-04-24 20:49 - 00000000 ____D () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Last.fm
2014-09-10 15:02 - 2014-09-09 22:17 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Package Cache
2014-09-07 21:35 - 2014-09-07 21:24 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\Origin
2014-09-07 21:04 - 2008-07-15 14:18 - 00000000 ____D () C:\WINDOWS\system32\DirectX
2014-09-07 08:13 - 2008-07-15 14:18 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-09-06 22:38 - 2014-09-04 13:33 - 00000000 ____D () C:\Documents and Settings\komputer\Pulpit\random
2014-09-04 13:32 - 2014-03-23 15:43 - 00000000 ____D () C:\Documents and Settings\komputer\Pulpit\zdj
2014-09-03 21:54 - 2013-11-25 18:31 - 00462848 ___SH () C:\Documents and Settings\komputer\Pulpit\Thumbs.db
2014-09-01 22:08 - 2008-07-16 12:33 - 00000000 ____D () C:\SPR
2014-08-30 18:37 - 2014-08-30 18:31 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\Spotify
2014-08-30 18:32 - 2014-08-30 18:32 - 00000000 ____D () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Spotify
2014-08-30 18:31 - 2014-08-30 18:31 - 00001867 _____ () C:\Documents and Settings\komputer\Menu Start\Programy\Spotify.lnk
2014-08-30 18:31 - 2014-08-30 18:31 - 00001861 _____ () C:\Documents and Settings\komputer\Pulpit\Spotify.lnk
2014-08-30 18:31 - 2008-07-15 14:23 - 00000000 __RHD () C:\Documents and Settings\komputer\Dane aplikacji
2014-08-30 18:31 - 2008-07-15 14:23 - 00000000 ___RD () C:\Documents and Settings\komputer\Menu Start\Programy
2014-08-28 16:16 - 2014-08-28 16:16 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome
2014-08-28 16:15 - 2013-08-15 18:58 - 00000000 ____D () C:\Program Files\Google
2014-08-28 16:14 - 2014-08-28 16:14 - 00001036 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 16:14 - 2014-04-19 16:36 - 00000000 ____D () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Deployment
2014-08-26 14:52 - 2013-10-01 09:34 - 00000000 ____D () C:\Documents and Settings\komputer\Moje dokumenty
2014-08-25 16:45 - 2013-08-28 21:35 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2014-08-25 16:44 - 2014-08-25 16:44 - 00000676 _____ () C:\Documents and Settings\All Users\Menu Start\Programy\e-Deklaracje.lnk
2014-08-25 16:44 - 2014-08-25 16:44 - 00000670 _____ () C:\Documents and Settings\All Users\Pulpit\e-Deklaracje.lnk
2014-08-25 16:44 - 2014-08-25 16:44 - 00000000 ____D () C:\Program Files\e-Deklaracje
2014-08-25 16:44 - 2013-08-28 21:35 - 00000000 ____D () C:\Documents and Settings\komputer\Ustawienia lokalne\Dane aplikacji\Adobe
2014-08-25 16:44 - 2013-08-28 21:35 - 00000000 ____D () C:\Documents and Settings\komputer\Dane aplikacji\Adobe

Some content of TEMP:
====================
C:\Documents and Settings\komputer\Ustawienia lokalne\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe
[2006-03-02 14:00] - [2006-03-02 14:00] - 1033728 ____A (Microsoft Corporation) 379098a96e6c165b659de7e4328010ea

C:\WINDOWS\system32\winlogon.exe
[2006-03-02 14:00] - [2006-03-02 14:00] - 0504832 ____A (Microsoft Corporation) 0344407089b08548d4feba62bb0f32d0

C:\WINDOWS\system32\svchost.exe
[2006-03-02 14:00] - [2006-03-02 14:00] - 0014336 ____A (Microsoft Corporation) ba98327e90022dbd6ee76490e0622e2e

C:\WINDOWS\system32\services.exe
[2006-03-02 14:00] - [2009-02-09 12:10] - 0111104 ____A (Microsoft Corporation) ed4e5391100287b9eabf8f2cf4b42235

C:\WINDOWS\system32\User32.dll
[2006-03-02 14:00] - [2005-03-02 20:18] - 0578560 ____A (Microsoft Corporation) b7eeb1a1af740306049241ddf61f21ff

C:\WINDOWS\system32\userinit.exe
[2006-03-02 14:00] - [2006-03-02 14:00] - 0025088 ____A (Microsoft Corporation) bd768099b4c44aa631728cb74eb54396

C:\WINDOWS\system32\rpcss.dll
[2006-03-02 14:00] - [2009-02-09 12:22] - 0399360 ____A (Microsoft Corporation) b5d78596effbeb82f3b86d9a002538e1

ATTENTION ====== & gt; If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2006-03-02 14:00] - [2006-03-02 14:00] - 0052864 ___AC (Microsoft Corporation) ecd173739b8ec10a814cc18653df5a36


==================== End Of Log ============================