FRST.txt

Solution Real usunięcie - kilka komputerów - logi z FRST.

Bardzo dziękuję, wszystko ok. Daję następne logi z następnego komputera. :)

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-03-2015
Ran by DOM (administrator) on BOL-058CFED9809 on 05-03-2015 10:00:30
Running from C:\Documents and Settings\DOM\Pulpit
Loaded Profiles: DOM (Available profiles: DOM)
Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski
Internet Explorer Version 7 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Broadcom Corporation) C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
(Microsoft Corporation) C:\WINDOWS\system\svchost.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Flexera Software, Inc.) C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet\Connect\11\ISUSPM.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(BVRP Software) C:\Program Files\Digital Line Detect\DLG.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosHdpProc.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
(Microsoft Corporation) C:\WINDOWS\system\wupdmgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\Ford Motor Company\IDS\Runtime\FLYMon.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SigmaTel, Inc.) C:\WINDOWS\system32\stacsv.exe
() C:\Program Files\Common Files\Teradyne\TDSNetSetup.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(SPX Diagnostic Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\TDSNetConfig.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe
(SPX Diagnostic Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(SPX Diagnostic Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\CodeServeD.exe
(SPX Diagnostic Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\DetectionManager.exe
(SPX Diagnostic Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\Starburst.exe
(SPX Diagnostic Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe
(SPX Diagnostic Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] = & gt; C:\Program Files\Apoint\Apoint.exe [155648 2004-09-13] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ITSecMng] = & gt; C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM\...\Run: [IntelZeroConfig] = & gt; C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [1372160 2009-11-03] (Intel(R) Corporation)
HKLM\...\Run: [IntelWireless] = & gt; C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1202448 2009-11-03] (Intel(R) Corporation)
HKLM\...\Run: [SigmatelSysTrayApp] = & gt; C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [405504 2007-05-10] (SigmaTel, Inc.)
HKLM\...\Run: [Adobe ARM] = & gt; C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [BEWINTERNET-PL-IEWSessionManager] = & gt; " C:\Program Files\OrangeBS\BEWInternet-PL-IEW\SessionManager\SessionManager.exe "
HKLM\...\Run: [ISUSPM] = & gt; C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKLM\...\Run: [TDSReanimator] = & gt; C:\Program Files\Common Files\Teradyne\TDSReanimator.exe [11776 2013-07-18] (Teradyne Diagnostic Solutions Ltd.)
HKU\S-1-5-19\...\RunOnce: [nltide_2] = & gt; regsvr32 /s /n /i:U shell32
HKU\S-1-5-20\...\RunOnce: [nltide_2] = & gt; regsvr32 /s /n /i:U shell32
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {03e967ff-ea9d-11e1-9f9a-0015c5498020} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {03e96800-ea9d-11e1-9f9a-0015c5498020} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {1b6603d5-12c6-11e2-ba7f-001c23213601} - G:\AutoRunCardDetector.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {1b67e342-1bb5-11e4-8ad4-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {1b67e343-1bb5-11e4-8ad4-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {1d6fd6b1-92d3-11e2-98a4-001c23213601} - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {1d6fd6b3-92d3-11e2-98a4-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {39dea942-ec40-11e1-8ac6-001c23213601} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {3bbe6173-4d1d-11e3-864e-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {3bbe6176-4d1d-11e3-864e-001c23213601} - H:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {63938044-0e2a-11e2-9faa-0015c5498020} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {63938047-0e2a-11e2-9faa-0015c5498020} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {7a6423ca-2056-11e3-9919-001c23213601} - F:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {7a6423cd-2056-11e3-9919-001c23213601} - F:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {7b5a748a-2ff0-11e3-9925-001c23213601} - G:\Setup.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {80c4414e-9010-11e3-869a-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {80c44153-9010-11e3-869a-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {80c44154-9010-11e3-869a-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {841b9a72-e5e4-11e1-8b07-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {8b6e1920-a861-11e4-8b5f-001c23213601} - G:\QsSetup.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {8d83a33e-e940-11e1-8ae0-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {8df46de8-74b9-11e3-8676-001c23213601} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {90e517a8-e6e6-11e1-8aba-001c23213601} - G:\Setup.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {a4022d70-8843-11e4-8b4b-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {a4022d72-8843-11e4-8b4b-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {a4022d73-8843-11e4-8b4b-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {b7d0eb08-6197-11e3-8663-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {b7d0eb0b-6197-11e3-8663-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {c30ffe3b-4070-11e2-9873-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {c30ffe3c-4070-11e2-9873-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {c30ffe3e-4070-11e2-9873-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {cc1c0262-26b5-11e4-8ae7-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {cc1c0263-26b5-11e4-8ae7-001c23213601} - H:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {d48ad1f0-a2d8-11e3-86a8-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {d48ad1f3-a2d8-11e3-86a8-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {e2dd2d8e-5a9d-11e4-8b24-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {e3e076f4-55af-11e2-9880-001c23213601} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {ed803675-e52c-11e1-9f8c-aadb0d6afc4a} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\...\MountPoints2: {eee4759c-4a0d-11e4-8b0f-001c23213601} - G:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [nltide_2] = & gt; regsvr32 /s /n /i:U shell32
HKU\S-1-5-18\...\MountPoints2: C - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk - & gt; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk - & gt; C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\J2534 Config App (Ford-VCM-II).lnk
ShortcutTarget: J2534 Config App (Ford-VCM-II).lnk - & gt; C:\Program Files\Bosch\VTX-VCI\VCI Software (Ford-VCM-II)\J2534 Configuration\J2534ConfigApp.exe (Vetronix Corp)
Startup: C:\Documents and Settings\DOM\Menu Start\Programy\Autostart\RT-Automatyczne aktualizacje-AKP.lnk
ShortcutTarget: RT-Automatyczne aktualizacje-AKP.lnk - & gt; C:\ADAKO\VCDS\VCDS.exe (Ross-Tech, LLC)
Startup: C:\Documents and Settings\DOM\Menu Start\Programy\Autostart\RT-Updater.lnk
ShortcutTarget: RT-Updater.lnk - & gt; C:\Ross-Tech\VCDS-Beta\VCDS.EXE (Ross-Tech, LLC)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?f=1 & a=dnldyho & cd=2XzuyEtN2Y1L1QzutDtDtC0C0B0FyDtCtDyD0CtD0EtAtByEtN0D0Tzu0CyEtCzytN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1Q1G1I1Q2U1M1F & cr=613974258 & ir=
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-682003330-1409082233-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?f=1 & a=dnldyho & cd=2XzuyEtN2Y1L1QzutDtDtC0C0B0FyDtCtDyD0CtD0EtAtByEtN0D0Tzu0CyEtCzytN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1Q1G1I1Q2U1M1F & cr=613974258 & ir=
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: " http://www.searchya.com/?f=2 & a=dnldyho & cd=2XzuyEtN2Y1L1QzutDtDtC0C0B0FyDtCtDyD0CtD0EtAtByEtN0D0Tzu0CyEtCzytN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1Q1G1I1Q2U1M1F & cr=613974258 & ir= " & lt; ======= ATTENTION
SearchScopes: HKLM - & gt; DefaultScope {30F5AB16-9F1E-4E99-93F2-ECB9ABB0EC12} URL = http://www.searchya.com/?q={searchTerms} & f=4 & a=dnldyho & cd=2XzuyEtN2Y1L1QzutDtDtC0C0B0FyDtCtDyD0CtD0EtAtByEtN0D0Tzu0CyEtCzytN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1Q1G1I1Q2U1M1F & cr=613974258 & ir=
SearchScopes: HKLM - & gt; {30F5AB16-9F1E-4E99-93F2-ECB9ABB0EC12} URL = http://www.searchya.com/?q={searchTerms} & f=4 & a=dnldyho & cd=2XzuyEtN2Y1L1QzutDtDtC0C0B0FyDtCtDyD0CtD0EtAtByEtN0D0Tzu0CyEtCzytN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1Q1G1I1Q2U1M1F & cr=613974258 & ir=
SearchScopes: HKU\S-1-5-21-682003330-1409082233-1417001333-1003 - & gt; DefaultScope {30F5AB16-9F1E-4E99-93F2-ECB9ABB0EC12} URL = http://www.searchya.com/?q={searchTerms} & f=4 & a=dnldyho & cd=2XzuyEtN2Y1L1QzutDtDtC0C0B0FyDtCtDyD0CtD0EtAtByEtN0D0Tzu0CyEtCzytN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1Q1G1I1Q2U1M1F & cr=613974258 & ir=
SearchScopes: HKU\S-1-5-21-682003330-1409082233-1417001333-1003 - & gt; {30F5AB16-9F1E-4E99-93F2-ECB9ABB0EC12} URL = http://www.searchya.com/?q={searchTerms} & f=4 & a=dnldyho & cd=2XzuyEtN2Y1L1QzutDtDtC0C0B0FyDtCtDyD0CtD0EtAtByEtN0D0Tzu0CyEtCzytN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1Q1G1I1Q2U1M1F & cr=613974258 & ir=
BHO: No Name - & gt; {1E1B2879-88FF-11D2-8D96-D7ACAC95951F} - & gt; No File
BHO: TM_BHO Class - & gt; {60EC89B7-367D-402B-8C55-30FAEB32A705} - & gt; C:\Program Files\Ford Motor Company\IDS\Runtime\TMCtrlBHO.dll (SPX Diagnostic Solutions)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\DOM\Dane aplikacji\Mozilla\Firefox\Profiles\rvixo40n.default
FF SearchEngineOrder.1: SearchYa!
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.searchya.com/?f=1 & a=dnldyho & cd=2XzuyEtN2Y1L1QzutDtDtC0C0B0FyDtCtDyD0CtD0EtAtByEtN0D0Tzu0CyEtCzytN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1Q1G1I1Q2U1M1F & cr=613974258 & ir=
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @microsoft.com/WPF,version=3.5 - & gt; C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - & gt; C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! = & gt; C:\Documents and Settings\DOM\Dane aplikacji\Mozilla\Firefox\Profiles\rvixo40n.default\user.js
FF SearchPlugin: C:\Documents and Settings\DOM\Dane aplikacji\Mozilla\Firefox\Profiles\rvixo40n.default\searchplugins\SearchYa!.xml
FF Extension: SearchYa NewTab - C:\Documents and Settings\DOM\Dane aplikacji\Mozilla\Firefox\Profiles\rvixo40n.default\Extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}.xpi [2013-11-14]

Chrome:
=======
CHR Profile: C:\Documents and Settings\DOM\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASFIPmon; C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe [61440 2005-10-18] (Broadcom Corporation) [File not signed]
R2 CreateProcess; C:\WINDOWS\system\svchost.exe [129368 2010-03-12] (Microsoft Corporation) [File not signed]
R3 DetectionManager; C:\Program Files\Ford Motor Company\IDS\Runtime\DetectionManager.exe [384512 2013-07-18] (SPX Diagnostic Solutions) [File not signed]
R3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1074480 2012-08-12] (Flexera Software LLC)
R2 FLYMon; C:\Program Files\Ford Motor Company\IDS\Runtime\FLYMon.exe [24576 2012-08-11] () [File not signed]
S3 idsvc; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [864256 2007-10-11] (Microsoft Corporation) [File not signed]
S4 NetTcpPortSharing; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [122880 2007-10-11] (Microsoft Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [909312 2009-11-03] (Intel(R) Corporation) [File not signed]
R2 STacSV; C:\WINDOWS\system32\StacSV.exe [94208 2007-05-10] (SigmaTel, Inc.)
R2 TDSNetSetup; C:\Program Files\Common Files\Teradyne\TDSNetSetup.exe [17408 2013-07-18] () [File not signed]
R2 WLANKEEPER; C:\Program Files\Intel\WiFi\bin\WLKeeper.exe [348160 2009-11-03] (Intel(R) Corporation) [File not signed]
S3 WPFFontCache_v0400; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BASFND; C:\Program Files\Broadcom\ASFIPMon\BASFND.sys [6025 2003-04-24] (Broadcom Corporation) [File not signed]
S3 CYUSB; C:\WINDOWS\System32\Drivers\UPAUSB.sys [44304 2012-04-18] (Cypress Semiconductor) [File not signed]
S3 FTD2XX; C:\WINDOWS\System32\Drivers\OPCOMUSB.sys [34639 2005-12-15] (FTDI Ltd.) [File not signed]
S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [24209 2004-04-20] (FTDI Ltd.) [File not signed]
S3 GT72NDISIPXP; C:\WINDOWS\System32\DRIVERS\Gt51Ip.sys [95744 2007-11-13] (Option NV) [File not signed]
S3 GT72UBUS; C:\WINDOWS\System32\DRIVERS\gt72ubus.sys [51968 2007-11-13] (Option N.V.) [File not signed]
R3 guardian2; C:\WINDOWS\System32\Drivers\oz776.sys [62208 2007-03-26] (O2Micro)
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [211200 2007-08-02] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [989952 2007-08-02] (Conexant Systems, Inc.)
S3 KMWDFILTER; C:\WINDOWS\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
S3 MRT_box2; C:\WINDOWS\System32\Drivers\MRT_box2.sys [29292 2010-02-26] (FTDI Ltd.) [File not signed]
R3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [4221952 2009-10-26] (Intel Corporation)
S3 PCAMPR5; C:\WINDOWS\system32\PCAMPR5.SYS [34688 2009-08-04] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 PCANDIS5; C:\WINDOWS\system32\PCANDIS5.SYS [32128 2009-08-04] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 RT-USB; C:\WINDOWS\System32\drivers\RT-USB.SYS [80256 2014-05-12] (Ross-Tech LLC)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [11904 2008-08-13] (Intel Corporation)
S3 SmokXX; C:\WINDOWS\System32\Drivers\SmokXX.sys [29292 2008-08-14] (FTDI Ltd.) [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1222840 2007-05-10] (SigmaTel, Inc.)
S2 VPUSB; C:\WINDOWS\System32\Drivers\vpusb.sys [45056 2010-06-04] (WEILEI)
S1 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [31872 2008-04-14] (Microsoft Corporation)
R2 zntport; C:\WINDOWS\system32\drivers\zntport.sys [6080 2001-01-22] (Zeal SoftStudio) [File not signed]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 EZUSB; System32\Drivers\ezusb.sys [X]
S3 filtertdidriver; system32\drivers\ewfiltertdidriver.sys [X]
S3 gtstusbser; system32\DRIVERS\gtstusbser.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S4 IntelIde; No ImagePath
S3 massfilter; system32\DRIVERS\massfilter.sys [X]
S3 massfilter_hs; system32\drivers\massfilter_hs.sys [X]
R3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
U5 phunter; C:\WINDOWS\system32\unikey.sys [13816 2014-12-20] ()
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
U1 WS2IFSL; No ImagePath
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnet; system32\DRIVERS\ZTEusbnet.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
S3 ZTEusbvoice; system32\DRIVERS\ZTEusbvoice.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 10:00 - 2015-03-05 10:00 - 00021178 _____ () C:\Documents and Settings\DOM\Pulpit\FRST.txt
2015-03-05 10:00 - 2015-03-05 10:00 - 00000000 ____D () C:\FRST
2015-03-05 09:57 - 2015-03-05 09:58 - 01132544 _____ (Farbar) C:\Documents and Settings\DOM\Pulpit\FRST.exe
2015-03-03 17:01 - 2015-03-03 17:01 - 00000525 _____ () C:\Documents and Settings\DOM\Pulpit\Skrót do XProgDesktop.lnk
2015-03-03 16:47 - 2015-03-03 17:01 - 00000000 ____D () C:\XprogBox551
2015-03-03 15:05 - 2015-03-03 15:05 - 00065536 _____ () C:\Documents and Settings\DOM\Pulpit\xprog m v5.0 moja flash
2015-03-03 15:01 - 2015-03-03 15:01 - 00002048 _____ () C:\Documents and Settings\DOM\Pulpit\xprog m v5.0 moja
2015-02-19 10:52 - 2015-02-19 10:52 - 00000256 _____ () C:\Documents and Settings\DOM\Pulpit\audi a4 1,8 96rok.bin
2015-02-18 15:10 - 2015-02-18 15:12 - 00000000 ____D () C:\Documents and Settings\DOM\Pulpit\wsady ru
2015-02-13 12:34 - 2015-02-13 12:35 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\VCDS-Beta
2015-02-13 12:34 - 2015-02-13 12:34 - 00000621 _____ () C:\Documents and Settings\DOM\Pulpit\VCDS Beta 15.2.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 10:00 - 2012-08-13 10:54 - 00000000 ____D () C:\Documents and Settings\DOM\Ustawienia lokalne\Temp
2015-03-05 10:00 - 2012-08-13 10:54 - 00000000 ____D () C:\Documents and Settings\DOM\Pulpit
2015-03-05 09:58 - 2014-09-24 09:26 - 00000000 ____D () C:\Documents and Settings\DOM\Moje dokumenty\Pobrane
2015-03-05 09:57 - 2012-08-13 10:59 - 00085536 _____ () C:\WINDOWS\system\mmtaskclean.log
2015-03-05 09:56 - 2012-08-13 10:59 - 00000017 _____ () C:\WINDOWS\system\win32out.dll
2015-03-05 09:56 - 2012-08-13 10:59 - 00000000 _____ () C:\WINDOWS\system\win32in.dll
2015-03-05 09:43 - 2014-05-06 12:48 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-05 09:14 - 2012-08-13 12:21 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy
2015-03-05 09:14 - 2012-08-13 12:21 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2015-03-05 09:12 - 2012-08-13 12:22 - 01092384 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-05 09:12 - 2001-10-26 20:15 - 00492158 _____ () C:\WINDOWS\system32\perfh015.dat
2015-03-05 09:12 - 2001-10-26 20:15 - 00085122 _____ () C:\WINDOWS\system32\perfc015.dat
2015-03-05 09:08 - 2012-08-13 10:40 - 01270324 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-05 09:07 - 2012-08-13 10:53 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-05 09:07 - 2001-07-22 02:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-03 17:20 - 2012-08-13 10:54 - 00000188 ___SH () C:\Documents and Settings\DOM\ntuser.ini
2015-03-03 17:20 - 2012-08-13 10:53 - 00032500 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-03 16:15 - 2014-10-02 09:30 - 00235930 _____ () C:\WINDOWS\setupapi.log
2015-03-03 15:14 - 2012-08-13 13:34 - 00000000 ____D () C:\Documents and Settings\DOM\Pulpit\xprog
2015-02-13 12:35 - 2012-08-13 10:54 - 00000000 ___RD () C:\Documents and Settings\DOM\Menu Start\Programy\Autostart
2015-02-13 12:34 - 2012-08-13 12:10 - 00225224 _____ () C:\WINDOWS\DPINST.LOG
2015-02-13 12:33 - 2013-07-11 10:42 - 00000000 ____D () C:\Ross-Tech
2015-02-12 11:57 - 2014-10-16 17:59 - 00013030 _____ () C:\PDOXUSRS.NET
2015-02-12 11:25 - 2014-10-16 17:58 - 00002523 _____ () C:\Documents and Settings\All Users\Pulpit\transpronics.exe.lnk
2015-02-05 14:43 - 2014-11-26 09:43 - 05070512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2015-02-05 14:43 - 2014-05-06 12:48 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-05 14:43 - 2014-05-06 12:48 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2014-10-13 18:04 - 2014-10-13 18:04 - 0003584 _____ () C:\Documents and Settings\DOM\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-23 10:18 - 2013-02-23 10:18 - 0338815 _____ () C:\Documents and Settings\DOM\Ustawienia lokalne\Dane aplikacji\speeddial.crx

Some content of TEMP:
====================
C:\Documents and Settings\DOM\Ustawienia lokalne\Temp\card_setup.exe
C:\Documents and Settings\DOM\Ustawienia lokalne\Temp\DataCard_Setup.exe
C:\Documents and Settings\DOM\Ustawienia lokalne\Temp\ResetDevice.exe
C:\Documents and Settings\DOM\Ustawienia lokalne\Temp\sfamcc00001.dll
C:\Documents and Settings\DOM\Ustawienia lokalne\Temp\sfextra.dll
C:\Documents and Settings\DOM\Ustawienia lokalne\Temp\tmAss_up.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe = & gt; File is digitally signed
C:\WINDOWS\system32\winlogon.exe = & gt; File is digitally signed
C:\WINDOWS\system32\svchost.exe = & gt; File is digitally signed
C:\WINDOWS\system32\services.exe = & gt; File is digitally signed
C:\WINDOWS\system32\User32.dll = & gt; File is digitally signed
C:\WINDOWS\system32\userinit.exe = & gt; File is digitally signed
C:\WINDOWS\system32\rpcss.dll = & gt; File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys = & gt; File is digitally signed

==================== End Of Log ============================