Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 01-12-2013
Ran by Jarek i Ela at 2013-12-03 12:27:54 Run:1
Running from C:\Users\Jarek i Ela.JarekiEla-PC\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKCU\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?Task: C:\Windows\Tasks\{DD552472-A185-4a0c-AC58-90AA40E9E26A}.job => C:\Windows\explorer.exeSearchScopes: HKLM - DefaultScope value is missing.SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =S3 GAPNVWQKS; C:\Users\JAREKI~1.JAR\AppData\Local\Temp\GAPNVWQKS.exe [416640 2013-11-25] (Sysinternals - www.sysinternals.com)S3 MAODQ; C:\Users\JAREKI~1.JAR\AppData\Local\Temp\MAODQ.exe [445312 2013-11-25] (Sysinternals - www.sysinternals.com)S4 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]S4 BTOA; C:\Users\JAREKI~1.JAR\AppData\Local\Temp\BTOA.exe [x]R0 DwProt; C:\Windows\System32\drivers\dwprot.sys [135032 2011-01-21] (Doctor Web, Ltd.)R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [66344 2013-11-19] (GFI Software)S2 Haspnt; \??\C:\Windows\system32\drivers\Haspnt.sys [x]S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [x]S3 MEMSWEEP2; \??\C:\Windows\system32\337E.tmp [x]U4 Messenger;S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [x]S0 szkgfs; system32\drivers\szkgfs.sys [x]HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"C:\Windows\System32\drivers\dwprot.sysC:\Windows\system32\Drivers\sbapifs.sysC:\Windows\system32\Drivers\sbaphd.sysC:\Windows\system32\Drivers\RKREVEAL150.SYSC:\Windows\system32\SBBD.EXEC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Local\Temp\*.exeC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Local\MozillaC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\ArcaVirMicroScanC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\AVGC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Azureus(768)C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\DSiteC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\ExpressFilesC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\MozillaC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Ulead Systems(780)C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\UserTile (2).pngC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Local\GDIPFONTCACHEV1 (2).DATC:\Users\All Users\AVGC:\Users\All Users\AVG10C:\Users\All Users\AVG2012C:\Users\All Users\HP(737)C:\Users\All Users\Malwarebytes(738)C:\Users\All Users\Microsoft(739)C:\Users\All Users\MozillaC:\Users\All Users\pageC:\Users\All Users\page(741)C:\Users\All Users\Real(742)C:\Users\All Users\SecTaskMan(743)C:\Users\All Users\Skype(744)Folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartupFolder: C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartupReg: reg delete HKCU\Software\Classes\.exe /fReg: reg delete HKCU\Software\Mozilla /fReg: reg delete HKLM\SOFTWARE\MozillaPlugins /fReg: reg delete HKLM\SOFTWARE\Mozilla /fReg: reg delete HKLM\SOFTWARE\mozilla.org /fReg: reg delete HKLM\SOFTWARE\MozillaPlugins /fReg: reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /sReg: reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /sReg: reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /sReg: reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /sReg: reg query HKLM\SYSTEM\CurrentControlSet\services\Winmgmt /sReg: reg query HKLM\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /sReg: reg query HKLM\SOFTWARE\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F} /sCMD: winmgmt /verifyrepository



*****************


========= HKCU\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?Task: C:\Windows\Tasks\{DD552472-A185-4a0c-AC58-90AA40E9E26A}.job => C:\Windows\explorer.exeSearchScopes: HKLM - DefaultScope value is missing.SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =S3 GAPNVWQKS; C:\Users\JAREKI~1.JAR\AppData\Local\Temp\GAPNVWQKS.exe [416640 2013-11-25] (Sysinternals - www.sysinternals.com)S3 MAODQ; C:\Users\JAREKI~1.JAR\AppData\Local\Temp\MAODQ.exe [445312 2013-11-25] (Sysinternals - www.sysinternals.com)S4 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]S4 BTOA; C:\Users\JAREKI~1.JAR\AppData\Local\Temp\BTOA.exe [x]R0 DwProt; C:\Windows\System32\drivers\dwprot.sys [135032 2011-01-21] (Doctor Web, Ltd.)R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [66344 2013-11-19] (GFI Software)S2 Haspnt; \??\C:\Windows\system32\drivers\Haspnt.sys [x]S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [x]S3 MEMSWEEP2; \??\C:\Windows\system32\337E.tmp [x]U4 Messenger;S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [x]S0 szkgfs; system32\drivers\szkgfs.sys [x]HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"C:\Windows\System32\drivers\dwprot.sysC:\Windows\system32\Drivers\sbapifs.sysC:\Windows\system32\Drivers\sbaphd.sysC:\Windows\system32\Drivers\RKREVEAL150.SYSC:\Windows\system32\SBBD.EXEC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Local\Temp\*.exeC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Local\MozillaC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\ArcaVirMicroScanC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\AVGC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Azureus(768)C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\DSiteC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\ExpressFilesC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\MozillaC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Ulead Systems(780)C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\UserTile (2).pngC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Local\GDIPFONTCACHEV1 (2).DATC:\Users\All Users\AVGC:\Users\All Users\AVG10C:\Users\All Users\AVG2012C:\Users\All Users\HP(737)C:\Users\All Users\Malwarebytes(738)C:\Users\All Users\Microsoft(739)C:\Users\All Users\MozillaC:\Users\All Users\pageC:\Users\All Users\page(741)C:\Users\All Users\Real(742)C:\Users\All Users\SecTaskMan(743)C:\Users\All Users\Skype(744)Folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartupFolder: C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartupReg: reg delete HKCU\Software\Classes\.exe /fReg: reg delete HKCU\Software\Mozilla /fReg: reg delete HKLM\SOFTWARE\MozillaPlugins /fReg: reg delete HKLM\SOFTWARE\Mozilla /fReg: reg delete HKLM\SOFTWARE\mozilla.org /fReg: reg delete HKLM\SOFTWARE\MozillaPlugins /fReg: reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /sReg: reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /sReg: reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /sReg: reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /sReg: reg query HKLM\SYSTEM\CurrentControlSet\services\Winmgmt /sReg: reg query HKLM\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /sReg: reg query HKLM\SOFTWARE\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F} /s winmgmt /verifyrepository =========

System nie mo�e odnale�� okre�lonej �cie�ki.

========= End of CMD: =========

HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => Key not found.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\vsmon => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?C:\Windows\Tasks\{DD552472-A185-4a0c-AC58-90AA40E9E26A}.job => C:\Windows\explorer.exeSearchScopes: HKLM - DefaultScope value is missing.SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =S3 GAPNVWQKS; C:\Users\JAREKI~1.JAR\AppData\Local\Temp\GAPNVWQKS.exe [416640 2013-11-25] (Sysinternals - www.sysinternals.com)S3 MAODQ; C:\Users\JAREKI~1.JAR\AppData\Local\Temp\MAODQ.exe [445312 2013-11-25] (Sysinternals - www.sysinternals.com)S4 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]S4 BTOA; C:\Users\JAREKI~1.JAR\AppData\Local\Temp\BTOA.exe [x]R0 DwProt; C:\Windows\System32\drivers\dwprot.sys [135032 2011-01-21] (Doctor Web, Ltd.)R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [66344 2013-11-19] (GFI Software)S2 Haspnt; \??\C:\Windows\system32\drivers\Haspnt.sys [x]S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [x]S3 MEMSWEEP2; \??\C:\Windows\system32\337E.tmp [x]U4 Messenger;S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [x]S0 szkgfs; system32\drivers\szkgfs.sys [x]HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon not found.
HKCU\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} => Key deleted successfully.
HKCU\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?Task: C:\Windows\Tasks\{DD552472-A185-4a0c-AC58-90AA40E9E26A}.job => C:\Windows\explorer.exeSearchScopes: HKLM - DefaultScope value is missing.SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =GAPNVWQKS => Service not found.

========================= HKCU\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?Task: C:\Windows\Tasks\{DD552472-A185-4a0c-AC58-90AA40E9E26A}.job => C:\Windows\explorer.exeSearchScopes: HKLM - DefaultScope value is missing.SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =S3 GAPNVWQKS; C:\Users\JAREKI~1.JAR\AppData\Local\Temp\GAPNVWQKS.exe [416640 2013-11-25] (Sysinternals - www.sysinternals.com)S3 MAODQ; C:\Users\JAREKI~1.JAR\AppData\Local\Temp\MAODQ.exe [445312 2013-11-25] (Sysinternals - www.sysinternals.com)S4 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]S4 BTOA; C:\Users\JAREKI~1.JAR\AppData\Local\Temp\BTOA.exe [x]R0 DwProt; C:\Windows\System32\drivers\dwprot.sys [135032 2011-01-21] (Doctor Web, Ltd.)R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [66344 2013-11-19] (GFI Software)S2 Haspnt; \??\C:\Windows\system32\drivers\Haspnt.sys [x]S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [x]S3 MEMSWEEP2; \??\C:\Windows\system32\337E.tmp [x]U4 Messenger;S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [x]S0 szkgfs; system32\drivers\szkgfs.sys [x]HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"C:\Windows\System32\drivers\dwprot.sysC:\Windows\system32\Drivers\sbapifs.sysC:\Windows\system32\Drivers\sbaphd.sysC:\Windows\system32\Drivers\RKREVEAL150.SYSC:\Windows\system32\SBBD.EXEC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Local\Temp\*.exeC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Local\MozillaC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\ArcaVirMicroScanC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\AVGC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Azureus(768)C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\DSiteC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\ExpressFilesC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\MozillaC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Ulead Systems(780)C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\UserTile (2).pngC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Local\GDIPFONTCACHEV1 (2).DATC:\Users\All Users\AVGC:\Users\All Users\AVG10C:\Users\All Users\AVG2012C:\Users\All Users\HP(737)C:\Users\All Users\Malwarebytes(738)C:\Users\All Users\Microsoft(739)C:\Users\All Users\MozillaC:\Users\All Users\pageC:\Users\All Users\page(741)C:\Users\All Users\Real(742)C:\Users\All Users\SecTaskMan(743)C:\Users\All Users\Skype(744)Folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartupFolder: C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartupReg: reg delete HKCU\Software\Classes\.exe /fReg: reg delete HKCU\Software\Mozilla /fReg: reg delete HKLM\SOFTWARE\MozillaPlugins /fReg: reg delete HKLM\SOFTWARE\Mozilla /fReg: reg delete HKLM\SOFTWARE\mozilla.org /fReg: reg delete HKLM\SOFTWARE\MozillaPlugins /fReg: reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /sReg: reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /sReg: reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /sReg: reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /sReg: reg query HKLM\SYSTEM\CurrentControlSet\services\Winmgmt /sReg: reg query HKLM\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /sReg: reg query HKLM\SOFTWARE\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F} /sCMD: winmgmt /verifyrepository ========================

Directory Not Found

====== End of Folder: ======


========= HKCU\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?Task: C:\Windows\Tasks\{DD552472-A185-4a0c-AC58-90AA40E9E26A}.job => C:\Windows\explorer.exeSearchScopes: HKLM - DefaultScope value is missing.SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =S3 GAPNVWQKS; C:\Users\JAREKI~1.JAR\AppData\Local\Temp\GAPNVWQKS.exe [416640 2013-11-25] (Sysinternals - www.sysinternals.com)S3 MAODQ; C:\Users\JAREKI~1.JAR\AppData\Local\Temp\MAODQ.exe [445312 2013-11-25] (Sysinternals - www.sysinternals.com)S4 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]S4 BTOA; C:\Users\JAREKI~1.JAR\AppData\Local\Temp\BTOA.exe [x]R0 DwProt; C:\Windows\System32\drivers\dwprot.sys [135032 2011-01-21] (Doctor Web, Ltd.)R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [66344 2013-11-19] (GFI Software)S2 Haspnt; \??\C:\Windows\system32\drivers\Haspnt.sys [x]S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [x]S3 MEMSWEEP2; \??\C:\Windows\system32\337E.tmp [x]U4 Messenger;S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [x]S0 szkgfs; system32\drivers\szkgfs.sys [x]HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"C:\Windows\System32\drivers\dwprot.sysC:\Windows\system32\Drivers\sbapifs.sysC:\Windows\system32\Drivers\sbaphd.sysC:\Windows\system32\Drivers\RKREVEAL150.SYSC:\Windows\system32\SBBD.EXEC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Local\Temp\*.exeC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Local\MozillaC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\ArcaVirMicroScanC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\AVGC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Azureus(768)C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\DSiteC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\ExpressFilesC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\MozillaC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Ulead Systems(780)C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\UserTile (2).pngC:\Users\Jarek i Ela.JarekiEla-PC\AppData\Local\GDIPFONTCACHEV1 (2).DATC:\Users\All Users\AVGC:\Users\All Users\AVG10C:\Users\All Users\AVG2012C:\Users\All Users\HP(737)C:\Users\All Users\Malwarebytes(738)C:\Users\All Users\Microsoft(739)C:\Users\All Users\MozillaC:\Users\All Users\pageC:\Users\All Users\page(741)C:\Users\All Users\Real(742)C:\Users\All Users\SecTaskMan(743)C:\Users\All Users\Skype(744)Folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartupFolder: C:\Users\Jarek i Ela.JarekiEla-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startupreg delete HKCU\Software\Classes\.exe /fReg: reg delete HKCU\Software\Mozilla /fReg: reg delete HKLM\SOFTWARE\MozillaPlugins /fReg: reg delete HKLM\SOFTWARE\Mozilla /fReg: reg delete HKLM\SOFTWARE\mozilla.org /fReg: reg delete HKLM\SOFTWARE\MozillaPlugins /fReg: reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /sReg: reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /sReg: reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /sReg: reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /sReg: reg query HKLM\SYSTEM\CurrentControlSet\services\Winmgmt /sReg: reg query HKLM\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /sReg: reg query HKLM\SOFTWARE\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F} /sCMD: winmgmt /verifyrepository =========

System nie może odnaleźć określonej ścieżki.


========= End of Reg: =========


==== End of Fixlog ====