Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-10-2014 01 Ran by acer (administrator) on ACER-66B366932A on 07-10-2014 22:55:33 Running from C:\Documents and Settings\acer\Moje dokumenty\Downloads Loaded Profile: acer (Available profiles: acer & Administrator) Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Sony Ericsson Mobile Communications AB) C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [LanzarL2007] => "C:\DOCUME~1\acer\USTAWI~1\Temp\{3D9203DD-D8EC-46E0-8602-AF489D348C5E}\{D1DA2BA7-2592-4036-9BB2-DCCABDE8DC1A}\..\..\L2007tmp\Setup.exe" /SETUP:"/l0x0015" <===== ATTENTION HKLM\...\Run: [] => "C:\PROGRA~1\DialNet\FPLICE~1.EXE zhimakaimen//WINPOET_QUITTING_EVENT" HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-10] (AVAST Software) HKLM\...\Policies\Explorer: [NoDesktop] 0 HKU\S-1-5-21-1417001333-1202660629-725345543-1004\...\Run: [Sony Ericsson PC Companion] => C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [774144 2009-12-08] (Sony Ericsson Mobile Communications AB) HKU\S-1-5-21-1417001333-1202660629-725345543-1004\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-1417001333-1202660629-725345543-1004\...\Run: [Tok-Cirrhatus] => "C:\Documents and Settings\acer\Ustawienia lokalne\Dane aplikacji\smss.exe" HKU\S-1-5-21-1417001333-1202660629-725345543-1004\...\Policies\system: [DisableRegistryTools] 1 HKU\S-1-5-21-1417001333-1202660629-725345543-1004\...\Policies\system: [DisableCMD] 0 HKU\S-1-5-21-1417001333-1202660629-725345543-1004\...\Policies\Explorer: [NoFolderOptions] 1 HKU\S-1-5-21-1417001333-1202660629-725345543-1004\...\MountPoints2: {1c7b8a81-fff8-11e1-b83a-001c26c61ef3} - H:\DTLplus_Launcher.exe HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [434080 2011-07-27] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=2&cf=0ff47648-dc0f-11e1-b808-028037ec0200 HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=2&cf=0ff47648-dc0f-11e1-b808-028037ec0200 HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm SearchScopes: HKLM - {6040A62C-FCC9-402B-823A-574CDF8AFD0F} URL = http://startsear.ch/?aff=2&src=sp&cf=0ff47648-dc0f-11e1-b808-028037ec0200&q={searchTerms} SearchScopes: HKCU - DefaultScope {6040A62C-FCC9-402B-823A-574CDF8AFD0F} URL = http://startsear.ch/?aff=2&src=sp&cf=0ff47648-dc0f-11e1-b808-028037ec0200&q={searchTerms} SearchScopes: HKCU - {6040A62C-FCC9-402B-823A-574CDF8AFD0F} URL = http://startsear.ch/?aff=2&src=sp&cf=0ff47648-dc0f-11e1-b808-028037ec0200&q={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: IE5BarLauncherBHO Class -> {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} -> C:\Program Files\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - StartSearchToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) Toolbar: HKCU - No Name - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File Toolbar: HKCU - StartSearchToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.) DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\acer\Dane aplikacji\Mozilla\Firefox\Profiles\rvif44hf.default-1408480967484 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Content Uploader\npUpload.dll No File FF Plugin: @java.com/DTPlugin,version=10.5.1 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.11.2571 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.1739 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin: Web Components -> C:\Program Files\Web Components\npWebVideoPlugin.dll () FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll No File FF Plugin HKCU: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll (Adobe Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdjvu.dll (LizardTech) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npOggX.dll (ESKA) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll (LiveVDO ) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-05] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-08] Chrome: ======= CHR CustomProfile: C:\Documents and Settings\acer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (avast! Online Security) - C:\Documents and Settings\acer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-07] CHR Extension: (Google Wallet) - C:\Documents and Settings\acer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-07] CHR Extension: (LiveVDO plugin) - C:\Documents and Settings\acer\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp [2014-10-07] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-15] CHR HKLM\...\Chrome\Extension: [pbiamblgmkgbcgbcgejjgebalncpmhnp] - C:\Program Files\StartSearch plugin\vshareplg.crx [2011-10-27] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-15] (AVAST Software) R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2007-07-24] (Apple Inc.) [File not signed] R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [161776 2012-06-27] (Oracle Corporation) R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2006-10-19] (Hewlett-Packard Company) [File not signed] R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed] R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed] S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [621056 2009-03-04] (Nokia.) [File not signed] S2 XAudioService; C:\WINDOWS\system32\DRIVERS\xaudio.exe [386560 2006-11-28] (Conexant Systems, Inc.) [File not signed] S4 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-05-15] () R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-05-15] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-05-15] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-05-15] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [777488 2014-05-15] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [411680 2014-05-15] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-05-15] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180632 2014-05-15] () R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [271360 2009-11-29] () [File not signed] R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [604928 2006-10-12] (Broadcom Corporation) S3 CA561; C:\WINDOWS\System32\Drivers\SPCA561.SYS [119798 2002-10-01] (SP) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) S3 dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [223128 2008-03-26] (DT Soft Ltd.) S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-01-19] (HP) S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-01-19] (HP) S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-01-19] (HP) R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSX_DPV.sys [985600 2006-12-22] (Conexant Systems, Inc.) [File not signed] R3 HSXHWAZL; C:\WINDOWS\System32\DRIVERS\HSXHWAZL.sys [207360 2006-12-22] (Conexant Systems, Inc.) [File not signed] S3 k310bus; C:\WINDOWS\System32\DRIVERS\k310bus.sys [60800 2005-12-28] (MCCI) S3 k310mdfl; C:\WINDOWS\System32\DRIVERS\k310mdfl.sys [9264 2005-12-28] (MCCI) S3 k310mdm; C:\WINDOWS\System32\DRIVERS\k310mdm.sys [96352 2005-12-28] (MCCI) S3 k310mgmt; C:\WINDOWS\System32\DRIVERS\k310mgmt.sys [87824 2005-12-28] (MCCI) S3 k310obex; C:\WINDOWS\System32\DRIVERS\k310obex.sys [85696 2005-12-28] (MCCI) R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [18048 2009-11-29] () [File not signed] R2 mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-19] (Conexant) [File not signed] S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation) S3 rockusb; C:\WINDOWS\System32\DRIVERS\rockusb.sys [73984 2006-03-22] (Fuzhou Rockchip Electronics Co,Ltd.) [File not signed] S3 s1039mdm; C:\WINDOWS\System32\DRIVERS\s1039mdm.sys [124016 2009-11-19] (MCCI Corporation) R0 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed] R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed] R0 sfsync04; C:\WINDOWS\System32\drivers\sfsync04.sys [49664 2005-12-12] (Protection Technology) [File not signed] R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2009-11-29] () [File not signed] R0 tffsport; C:\WINDOWS\System32\DRIVERS\tffsport.sys [149376 2008-04-14] (M-Systems) S3 UIUSys; C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS [6909 2006-06-09] (Conexant Systems, Inc) [File not signed] S3 vulfnths; C:\WINDOWS\System32\Drivers\vulfnth.sys [6912 2005-01-05] (VIA Technologies, Inc.) [File not signed] S3 vulfntrs; C:\WINDOWS\System32\Drivers\vulfntr.sys [11264 2005-06-06] (VIA Technologies, Inc.) [File not signed] R3 winachsf; C:\WINDOWS\System32\DRIVERS\HSX_CNXT.sys [659968 2006-12-22] (Conexant Systems, Inc.) [File not signed] S3 WRSWanDD; C:\WINDOWS\System32\DRIVERS\WrKPoETNic2000.sys [65604 2007-07-04] () R2 XAudio; C:\WINDOWS\System32\DRIVERS\xaudio.sys [8192 2006-11-28] (Conexant Systems, Inc.) [File not signed] U3 al35brwc; C:\WINDOWS\system32\Drivers\al35brwc.sys [0 ] (Microsoft Corporation) S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X] S4 IntelIde; No ImagePath S1 rlbeozoo; \??\C:\WINDOWS\system32\drivers\rlbeozoo.sys [X] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-07 22:54 - 2014-10-07 22:55 - 00000000 ____D () C:\FRST 2014-10-07 22:48 - 2014-10-07 22:48 - 00098304 _____ () C:\WINDOWS\Minidump\Mini100714-01.dmp 2014-10-07 22:14 - 2014-10-07 22:14 - 00000075 _____ () C:\WINDOWS\setupact.log 2014-10-07 22:14 - 2014-10-07 22:14 - 00000000 _____ () C:\WINDOWS\setuperr.log 2014-10-07 20:30 - 2014-10-07 20:30 - 00001819 _____ () C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2014-10-07 20:30 - 2014-10-07 20:30 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome 2014-09-25 19:34 - 2014-09-25 19:35 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-09-22 21:10 - 2014-10-07 22:14 - 00021187 _____ () C:\WINDOWS\setupapi.log 2014-09-22 20:16 - 2014-09-22 21:49 - 00000000 ____D () C:\Documents and Settings\acer\Pulpit\WIJHARS ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-07 22:56 - 2007-09-27 21:26 - 00000000 ____D () C:\Documents and Settings\acer\Ustawienia lokalne\Temp 2014-10-07 22:54 - 2014-04-08 22:20 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2014-10-07 22:50 - 2012-01-27 22:02 - 00001032 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-07 22:49 - 2012-07-06 19:55 - 01154801 _____ () C:\WINDOWS\WindowsUpdate.log 2014-10-07 22:48 - 2014-03-18 07:31 - 00000220 _____ () C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2014-10-07 22:48 - 2012-07-06 19:56 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-10-07 22:48 - 2012-07-06 19:56 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-10-07 22:48 - 2012-01-27 22:02 - 00001028 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-07 22:48 - 2008-05-08 11:19 - 00000000 ____D () C:\WINDOWS\Minidump 2014-10-07 22:48 - 2007-09-27 21:26 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-10-07 22:23 - 2012-04-11 20:25 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-10-07 20:30 - 2007-12-22 00:06 - 00000000 ____D () C:\Program Files\Google 2014-10-07 20:30 - 2007-09-27 23:13 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit 2014-10-07 20:30 - 2007-09-27 23:13 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy 2014-10-07 20:26 - 2014-07-12 15:28 - 00000000 ____D () C:\Documents and Settings\acer\Moje dokumenty\Pobrane 2014-10-07 20:22 - 2012-05-02 16:31 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-10-07 20:17 - 2007-09-27 21:26 - 00000000 ___HD () C:\Documents and Settings\acer\Ustawienia lokalne\Dane aplikacji 2014-10-07 20:16 - 2006-03-02 14:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl 2014-09-25 22:49 - 2012-07-06 19:56 - 00032390 _____ () C:\WINDOWS\SchedLgU.Txt 2014-09-25 22:49 - 2007-09-27 21:26 - 00000292 ___SH () C:\Documents and Settings\acer\ntuser.ini 2014-09-25 20:51 - 2007-09-27 21:26 - 00000000 ____D () C:\Documents and Settings\acer\Pulpit 2014-09-22 20:12 - 2013-07-22 20:24 - 00000000 ____D () C:\Documents and Settings\acer\Pulpit\Syngenta 2014-09-12 23:05 - 2013-01-24 21:52 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help 2014-09-12 23:04 - 2013-07-25 22:12 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-09-12 22:52 - 2008-02-21 16:35 - 98758480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-09-12 22:51 - 2007-09-27 21:26 - 00000000 ____D () C:\Documents and Settings\acer 2014-09-10 17:24 - 2012-04-11 20:25 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-09-10 17:24 - 2012-04-11 20:25 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-09-10 16:51 - 2009-10-29 20:23 - 00000000 ____D () C:\Documents and Settings\acer\Dane aplikacji\uTorrent 2014-09-10 16:44 - 2014-04-05 21:07 - 00000000 ____D () C:\Documents and Settings\acer\Pulpit\gra1 2014-09-07 22:38 - 2007-12-27 21:34 - 00109056 _____ () C:\Documents and Settings\acer\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================