Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 10-11-2014 Ran by madziola at 2014-11-13 13:52:34 Run:1 Running from C:\temp Loaded Profile: madziola (Available profiles: madziola) Boot Mode: Normal ============================================== Content of fixlist: ***************** [noparse]CloseProcesses: R2 MaintainerSvc4.07.4104264; C:\ProgramData\398c0b96-ebd3-4f67-a5c7-1899a15c12be\maintainer.exe [123680 2014-11-11] () R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw.sys [52928 2014-06-19] (StdLib) R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}w; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}w.sys [52928 2014-06-23] (StdLib) S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X] AppInit_DLLs: c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll => c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll File Not Found Task: {2AC9DCD1-04DF-4B6F-87C8-F038D8DEB958} - System32\Tasks\{8E2AD033-553E-4C15-9C68-F860947658DB} => Firefox.exe http://ui.skype.com/ui/0/6.0.0.126/pl/abandoninstall?page=tsProgressBar Task: {F34BC672-FA10-40E4-8260-B9C908A9203B} - System32\Tasks\{86976A0B-9403-4687-8BB6-E512C68DF19F} => Firefox.exe http://ui.skype.com/ui/0/6.6.0.106/pl/go/help.faq.installer?LastError=1604 GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=128 HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=180&d=20140620 SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear BHO: Jump Flip -> {b630c560-975d-41a3-9a95-cbc23ad991e4} -> C:\Program Files\Jump Flip\JumpFlipBHO.dll (Jump Flip) Toolbar: HKLM - No Name - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - No File FF Plugin: @VideoDownloadConverter_4z.com/Plugin -> C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll No File FF Plugin: @VideoDownloadConverter_ScriptHelper.com/Plugin -> C:\Program Files\VideoDownloadConverter\npVDCPlugin.dll No File FF HKLM\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files\RelevantKnowledge\firefox C:\Program Files\Greener Web C:\Program Files\Jump Flip C:\ProgramData\398c0b96-ebd3-4f67-a5c7-1899a15c12be C:\Users\madziola\AppData\Local\Google\Chrome C:\Users\madziola\AppData\Local\Torpedo C:\Users\madziola\Downloads\*_Sciagnij.pl.exe C:\Users\madziola\Downloads\TorpedoSetup.exe C:\Users\madziola\Downloads\Torpedo C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw.sys C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}w.sys Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f CMD: for /d %f in (C:\Users\madziola\AppData\Local\{*}) do rd /s /q "%f" CMD: dir /a "C:\Program Files" CMD: dir /a C:\ProgramData CMD: dir /a C:\Users\madziola\AppData\Local CMD: dir /a C:\Users\madziola\AppData\LocalLow CMD: dir /a C:\Users\madziola\AppData\Roaming EmptyTemp:[/noparse] ***************** [noparse]CloseProcesses: => Error: No automatic fix found for this entry. MaintainerSvc4.07.4104264 => Service stopped successfully. MaintainerSvc4.07.4104264 => Service deleted successfully. {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw => Service stopped successfully. {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw => Service deleted successfully. {a3f28269-ad17-41a8-b032-3e0313ef8979}w => Service stopped successfully. {a3f28269-ad17-41a8-b032-3e0313ef8979}w => Service deleted successfully. sptd => Service deleted successfully. "c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll" => Value Data removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2AC9DCD1-04DF-4B6F-87C8-F038D8DEB958}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AC9DCD1-04DF-4B6F-87C8-F038D8DEB958}" => Key deleted successfully. C:\Windows\System32\Tasks\{8E2AD033-553E-4C15-9C68-F860947658DB} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8E2AD033-553E-4C15-9C68-F860947658DB}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F34BC672-FA10-40E4-8260-B9C908A9203B}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F34BC672-FA10-40E4-8260-B9C908A9203B}" => Key deleted successfully. C:\Windows\System32\Tasks\{86976A0B-9403-4687-8BB6-E512C68DF19F} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{86976A0B-9403-4687-8BB6-E512C68DF19F}" => Key deleted successfully. C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully. "HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully. "HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key not found. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b630c560-975d-41a3-9a95-cbc23ad991e4}" => Key deleted successfully. "HKCR\CLSID\{b630c560-975d-41a3-9a95-cbc23ad991e4}" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} => value deleted successfully. "HKCR\CLSID\{48586425-6bb7-4f51-8dc6-38c88e3ebb58}" => Key not found. "HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin" => Key deleted successfully. "HKLM\Software\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com/Plugin" => Key deleted successfully. HKLM\Software\Mozilla\Firefox\Extensions\\{C7AE725D-FA5C-4027-BB4C-787EF9F8248A} => value deleted successfully. C:\Program Files\Greener Web => Moved successfully. C:\Program Files\Jump Flip => Moved successfully. C:\ProgramData\398c0b96-ebd3-4f67-a5c7-1899a15c12be => Moved successfully. C:\Users\madziola\AppData\Local\Google\Chrome => Moved successfully. C:\Users\madziola\AppData\Local\Torpedo => Moved successfully. C:\Users\madziola\Downloads\*_Sciagnij.pl.exe => Moved successfully. C:\Users\madziola\Downloads\TorpedoSetup.exe => Moved successfully. C:\Users\madziola\Downloads\Torpedo => Moved successfully. C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw.sys => Moved successfully. C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}w.sys => Moved successfully. ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= for /d %f in (C:\Users\madziola\AppData\Local\{*}) do rd /s /q "%f" ========= ========= End of CMD: ========= ========= dir /a "C:\Program Files" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 6A8E-330F Katalog: C:\Program Files 2014-11-13 13:54 . 2014-11-13 13:54 .. 2014-06-20 10:24 7-Zip 2013-06-02 09:24 AC3Filter 2011-05-07 17:13 Adobe 2013-03-03 14:42 ALLPlayer 2013-12-28 16:14 ALLYouTubeDownloader 2011-05-07 17:14 ArcSoft 2011-05-07 16:24 ATI 2011-05-07 16:31 ATI Technologies 2011-10-31 18:03 AVAST Software 2014-10-30 12:01 Avi2Dvd 2013-06-02 09:23 AviSynth 2.5 2012-08-01 13:19 CardDetector 2014-11-11 12:36 CCleaner 2014-11-13 13:40 Common Files 2014-06-22 17:37 darmowa-lokalizacja-telefonu 2009-07-14 05:41 174 desktop.ini 2011-07-18 16:06 DVD Maker 2013-06-02 09:25 ffdshow 2013-10-29 21:09 FileZilla FTP Client 2013-07-04 07:46 Google 2013-06-02 09:25 Haali 2014-10-02 10:03 HP 2013-12-28 18:50 InstallShield Installation Information 2014-10-18 15:43 Internet Explorer 2012-04-07 18:13 MarkAny 2014-10-31 22:56 Microsoft 2011-03-14 21:39 Microsoft Games 2011-10-31 18:27 Microsoft Office 2014-07-25 13:48 Microsoft Silverlight 2011-05-07 17:00 Microsoft SQL Server Compact Edition 2011-07-07 14:49 Microsoft Visual Studio 2011-07-07 14:59 Microsoft Works 2011-07-07 14:48 Microsoft.NET 2014-06-13 07:30 Mobogenie 2014-11-13 13:40 Mozilla Firefox 2014-11-11 12:59 Mozilla Maintenance Service 2009-07-14 05:52 MSBuild 2011-07-13 09:04 MSXML 4.0 2013-03-03 14:44 NapiProjekt 2011-05-07 17:33 Nascom 2013-02-12 10:06 NE Multibooki Humanistyka 2012-11-30 13:39 NE Multiteka Humanistyka 2012-08-01 13:21 OrangeBS 2012-10-11 16:39 OrangeBusinessServices 2013-04-02 20:15 PIT Projekt 2012 2011-05-07 16:32 Realtek 2009-07-14 05:52 Reference Assemblies 2013-03-26 13:44 RMVB Player 2013-12-28 18:50 Samsung 2014-11-10 18:24 Skype 2013-03-31 20:23 Sony 2011-05-07 16:32 Synaptics 2011-05-07 16:28 Temp 2009-07-14 05:53 Uninstall Information 2014-09-28 09:03 VideoDownloadConverter 2013-12-07 20:43 VideoLAN 2011-05-07 16:33 WIDCOMM 2013-07-10 15:15 Windows Defender 2014-07-11 11:16 Windows Journal 2011-05-07 17:06 Windows Live 2011-07-18 16:06 Windows Mail 2013-12-12 12:45 Windows Media Player 2009-07-14 05:52 Windows NT 2011-07-18 16:06 Windows Photo Viewer 2010-11-20 22:33 Windows Portable Devices 2011-07-18 16:06 Windows Sidebar 2013-06-02 09:26 Xvid 1 plik(¢w) 174 bajt¢w 68 katalog(¢w) 65ÿ027ÿ735ÿ552 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\ProgramData ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 6A8E-330F Katalog: C:\ProgramData 2014-11-13 13:54 . 2014-11-13 13:54 .. 2014-04-16 16:56 .mono 2011-08-04 19:23 Adobe 2011-05-07 16:31 AMD 2013-12-28 16:43 57 Ament.ini 2009-07-14 05:53 Application Data [C:\ProgramData] 2011-07-07 14:03 ArcSoft 2011-05-07 17:50 ATI 2014-11-02 18:15 AVAST Software 2012-11-30 13:29 DAEMON Tools Lite 2009-07-14 05:53 Desktop [C:\Users\Public\Desktop] 2009-07-14 05:53 Documents [C:\Users\Public\Documents] 2011-07-07 14:01 56 ezsidmv.dat 2009-07-14 05:53 Favorites [C:\Users\Public\Favorites] 2011-07-07 07:01 Gadu-Gadu 10 2013-06-23 06:33 GG 2013-12-28 16:44 HP 2014-02-19 09:02 Malwarebytes 2012-01-19 09:01 McAfee 2014-10-31 22:56 Microsoft 2014-10-17 23:39 Microsoft Help 2012-11-03 13:23 Mozilla 2013-02-14 08:19 NE Multibooki Humanistyka 2014-10-01 07:56 266 ntuser.pol 2012-10-11 16:39 Orange 2012-04-07 18:14 Samsung 2014-11-10 18:24 Skype 2013-03-31 20:23 Sony Corporation 2009-07-14 05:53 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 2011-05-07 16:39 Sun 2009-07-14 05:53 Templates [C:\ProgramData\Microsoft\Windows\Templates] 2011-07-07 14:09 VirtualizedApplications 3 plik(¢w) 379 bajt¢w 30 katalog(¢w) 65ÿ027ÿ731ÿ456 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\Users\madziola\AppData\Local ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 6A8E-330F Katalog: C:\Users\madziola\AppData\Local 2014-11-13 13:54 . 2014-11-13 13:54 .. 2011-07-07 17:12 Adobe 2013-07-07 22:57 ALLPlayer 2011-07-06 11:36 AMD 2011-07-07 14:03 ArcSoft 2011-07-06 11:36 ATI 2011-07-07 20:54 Axialis 2011-07-06 11:36 Broadcom 2014-02-07 22:34 cache 2011-07-06 11:32 Dane aplikacji [C:\Users\madziola\AppData\Local] 2014-06-27 09:16 10ÿ240 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-11-09 19:22 Diagnostics 2013-12-28 18:48 Downloaded Installations 2014-11-13 13:51 ElevatedDiagnostics 2014-08-03 11:54 EmieSiteList 2014-08-03 11:54 EmieUserList 2014-10-31 20:05 Facebook 2012-11-23 07:06 92ÿ264 GDIPFONTCACHEV1.DAT 2014-02-18 23:59 genienext 2013-12-28 15:27 GG 2014-11-13 13:54 Google 2011-07-06 11:32 Historia [C:\Users\madziola\AppData\Local\Microsoft\Windows\History] 2013-12-28 16:45 HP 2014-11-12 12:56 9ÿ252ÿ706 IconCache.db 2012-08-01 06:53 Macromedia 2014-06-15 15:20 Microsoft 2012-11-23 22:00 Microsoft Games 2012-09-04 20:13 Microsoft Help 2014-02-08 10:34 Mobogenie 2013-10-05 08:14 Mozilla 2012-10-12 13:46 Orange 2014-09-17 08:13 Pay-By-Ads 2013-03-03 14:41 Programs 2012-04-08 06:25 Samsung 2014-03-16 08:29 Skype 2011-07-06 13:03 SoftGrid Client 2011-07-06 12:45 Sony Corporation 2014-11-13 13:54 Temp 2011-07-06 11:32 Temporary Internet Files [C:\Users\madziola\AppData\Local\Microsoft\Windows\Temporary Internet Files] 2014-02-15 11:22 3ÿ218 unins000.dat 2014-02-15 11:22 707ÿ504 unins000.exe 2014-02-15 11:22 11ÿ761 unins000.msg 2014-10-30 12:01 Unity 2013-12-12 12:44 VirtualStore 2014-09-08 21:24 Windows Live 6 plik(¢w) 10ÿ077ÿ693 bajt¢w 40 katalog(¢w) 65ÿ027ÿ727ÿ360 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\Users\madziola\AppData\LocalLow ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 6A8E-330F Katalog: C:\Users\madziola\AppData\LocalLow 2014-08-03 11:54 . 2014-08-03 11:54 .. 2011-07-07 17:12 Adobe 2014-08-03 11:54 EmieSiteList 2014-08-03 11:54 EmieUserList 2013-07-20 18:49 Microsoft 2011-10-28 19:49 Sun 2014-04-16 16:54 Unity 0 plik(¢w) 0 bajt¢w 8 katalog(¢w) 65ÿ027ÿ727ÿ360 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\Users\madziola\AppData\Roaming ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 6A8E-330F Katalog: C:\Users\madziola\AppData\Roaming 2014-11-02 19:16 . 2014-11-02 19:16 .. 2014-04-16 16:56 .mono 2011-07-07 17:12 Adobe 2011-07-07 14:03 ArcSoft 2011-07-06 11:36 ATI 2014-11-02 19:16 AVAST Software 2014-10-07 08:00 BRT 2014-11-11 12:50 DAEMON Tools Lite 2014-11-11 12:50 FileZilla 2011-07-07 07:48 Gadu-Gadu 10 2013-12-28 15:24 GG 2011-07-06 11:34 Identities 2011-05-07 17:11 Macromedia 2014-02-19 09:02 Malwarebytes 2011-03-14 21:39 Media Center Programs 2014-10-30 11:57 Microsoft 2014-06-22 17:35 ModelViews 2011-07-07 14:55 Mozilla 2014-02-19 00:04 newnext.me 2013-10-30 07:02 Nico Mak Computing 2013-04-02 14:56 PIT Projekt 2012 2013-12-28 18:57 Samsung 2014-11-13 13:35 Skype 2011-07-07 15:01 skypePM 2011-07-07 14:32 SoftGrid Client 2011-07-06 11:36 Sony Corporation 2011-07-06 13:03 TP 2014-04-16 16:56 Unity 2014-11-11 21:15 vlc 0 plik(¢w) 0 bajt¢w 30 katalog(¢w) 65ÿ027ÿ616ÿ768 bajt¢w wolnych ========= End of CMD: ========= EmptyTemp: => Removed 159 MB temporary data. The system needed a reboot. ==== End of Fixlog ====