FRST.txt

Zablokowane antywirusy (avast) - zasady ograniczeń oprogramowania

AdwCleaner - zrobiłem Scan & Fix i nic nie pomogło. Malwarebytes Anti-Malware mam już zainstalowany i nie mogę go uruchomić prawdopodobnie z dokładnie tego samego powodu co nie mogę uruchomić Avasta - wyskakuje dokładnie taki sam komunikat jak ten, który podałem w pierwszym poście. Załączam logi z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-09-2014
Ran by Adam (administrator) on KOWALSKA-94F961 on 25-09-2014 14:46:29
Running from D:\Documents and Settings\Adam\Pulpit
Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Nero AG) D:\Program Files\Ahead\InCD\InCDsrv.exe
(Sygate Technologies, Inc.) D:\Program Files\Sygate\SPF\Smc.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Ellora Assets Corp.) D:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
(Oracle Corporation) D:\Program Files\Java\jre7\bin\jqs.exe
(NVIDIA Corporation) D:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Cyberlink Corp.) D:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
(Nero AG) D:\Program Files\Ahead\InCD\InCD.exe
(THOMSON Telecom Belgium) D:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe
(Realtek Semiconductor Corp.) D:\WINDOWS\soundman.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) D:\WINDOWS\system32\rundll32.exe
(iSkySoft) D:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
(Wondershare) D:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Microsoft Corporation) D:\WINDOWS\system32\rundll32.exe
() D:\WINDOWS\system32\C2MP\UpdateChecker.exe
(Microsoft Corporation) D:\WINDOWS\system32\wscntfy.exe
(Mozilla Corporation) D:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) D:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [zzGBK] = & gt; F:\setup.exe
HKLM\...\Run: [RemoteControl] = & gt; D:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [32768 2003-12-08] (Cyberlink Corp.)
HKLM\...\Run: [InCD] = & gt; D:\Program Files\Ahead\InCD\InCD.exe [1397760 2005-07-08] (Nero AG)
HKLM\...\Run: [NeroFilterCheck] = & gt; D:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [SpeedTouch USB Diagnostics] = & gt; D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [866816 2004-01-26] (THOMSON Telecom Belgium)
HKLM\...\Run: [SmcService] = & gt; D:\Program Files\Sygate\SPF\Smc.exe [2577632 2004-10-15] (Sygate Technologies, Inc.)
HKLM\...\Run: [SoundMan] = & gt; D:\WINDOWS\SOUNDMAN.EXE [577536 2007-04-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Nvtmru] = & gt; D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] = & gt; RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NvCplDaemon] = & gt; RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] = & gt; D:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2586912 2013-06-21] ()
HKLM\...\Run: [SunJavaUpdateSched] = & gt; D:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] = & gt; D:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-16] (AVAST Software)
HKLM\...\Run: [iSkysoft Helper Compact.exe] = & gt; D:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [1734144 2013-05-29] (iSkySoft)
HKLM\...\Run: [BrowserPlugInHelper] = & gt; D:\Program Files\Wondershare\AllMyTube\BrowserPlugInHelper.exe
HKLM\...\Run: [Wondershare Helper Compact.exe] = & gt; D:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM\...\Run: [DelaypluginInstall] = & gt; D:\Documents and Settings\All Users\Dane aplikacji\Wondershare\Player\DelayPluginI.exe
HKLM Group Policy restriction on software: D:\Program Files\Malwarebytes' Anti-Malware & lt; ====== ATTENTION
HKLM Group Policy restriction on software: D:\Program Files\AVAST Software & lt; ====== ATTENTION
HKU\S-1-5-21-1715567821-651377827-1801674531-1003\...\Run: [ALLUpdate] = & gt; " D:\Program Files\ALLPlayer\ALLUpdate.exe " " sleep "
HKU\S-1-5-21-1715567821-651377827-1801674531-1003\...\Run: [D:/Program Files/Media Freeware/Free Youtube Downloader/Free Youtube Downloader.exe] = & gt; D:\Program Files\Media Freeware\Free Youtube Downloader\Free Youtube Downloader.exe
HKU\S-1-5-21-1715567821-651377827-1801674531-1003\...\Run: [OgfaJveka] = & gt; regsvr32.exe " D:\Documents and Settings\All Users\Dane aplikacji\OgfaJveka\OgfaJveka.dat "
Startup: D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk - & gt; D:\WINDOWS\system32\C2MP\UpdateChecker.exe ()
Startup: D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Remote Controller.lnk
ShortcutTarget: Remote Controller.lnk - & gt; D:\Program Files\PV-CX881PL+\TVRMVCR.EXE (No File)
Startup: D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\TVSCHL.lnk
ShortcutTarget: TVSCHL.lnk - & gt; D:\Program Files\PV-CX881PL+\TVSCHL.EXE (No File)
ShellIconOverlayIdentifiers: 00avast - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; D:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie & ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://szukaj.wp.pl
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - URL http://startsear.ch/?aff=10 & src=sp & cf=708e7f18-6526-11e1-863f-000e50b0894f & q={searchTerms}
SearchScopes: HKCU - URL http://startsear.ch/?aff=10 & src=sp & cf=708e7f18-6526-11e1-863f-000e50b0894f & q={searchTerms}
SearchScopes: HKCU - {271A8471-9129-4417-9C23-CE6A39D69F38} URL = http://search.yahoo.com/search?fr=chr-greentree_ie & ei=utf-8 & ilc=12 & type=407453 & p={searchTerms}
SearchScopes: HKCU - {959D1EA4-106E-4614-9CA6-896B71E74385} URL = http://www.mysearchresults.com/search?c=8004 & t=11 & q={searchTerms}
BHO: No Name - & gt; {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - & gt; No File
BHO: SavevidComponent Class - & gt; {25EB66FC-03A7-40AA-A073-EAAF723CDD90} - & gt; D:\Program Files\Savevid\SavevidActiveX.dll (Bandoo Media Inc.)
BHO: Java(tm) Plug-In SSV Helper - & gt; {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - & gt; D:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - & gt; {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - & gt; D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - & gt; {AA58ED58-01DD-4d91-8333-CF10577473F7} - & gt; D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll No File
BHO: Google Toolbar Notifier BHO - & gt; {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - & gt; D:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - & gt; {DBC80044-A445-435b-BC74-9C25C1C588A9} - & gt; D:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll No File
Toolbar: HKCU - & Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - D:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - & Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - D:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll No File
Toolbar: HKCU - No Name - {53504356-3700-A76A-76A7-7A786E7484D7} - No File
DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1391849302984
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: WSIEChrome - No CLSID Value -
Tcpip\..\Interfaces\{973F2DAF-F723-4ACE-9186-3E275E7F50DC}: [NameServer] 194.204.152.34 194.204.159.1

FireFox:
========
FF ProfilePath: D:\Documents and Settings\Adam\Dane aplikacji\Mozilla\Firefox\Profiles\v5tlqgsl.default
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1 & ei=utf-8 & ilc=12 & type=407453 & p=
FF Plugin: @adobe.com/FlashPlayer - & gt; D:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - & gt; D:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - & gt; D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - & gt; D:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer - & gt; D:\Program Files\TVUPlayer\npTVUAx.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - & gt; D:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 - & gt; D:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKCU: @acestream.net/acestreamplugin,version=2.2.10-next - & gt; D:\Documents and Settings\Adam\Dane aplikacji\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\npffvsharetvplg.dll (vShare.tv)
FF Extension: IE Tab + - D:\Documents and Settings\Adam\Dane aplikacji\Mozilla\Firefox\Profiles\v5tlqgsl.default\Extensions\coralietab@mozdev.org [2012-02-29]
FF Extension: United States English Spellchecker - D:\Documents and Settings\Adam\Dane aplikacji\Mozilla\Firefox\Profiles\v5tlqgsl.default\Extensions\en-US@dictionaries.addons.mozilla.org [2014-05-28]
FF Extension: Complete YouTube Saver - D:\Documents and Settings\Adam\Dane aplikacji\Mozilla\Firefox\Profiles\v5tlqgsl.default\Extensions\{AF445D67-154C-4c69-A17B-7F392BCC36A3} [2014-07-31]
FF Extension: Default Full Zoom Level - D:\Documents and Settings\Adam\Dane aplikacji\Mozilla\Firefox\Profiles\v5tlqgsl.default\Extensions\{D9A7CBEC-DE1A-444f-A092-844461596C4D} [2014-08-30]
FF Extension: dlWrzuta - D:\Documents and Settings\Adam\Dane aplikacji\Mozilla\Firefox\Profiles\v5tlqgsl.default\Extensions\dlwrzuta@helpstudent.pl.xpi [2013-10-20]
FF Extension: FlashGot - D:\Documents and Settings\Adam\Dane aplikacji\Mozilla\Firefox\Profiles\v5tlqgsl.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2013-10-24]
FF Extension: Vine Video Download - D:\Documents and Settings\Adam\Dane aplikacji\Mozilla\Firefox\Profiles\v5tlqgsl.default\Extensions\{776f38cb-6255-4b92-b5cf-e5c71ff2b688}.xpi [2014-09-20]
FF Extension: Easy Youtube Video Downloader Express - D:\Documents and Settings\Adam\Dane aplikacji\Mozilla\Firefox\Profiles\v5tlqgsl.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2014-04-02]
FF Extension: Download YouTube Videos as MP4 - D:\Documents and Settings\Adam\Dane aplikacji\Mozilla\Firefox\Profiles\v5tlqgsl.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2013-10-18]
FF Extension: Greasemonkey - D:\Documents and Settings\Adam\Dane aplikacji\Mozilla\Firefox\Profiles\v5tlqgsl.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-11-03]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - D:\Program Files\AVAST Software\Avast\WebRep\FF [2012-02-28]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - D:\Documents and Settings\All Users\Dane aplikacji\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - D:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - D:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-08-11]
FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - D:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - D:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-08-11]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-06]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-06] (AVAST Software)
R2 FreemakeVideoCapture; D:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-08-11] (Ellora Assets Corp.) [File not signed]
R2 InCDsrv; D:\Program Files\Ahead\InCD\InCDsrv.exe [871424 2005-07-08] (Nero AG) [File not signed]
R2 JavaQuickStarterService; D:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
R2 SmcService; D:\Program Files\Sygate\SPF\smc.exe [2577632 2004-10-15] (Sygate Technologies, Inc.)
S2 gupdate; " D:\Program Files\Google\Update\GoogleUpdate.exe " /svc [X]
S3 gupdatem; " D:\Program Files\Google\Update\GoogleUpdate.exe " /medsvc [X]
S3 gusvc; " D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe " [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 alcan5wn; D:\WINDOWS\System32\DRIVERS\alcan5wn.sys [53600 2003-12-08] (THOMSON)
R3 alcaudsl; D:\WINDOWS\System32\DRIVERS\alcaudsl.sys [70688 2003-12-08] (THOMSON)
R3 ALCXWDM; D:\WINDOWS\System32\drivers\ALCXWDM.SYS [4122368 2008-09-24] (Realtek Semiconductor Corp.)
R2 aswHwid; D:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-07-06] ()
R2 aswMonFlt; D:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-07-06] (AVAST Software)
R1 AswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-07-06] (AVAST Software)
R0 aswRvrt; D:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-07-06] ()
R1 aswSnx; D:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-07-06] (AVAST Software)
R1 aswSP; D:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-09-16] (AVAST Software)
R1 aswTdi; D:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-07-06] (AVAST Software)
R0 aswVmm; D:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-07-06] ()
S3 CCDECODE; D:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R2 CX23880; D:\WINDOWS\System32\drivers\cx88vid.sys [176600 2003-07-09] (TelSignal Co., Ltd.) [File not signed]
R2 CX88XBAR; D:\WINDOWS\System32\drivers\CX88XBAR.sys [11625 2003-07-08] (TelSignal Co., Ltd.) [File not signed]
R2 CXTUNE; D:\WINDOWS\System32\drivers\CX88TUNE.sys [30586 2003-07-08] (TelSignal Co., Ltd.) [File not signed]
R4 InCDfs; D:\WINDOWS\system32\Drivers\InCDfs.sys [99584 2005-07-08] (Nero AG) [File not signed]
R1 InCDPass; D:\WINDOWS\System32\DRIVERS\InCDPass.sys [29696 2005-07-08] (Nero AG) [File not signed]
U1 InCDrec; D:\WINDOWS\system32\Drivers\InCDrec.sys [8704 2005-07-08] (Nero AG) [File not signed]
R1 incdrm; D:\WINDOWS\system32\Drivers\incdrm.sys [28672 2005-07-08] (Nero AG) [File not signed]
S3 NdisIP; D:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R2 npf; D:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 NVENETFD; D:\WINDOWS\System32\DRIVERS\NVENETFD.sys [33536 2005-04-05] (NVIDIA Corporation)
R3 nvnetbus; D:\WINDOWS\System32\DRIVERS\nvnetbus.sys [12928 2005-04-05] (NVIDIA Corporation)
R3 pfc; D:\WINDOWS\System32\drivers\pfc.sys [10368 2003-12-05] (Padus, Inc.) [File not signed]
R1 SCDEmu; D:\WINDOWS\system32\Drivers\SCDEmu.sys [112096 2012-02-09] (Power Software Ltd)
S3 SONYPVU1; D:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R0 Teefer; D:\WINDOWS\System32\Drivers\Teefer.sys [60496 2004-10-15] (Sygate Technologies, Inc.) [File not signed]
R2 wg3n; D:\WINDOWS\SYSTEM32\Drivers\wg3n.sys [14568 2004-10-15] (Sygate Technologies, Inc.)
R2 wg4n; D:\WINDOWS\SYSTEM32\Drivers\wg4n.sys [14568 2004-10-15] (Sygate Technologies, Inc.)
R2 wg5n; D:\WINDOWS\SYSTEM32\Drivers\wg5n.sys [14568 2004-10-15] (Sygate Technologies, Inc.)
R2 wg6n; D:\WINDOWS\SYSTEM32\Drivers\wg6n.sys [14568 2004-10-15] (Sygate Technologies, Inc.)
R1 wpsdrvnt; D:\WINDOWS\system32\drivers\wpsdrvnt.sys [21075 2004-10-15] (Sygate Technologies, Inc.) [File not signed]
S3 esgiguard; \??\D:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S4 IntelIde; No ImagePath
S2 S; D [X]
U5 ScsiPort; D:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S4 vsdatant; [X]
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 14:46 - 2014-09-25 14:46 - 00018212 _____ () D:\Documents and Settings\Adam\Pulpit\FRST.txt
2014-09-25 14:43 - 2014-09-25 14:46 - 00000000 ____D () D:\FRST
2014-09-25 14:42 - 2014-09-25 14:42 - 01098240 _____ (Farbar) D:\Documents and Settings\Adam\Pulpit\FRST.exe
2014-09-25 14:17 - 2014-09-25 14:21 - 00000000 ____D () D:\AdwCleaner
2014-09-25 14:13 - 2014-09-25 14:16 - 17292208 _____ (Malwarebytes Corporation ) D:\Documents and Settings\Adam\Pulpit\mbam-setup.exe
2014-09-25 14:10 - 2014-09-25 14:10 - 01373475 _____ () D:\Documents and Settings\Adam\Pulpit\adwcleaner_3.310.exe
2014-09-25 12:07 - 2014-09-25 12:08 - 00001085 _____ () D:\Documents and Settings\Adam\Pulpit\Post.txt
2014-09-20 02:35 - 2014-09-20 02:35 - 00000000 ____D () D:\Program Files\Mozilla Firefox
2014-09-16 12:27 - 2014-09-16 12:27 - 00000074 _____ () D:\Documents and Settings\Adam\Dane aplikacji\mbam.context.scan
2014-09-10 06:40 - 2014-09-10 06:40 - 00000000 ____D () D:\Documents and Settings\Adam\Moje dokumenty\CyberLink
2014-09-01 16:53 - 2014-09-01 16:53 - 00001987 _____ () D:\Documents and Settings\Adam\Pulpit\Ace Player.lnk
2014-09-01 16:53 - 2014-09-01 16:53 - 00000000 ____D () D:\Documents and Settings\Adam\Menu Start\Programy\Ace Stream Media

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 14:46 - 2014-09-25 14:46 - 00018212 _____ () D:\Documents and Settings\Adam\Pulpit\FRST.txt
2014-09-25 14:46 - 2014-09-25 14:43 - 00000000 ____D () D:\FRST
2014-09-25 14:46 - 2012-02-28 14:57 - 00000000 ____D () D:\Documents and Settings\Adam\Ustawienia lokalne\Temp
2014-09-25 14:46 - 2012-02-28 14:57 - 00000000 ____D () D:\Documents and Settings\Adam\Pulpit
2014-09-25 14:42 - 2014-09-25 14:42 - 01098240 _____ (Farbar) D:\Documents and Settings\Adam\Pulpit\FRST.exe
2014-09-25 14:37 - 2013-06-13 18:26 - 00011904 _____ () D:\WINDOWS\system32\nvAppTimestamps
2014-09-25 14:35 - 2012-07-09 13:14 - 00000364 ____H () D:\WINDOWS\Tasks\avast! Emergency Update.job
2014-09-25 14:35 - 2012-02-28 14:48 - 01609084 _____ () D:\WINDOWS\WindowsUpdate.log
2014-09-25 14:34 - 2013-10-30 13:25 - 00000298 _____ () D:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1715567821-651377827-1801674531-1003.job
2014-09-25 14:34 - 2012-02-28 19:13 - 00001028 _____ () D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-25 14:34 - 2012-02-28 14:55 - 00000006 ____H () D:\WINDOWS\Tasks\SA.DAT
2014-09-25 14:22 - 2013-11-08 22:47 - 00131072 _____ () D:\WINDOWS\system32\config\CaptureL.evt
2014-09-25 14:22 - 2012-02-28 14:57 - 00000188 ___SH () D:\Documents and Settings\Adam\ntuser.ini
2014-09-25 14:22 - 2012-02-28 14:55 - 00032078 _____ () D:\WINDOWS\SchedLgU.Txt
2014-09-25 14:21 - 2014-09-25 14:17 - 00000000 ____D () D:\AdwCleaner
2014-09-25 14:21 - 2012-02-28 17:15 - 00000188 ___SH () D:\Documents and Settings\UpdatusUser\ntuser.ini
2014-09-25 14:21 - 2012-02-28 15:33 - 00000000 __RHD () D:\Documents and Settings\All Users\Dane aplikacji
2014-09-25 14:21 - 2012-02-28 14:57 - 00000000 __RHD () D:\Documents and Settings\Adam\Dane aplikacji
2014-09-25 14:21 - 2012-02-28 14:57 - 00000000 ___RD () D:\Documents and Settings\Adam\Menu Start\Programy
2014-09-25 14:21 - 2012-02-28 14:57 - 00000000 ___HD () D:\Documents and Settings\Adam\Ustawienia lokalne\Dane aplikacji
2014-09-25 14:21 - 2012-02-28 14:57 - 00000000 ____D () D:\Documents and Settings\Adam
2014-09-25 14:16 - 2014-09-25 14:13 - 17292208 _____ (Malwarebytes Corporation ) D:\Documents and Settings\Adam\Pulpit\mbam-setup.exe
2014-09-25 14:10 - 2014-09-25 14:10 - 01373475 _____ () D:\Documents and Settings\Adam\Pulpit\adwcleaner_3.310.exe
2014-09-25 14:00 - 2012-02-28 17:44 - 00068608 _____ () D:\Documents and Settings\Adam\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-25 13:34 - 2012-02-28 19:13 - 00001032 _____ () D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-25 12:24 - 2013-10-30 13:24 - 00000324 _____ () D:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1715567821-651377827-1801674531-1003.job
2014-09-25 12:08 - 2014-09-25 12:07 - 00001085 _____ () D:\Documents and Settings\Adam\Pulpit\Post.txt
2014-09-25 11:09 - 2012-06-28 13:54 - 00000484 ____H () D:\WINDOWS\Tasks\User_Feed_Synchronization-{0C4599E6-1406-4EDA-B198-08AA746E4A5C}.job
2014-09-25 11:04 - 2001-07-22 00:17 - 00002206 _____ () D:\WINDOWS\system32\wpa.dbl
2014-09-23 22:31 - 2012-02-28 17:15 - 00000000 ____D () D:\Documents and Settings\UpdatusUser\Ustawienia lokalne\Temp
2014-09-23 21:52 - 2013-09-01 17:34 - 00000000 ___HD () D:\_acestream_cache_
2014-09-23 21:52 - 2013-09-01 15:54 - 00000000 ____D () D:\Documents and Settings\Adam\Dane aplikacji\.ACEStream
2014-09-20 23:43 - 2012-12-14 00:29 - 00000000 ____D () D:\Documents and Settings\Adam\Dane aplikacji\uTorrent
2014-09-20 16:47 - 2013-04-30 05:12 - 00000000 ____D () D:\Program Files\Mozilla Maintenance Service
2014-09-20 02:35 - 2014-09-20 02:35 - 00000000 ____D () D:\Program Files\Mozilla Firefox
2014-09-20 00:59 - 2014-07-09 04:49 - 00701104 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerApp.exe
2014-09-20 00:59 - 2014-07-09 04:49 - 00071344 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-09-16 12:27 - 2014-09-16 12:27 - 00000074 _____ () D:\Documents and Settings\Adam\Dane aplikacji\mbam.context.scan
2014-09-16 12:09 - 2014-03-17 02:43 - 00000188 ___SH () D:\Documents and Settings\Administrator\ntuser.ini
2014-09-16 12:04 - 2012-02-28 19:13 - 00414520 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswsp.sys
2014-09-16 12:02 - 2012-02-28 15:33 - 00000000 ____D () D:\Documents and Settings\All Users\Pulpit
2014-09-11 10:26 - 2013-08-24 01:21 - 00011975 _____ () D:\Documents and Settings\Adam\debug.log
2014-09-11 10:24 - 2012-02-28 21:37 - 00000000 ____D () D:\Documents and Settings\Adam\Dane aplikacji\ipla
2014-09-10 10:01 - 2012-02-29 04:54 - 00000000 ____D () D:\Documents and Settings\Adam\Dane aplikacji\Winamp
2014-09-10 06:40 - 2014-09-10 06:40 - 00000000 ____D () D:\Documents and Settings\Adam\Moje dokumenty\CyberLink
2014-09-10 06:40 - 2012-02-28 14:57 - 00000000 ___RD () D:\Documents and Settings\Adam\Moje dokumenty
2014-09-09 06:29 - 2014-05-30 20:55 - 00000626 _____ () D:\Documents and Settings\All Users\Pulpit\ipla.lnk
2014-09-09 06:28 - 2012-02-28 21:37 - 00000000 ____D () D:\Program Files\ipla
2014-09-09 06:28 - 2012-02-28 21:37 - 00000000 ____D () D:\Documents and Settings\All Users\Dane aplikacji\ipla
2014-09-07 02:08 - 2012-02-28 17:23 - 00000000 ____D () D:\Program Files\CyberLink DVD Solution
2014-09-07 01:39 - 2012-02-28 22:23 - 00000000 ____D () D:\Program Files\VideoLAN
2014-09-07 01:39 - 2012-02-28 15:33 - 00000000 ___RD () D:\Documents and Settings\All Users\Menu Start\Programy
2014-09-07 01:33 - 2013-09-08 09:23 - 00000000 ____D () D:\Documents and Settings\Adam\Pulpit\Foldery z Pulpitu Vol.2
2014-09-03 12:58 - 2013-10-30 13:25 - 00000306 _____ () D:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1715567821-651377827-1801674531-1003.job
2014-09-01 16:53 - 2014-09-01 16:53 - 00001987 _____ () D:\Documents and Settings\Adam\Pulpit\Ace Player.lnk
2014-09-01 16:53 - 2014-09-01 16:53 - 00000000 ____D () D:\Documents and Settings\Adam\Menu Start\Programy\Ace Stream Media
2014-09-01 16:53 - 2013-09-01 15:53 - 00000000 ____D () D:\Documents and Settings\Adam\Dane aplikacji\ACEStream
2014-09-01 16:52 - 2012-02-28 14:57 - 00000000 ___HD () D:\Documents and Settings\Adam\Ustawienia lokalne
2014-08-31 17:33 - 2014-08-23 16:39 - 00000000 ____D () D:\Program Files\SopCast
2014-08-31 17:33 - 2012-02-28 17:46 - 00000116 _____ () D:\WINDOWS\NeroDigital.ini
2014-08-27 11:03 - 2014-04-17 17:05 - 00021331 _____ () D:\Documents and Settings\Adam\Pulpit\2014 Part 2.mbl
2014-08-26 21:11 - 2014-04-02 05:34 - 00000872 _____ () D:\Documents and Settings\Adam\Pulpit\ChrisPC Free VideoTube Downloader.lnk
2014-08-26 21:11 - 2014-04-02 05:34 - 00000000 ____D () D:\Documents and Settings\All Users\Menu Start\Programy\ChrisPC Free VideoTube Downloader
2014-08-26 21:11 - 2013-10-30 14:44 - 00000000 ____D () D:\Program Files\ChrisPC Free VideoTube Downloader

Files to move or delete:
====================
D:\Documents and Settings\Adam\TempWmicBatchFile.bat


Some content of TEMP:
====================
D:\Documents and Settings\Adam\Ustawienia lokalne\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

D:\WINDOWS\explorer.exe = & gt; File is digitally signed
D:\WINDOWS\system32\winlogon.exe = & gt; File is digitally signed
D:\WINDOWS\system32\svchost.exe = & gt; File is digitally signed
D:\WINDOWS\system32\services.exe = & gt; File is digitally signed
D:\WINDOWS\system32\User32.dll = & gt; File is digitally signed
D:\WINDOWS\system32\userinit.exe = & gt; File is digitally signed
D:\WINDOWS\system32\rpcss.dll = & gt; File is digitally signed
D:\WINDOWS\system32\Drivers\volsnap.sys = & gt; File is digitally signed

==================== End Of Log ============================