Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:31-08-2014 02
Ran by Bartaz at 2014-09-02 15:27:43 Run:1
Running from C:\Users\Bartaz\Desktop\Potrzeba
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM\...\InprocServer32: [Default-wbemess] \\.\globalroot\systemroot\Installer\{0b3a81c9-c8c0-bd15-d3d3-27dd0c816f0b}\n. ATTENTION! ====> ZeroAccess?
HKU\.DEFAULT\...\Run: [] => [X]
HKU\S-1-5-21-1768184581-2917878914-1899908149-1004\...\Winlogon: [Shell]
HKU\S-1-5-21-1768184581-2917878914-1899908149-1004\...0c966feabec1\InprocServer32: [Default-shell32] C:\Users\Bartaz\AppData\Local\{0b3a81c9-c8c0-bd15-d3d3-27dd0c816f0b}\n. ATTENTION! ====> ZeroAccess/Alureon?
Startup: C:\Users\Bartaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
ShortcutTarget: ctfmon.lnk -> C:\ProgramData\lsass.exe (Microsoft Corporation)
S2 ADExchange; C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchgol.com/?babsrc=HP_ss&mntrId=BC5B0022FAB5ABDC&affID=125032&tsp=5026
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE409A9010490104&ts=1380995128
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE409A9010490104&ts=1380995128
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE409A9010490104&ts=1380995128
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE409A9010490104&ts=1380995128
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE409A9010490104&ts=1380995128&type=default&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&AF=110000&babsrc=SP_ss&mntrId=bc5be76b0000000000000022fab5abdc
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE409A9010490104&ts=1380995128&type=default&q={searchTerms}
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://search.avg.com/route/?d=4cd04cbd&v=6.10.6.4&i=26&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll No File
BHO: IEPluginBHO Class -> {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -> C:\Users\Bartaz\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
CustomCLSID: HKU\S-1-5-21-1768184581-2917878914-1899908149-1004_Classes\CLSID\{010833F3-751A-402F-9FCC-C365B6A12E41}\localserver32 -> C:\Users\Bartaz\Desktop\BESTplayer.exe No File
CustomCLSID: HKU\S-1-5-21-1768184581-2917878914-1899908149-1004_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Bartaz\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1768184581-2917878914-1899908149-1004_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Bartaz\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1768184581-2917878914-1899908149-1004_Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 -> C:\Users\Bartaz\AppData\Local\{0b3a81c9-c8c0-bd15-d3d3-27dd0c816f0b}\n. No File
CustomCLSID: HKU\S-1-5-21-1768184581-2917878914-1899908149-1004_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Bartaz\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1768184581-2917878914-1899908149-1004_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Bartaz\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1768184581-2917878914-1899908149-1004_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Bartaz\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1768184581-2917878914-1899908149-1004_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Bartaz\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1768184581-2917878914-1899908149-1004_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Bartaz\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
Task: {64F3CB5B-B1FC-453F-AD27-610E15928739} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-06] (Google Inc.)
Task: {7FB9FECC-B984-49FE-8400-71DC97D3216E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-06] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
C:\Program Files\mozilla firefox\plugins
C:\ProgramData\Temp
C:\Users\Bartaz\uidsave.dat
C:\Users\Bartaz\AppData\Local\Google
C:\Users\Bartaz\AppData\Local\{0b3a81c9-c8c0-bd15-d3d3-27dd0c816f0b}
C:\Users\Bartaz\AppData\Roaming\Babylon
C:\Users\Bartaz\AppData\Roaming\Buma
C:\Users\Bartaz\AppData\Roaming\Oxpies
C:\Windows\Installer\{0b3a81c9-c8c0-bd15-d3d3-27dd0c816f0b}
C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
RemoveDirectory: C:\Users\TEMP
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
EmptyTemp:
*****************

HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32\\Default => Value was restored successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-1768184581-2917878914-1899908149-1004\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
"HKU\S-1-5-21-1768184581-2917878914-1899908149-1004\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}" => Key deleted successfully.
C:\Users\Bartaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk => Moved successfully.
C:\ProgramData\lsass.exe => Moved successfully.
ADExchange => Service deleted successfully.
hwdatacard => Service deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\atashost" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" => Key deleted successfully.
"HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key deleted successfully.
"HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully.
"HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" => Key deleted successfully.
"HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
"HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}" => Key deleted successfully.
"HKCR\CLSID\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value deleted successfully.
"HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\linkscanner" => Key deleted successfully.
"HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" => Key deleted successfully.
"HKU\S-1-5-21-1768184581-2917878914-1899908149-1004_Classes\CLSID\{010833F3-751A-402F-9FCC-C365B6A12E41}" => Key deleted successfully.
"HKU\S-1-5-21-1768184581-2917878914-1899908149-1004_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}" => Key deleted successfully.
"HKU\S-1-5-21-1768184581-2917878914-1899908149-1004_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}" => Key deleted successfully.
"HKU\S-1-5-21-1768184581-2917878914-1899908149-1004_Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}" => Key not found.
"HKU\S-1-5-21-1768184581-2917878914-1899908149-1004_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}" => Key deleted successfully.
"HKU\S-1-5-21-1768184581-2917878914-1899908149-1004_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}" => Key deleted successfully.
"HKU\S-1-5-21-1768184581-2917878914-1899908149-1004_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}" => Key deleted successfully.
"HKU\S-1-5-21-1768184581-2917878914-1899908149-1004_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}" => Key deleted successfully.
"HKU\S-1-5-21-1768184581-2917878914-1899908149-1004_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{64F3CB5B-B1FC-453F-AD27-610E15928739}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64F3CB5B-B1FC-453F-AD27-610E15928739}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FB9FECC-B984-49FE-8400-71DC97D3216E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FB9FECC-B984-49FE-8400-71DC97D3216E}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully.
C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll => Moved successfully.
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully.
C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll not found.
HKLM\Software\Mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}\\SystemComponent => value deleted successfully.
C:\Program Files\mozilla firefox\plugins => Moved successfully.
C:\ProgramData\Temp => Moved successfully.
C:\Users\Bartaz\uidsave.dat => Moved successfully.
C:\Users\Bartaz\AppData\Local\Google => Moved successfully.
C:\Users\Bartaz\AppData\Local\{0b3a81c9-c8c0-bd15-d3d3-27dd0c816f0b} => Moved successfully.
C:\Users\Bartaz\AppData\Roaming\Babylon => Moved successfully.
C:\Users\Bartaz\AppData\Roaming\Buma => Moved successfully.
C:\Users\Bartaz\AppData\Roaming\Oxpies => Moved successfully.
C:\Windows\Installer\{0b3a81c9-c8c0-bd15-d3d3-27dd0c816f0b} => Moved successfully.
C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension => Moved successfully.
"C:\Users\TEMP" => removed successfully.

========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========

EmptyTemp: => Removed 696.3 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====