Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-12-2014 Ran by Irmina at 2014-12-03 21:19:45 Run:1 Running from C:\Users\Irmina\Desktop Loaded Profile: Irmina (Available profiles: Irmina) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 STHDA; system32\DRIVERS\stwrt64.sys [X] ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-3827801199-4237816232-3164111636-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION URLSearchHook: HKU\S-1-5-21-3827801199-4237816232-3164111636-1001 - (No Name) - {261c67f2-64cd-4696-9821-612409b649d5} - No File SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3827801199-4237816232-3164111636-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear SearchScopes: HKU\S-1-5-21-3827801199-4237816232-3164111636-1001 -> {szukaj.gazeta.pl} URL = http://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms} Toolbar: HKU\S-1-5-21-3827801199-4237816232-3164111636-1001 -> No Name - {4A8A0B3B-EEB7-4E90-B359-3E01B2C15E82} - No File FF Plugin-x32: @MyImageConverter_8j.com/Plugin -> C:\Program Files (x86)\MyImageConverter_8j\bar\2.bin\NP8jStub.dll No File FF HKU\S-1-5-21-3827801199-4237816232-3164111636-1001\...\Firefox\Extensions: [freegames115@BestOffers] - C:\Users\Irmina\AppData\Roaming\Mozilla\Extensions\freegames115@BestOffers CustomCLSID: HKU\S-1-5-21-3827801199-4237816232-3164111636-1001_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}\InprocServer32 -> %LOCALAPPDATA%\Pokki\ocdeskband_0.dll No File Task: {3BF726B8-2CFA-4685-B633-05D5DD432E07} - System32\Tasks\{6FD66EB5-8002-45C9-9743-F84EF499971C} => c:\program files (x86)\opera\opera.exe Task: {3D98415C-0097-4F02-82F8-715D2CF9103A} - System32\Tasks\{E4D8AF37-9C21-4610-BD68-EA188A338230} => Firefox.exe Task: {5AAF3642-5C07-4A6F-A257-3E1ED4D3854D} - System32\Tasks\{A979066F-96C6-4C0C-8E26-17EEF4D9D1EF} => Firefox.exe Task: {BEB4AD93-3E35-4C6D-BFAA-28541AB654D4} - System32\Tasks\{A7EAC957-83D9-4E90-92CB-340C0A78B4CB} => Firefox.exe Task: C:\windows\Tasks\HPCeeScheduleForIRMINA-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe CMD: for /d %f in (C:\Users\Irmina\AppData\Local\{*}) do rd /s /q "%f" C:\oct*.tmp.png C:\ProgramData\SMRResults430.dat C:\ProgramData\AVAST Software C:\ProgramData\Avg_Update_1114tb C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services C:\ProgramData\Norton C:\Users\Irmina\*.htm C:\Users\Irmina\*.lnk C:\Users\Irmina\AppData\Local\{*} C:\Users\Irmina\AppData\Local\Google\Chrome\User Data\Default\Preferences C:\Users\Irmina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\*localstorage* C:\Users\Irmina\AppData\Local\NPE C:\Users\Irmina\AppData\Local\Pokki C:\Users\Irmina\AppData\Roaming\Audacity C:\Users\Irmina\AppData\Roaming\AVG C:\Users\Irmina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FLV Player.lnk C:\Users\Irmina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player C:\Users\Irmina\AppData\Roaming\Opera C:\Users\Irmina\AppData\Roaming\Origin C:\Users\Irmina\AppData\Roaming\rmi C:\Users\Irmina\AppData\Roaming\TuneUp Software C:\Users\Irmina\AppData\Roaming\uTorrent C:\Users\Irmina\Desktop\Desktop\Różne dokumenty\AVG Konserwacja 1 klikniÄ™ciem.lnk C:\Users\Irmina\Desktop\Desktop\Różne dokumenty\AVG PC TuneUp 2014.lnk C:\Users\Irmina\Desktop\Desktop\Różne dokumenty\Graj w Euro Truck Simulator 2.lnk C:\Users\Irmina\Desktop\Wika\Różne\Programy\AVG Konserwacja 1 klikniÄ™ciem.lnk C:\Users\Irmina\Desktop\Wika\Różne\Programy\AVG PC TuneUp 2014.lnk C:\Users\Irmina\Desktop\Wika\Różne\Programy\Debut Video Capture Software.lnk C:\Users\Irmina\Desktop\Wika\Różne\Programy\Origin.lnk C:\Users\Irmina\Desktop\Wika\Koniec Roku\OneDrive.lnk C:\Users\Irmina\Desktop\Wika\Koniec Roku\Jaa\2014\* — skrót.lnk C:\Users\Irmina\Desktop\Wika\Koniec Roku\Jaa\Camera\* — skrót.lnk C:\Users\Irmina\Documents\*.tmp C:\Users\Irmina\Documents\* — skrót.lnk C:\windows\grep.exe C:\windows\MBR.exe C:\windows\PEV.exe C:\windows\sed.exe C:\windows\zip.exe C:\windows\SysWow64\*.tmp Reg: reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /f Reg: reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /ve /t REG_SZ /d Bing /f Reg: reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v URL /t REG_SZ /d "http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" /f Reg: reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v DisplayName /t REG_SZ /d "@ieframe.dll,-12512" /f Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /f Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /ve /t REG_SZ /d Bing /f Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v URL /t REG_SZ /d "http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" /f Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v DisplayName /t REG_SZ /d "@ieframe.dll,-12512" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AppSafe" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Tutorials" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Search" /f Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer /v NoDrives /f Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\gopher /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla\Thunderbird /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{84178AE8-C22D-48CB-A6BA-D116FD3FE469} /f Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}" /f Reg: reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Popajar, inc UpdateChecker" /f Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\Search" /f Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" /f Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B4916AE2-C6EC-43C1-8D4A-B5DC852372ED}" /f Reg: reg delete HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer /v NoDrives /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f Reg: reg delete "HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer" /f Reg: reg delete "HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer" /f Reg: reg delete "HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer" /f CMD: netsh advfirewall reset CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a C:\ProgramData CMD: dir /a C:\Users\Irmina\AppData\Local CMD: dir /a C:\Users\Irmina\AppData\LocalLow CMD: dir /a C:\Users\Irmina\AppData\Roaming EmptyTemp: ***************** Processes closed successfully. catchme => Service deleted successfully. STHDA => Service deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully. "HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found. "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. "HKU\S-1-5-21-3827801199-4237816232-3164111636-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. HKU\S-1-5-21-3827801199-4237816232-3164111636-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{261c67f2-64cd-4696-9821-612409b649d5} => value deleted successfully. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully. "HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found. "HKU\S-1-5-21-3827801199-4237816232-3164111636-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully. "HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key not found. "HKU\S-1-5-21-3827801199-4237816232-3164111636-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{szukaj.gazeta.pl}" => Key deleted successfully. "HKCR\CLSID\{szukaj.gazeta.pl}" => Key not found. HKU\S-1-5-21-3827801199-4237816232-3164111636-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4A8A0B3B-EEB7-4E90-B359-3E01B2C15E82} => value deleted successfully. "HKCR\CLSID\{4A8A0B3B-EEB7-4E90-B359-3E01B2C15E82}" => Key not found. "HKLM\Software\Wow6432Node\MozillaPlugins\@MyImageConverter_8j.com/Plugin" => Key deleted successfully. HKU\S-1-5-21-3827801199-4237816232-3164111636-1001\Software\Mozilla\Firefox\Extensions\\freegames115@BestOffers => value deleted successfully. "HKU\S-1-5-21-3827801199-4237816232-3164111636-1001_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BF726B8-2CFA-4685-B633-05D5DD432E07}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BF726B8-2CFA-4685-B633-05D5DD432E07}" => Key deleted successfully. C:\Windows\System32\Tasks\{6FD66EB5-8002-45C9-9743-F84EF499971C} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6FD66EB5-8002-45C9-9743-F84EF499971C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D98415C-0097-4F02-82F8-715D2CF9103A}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D98415C-0097-4F02-82F8-715D2CF9103A}" => Key deleted successfully. C:\Windows\System32\Tasks\{E4D8AF37-9C21-4610-BD68-EA188A338230} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E4D8AF37-9C21-4610-BD68-EA188A338230}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5AAF3642-5C07-4A6F-A257-3E1ED4D3854D}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AAF3642-5C07-4A6F-A257-3E1ED4D3854D}" => Key deleted successfully. C:\Windows\System32\Tasks\{A979066F-96C6-4C0C-8E26-17EEF4D9D1EF} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A979066F-96C6-4C0C-8E26-17EEF4D9D1EF}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEB4AD93-3E35-4C6D-BFAA-28541AB654D4}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEB4AD93-3E35-4C6D-BFAA-28541AB654D4}" => Key deleted successfully. C:\Windows\System32\Tasks\{A7EAC957-83D9-4E90-92CB-340C0A78B4CB} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A7EAC957-83D9-4E90-92CB-340C0A78B4CB}" => Key deleted successfully. C:\windows\Tasks\HPCeeScheduleForIRMINA-HP$.job => Moved successfully. ========= for /d %f in (C:\Users\Irmina\AppData\Local\{*}) do rd /s /q "%f" ========= ========= End of CMD: ========= C:\oct*.tmp.png => Moved successfully. C:\ProgramData\SMRResults430.dat => Moved successfully. C:\ProgramData\AVAST Software => Moved successfully. C:\ProgramData\Avg_Update_1114tb => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services => Moved successfully. C:\ProgramData\Norton => Moved successfully. C:\Users\Irmina\*.htm => Moved successfully. C:\Users\Irmina\*.lnk => Moved successfully. C:\Users\Irmina\AppData\Local\{*} => Moved successfully. C:\Users\Irmina\AppData\Local\Google\Chrome\User Data\Default\Preferences => Moved successfully. "C:\Users\Irmina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\*localstorage*" => File/Directory not found. C:\Users\Irmina\AppData\Local\NPE => Moved successfully. C:\Users\Irmina\AppData\Local\Pokki => Moved successfully. C:\Users\Irmina\AppData\Roaming\Audacity => Moved successfully. C:\Users\Irmina\AppData\Roaming\AVG => Moved successfully. C:\Users\Irmina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FLV Player.lnk => Moved successfully. C:\Users\Irmina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player => Moved successfully. C:\Users\Irmina\AppData\Roaming\Opera => Moved successfully. C:\Users\Irmina\AppData\Roaming\Origin => Moved successfully. C:\Users\Irmina\AppData\Roaming\rmi => Moved successfully. C:\Users\Irmina\AppData\Roaming\TuneUp Software => Moved successfully. C:\Users\Irmina\AppData\Roaming\uTorrent => Moved successfully. C:\Users\Irmina\Desktop\Desktop\Różne dokumenty\AVG Konserwacja 1 klikniÄ™ciem.lnk => Moved successfully. C:\Users\Irmina\Desktop\Desktop\Różne dokumenty\AVG PC TuneUp 2014.lnk => Moved successfully. C:\Users\Irmina\Desktop\Desktop\Różne dokumenty\Graj w Euro Truck Simulator 2.lnk => Moved successfully. C:\Users\Irmina\Desktop\Wika\Różne\Programy\AVG Konserwacja 1 klikniÄ™ciem.lnk => Moved successfully. C:\Users\Irmina\Desktop\Wika\Różne\Programy\AVG PC TuneUp 2014.lnk => Moved successfully. C:\Users\Irmina\Desktop\Wika\Różne\Programy\Debut Video Capture Software.lnk => Moved successfully. C:\Users\Irmina\Desktop\Wika\Różne\Programy\Origin.lnk => Moved successfully. C:\Users\Irmina\Desktop\Wika\Koniec Roku\OneDrive.lnk => Moved successfully. C:\Users\Irmina\Desktop\Wika\Koniec Roku\Jaa\2014\* — skrót.lnk => Moved successfully. C:\Users\Irmina\Desktop\Wika\Koniec Roku\Jaa\Camera\* — skrót.lnk => Moved successfully. C:\Users\Irmina\Documents\*.tmp => Moved successfully. C:\Users\Irmina\Documents\* — skrót.lnk => Moved successfully. C:\windows\grep.exe => Moved successfully. C:\windows\MBR.exe => Moved successfully. C:\windows\PEV.exe => Moved successfully. C:\windows\sed.exe => Moved successfully. C:\windows\zip.exe => Moved successfully. C:\windows\SysWow64\*.tmp => Moved successfully. ========= reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /ve /t REG_SZ /d Bing /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v URL /t REG_SZ /d "http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v DisplayName /t REG_SZ /d "@ieframe.dll,-12512" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /ve /t REG_SZ /d Bing /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v URL /t REG_SZ /d "http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v DisplayName /t REG_SZ /d "@ieframe.dll,-12512" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AppSafe" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Tutorials" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Search" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer /v NoDrives /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\gopher /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla\Thunderbird /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{84178AE8-C22D-48CB-A6BA-D116FD3FE469} /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Popajar, inc UpdateChecker" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKCU\Software\Microsoft\Internet Explorer\Search" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B4916AE2-C6EC-43C1-8D4A-B5DC852372ED}" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer /v NoDrives /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= netsh advfirewall reset ========= Ok. ========= End of CMD: ========= ========= dir /a "C:\Program Files" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 6A4B-B77D Katalog: C:\Program Files 2014-12-02 22:12 . 2014-12-02 22:12 .. 2014-12-02 22:12 AMD 2013-04-23 04:52 ATI 2014-12-02 21:51 ATI Technologies 2014-12-02 21:42 CCleaner 2014-12-02 22:11 Common Files 2009-07-14 05:54 174 desktop.ini 2013-04-25 18:01 DVD Maker 2013-04-22 22:13 Hewlett-Packard 2014-11-18 13:45 Internet Explorer 2013-04-23 14:26 Microsoft Office 2014-07-24 14:49 Microsoft Silverlight 2013-04-22 20:18 Motorola 2009-07-14 06:32 MSBuild 2009-07-14 06:32 Reference Assemblies 2014-06-10 19:50 SAMSUNG 2013-04-22 20:33 Symantec 2011-05-10 03:04 Synaptics 2009-07-14 06:09 Uninstall Information 2013-04-22 20:31 Validity Sensors 2013-07-10 13:19 Windows Defender 2014-07-10 15:01 Windows Journal 2013-04-25 18:02 Windows Mail 2013-12-12 15:58 Windows Media Player 2009-07-14 06:32 Windows NT 2013-04-25 18:02 Windows Photo Viewer 2013-04-23 06:53 Windows Portable Devices 2013-04-25 18:02 Windows Sidebar 2014-05-10 20:23 WinRAR 1 plik(¢w) 174 bajt¢w 29 katalog(¢w) 598ÿ824ÿ448ÿ000 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a "C:\Program Files (x86)" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 6A4B-B77D Katalog: C:\Program Files (x86) 2014-12-03 21:15 . 2014-12-03 21:15 .. 2014-12-02 22:14 AMD AVT 2013-04-22 20:55 ArcSoft 2014-12-02 22:13 ATI Technologies 2014-05-31 19:19 Bandicam 2014-05-31 19:19 BandiMPEG1 2013-04-22 20:19 Cisco 2014-12-03 21:15 Common Files 2014-09-23 18:32 Cyfrowy Polsat 2009-07-14 05:54 174 desktop.ini 2013-04-26 16:12 EA GAMES 2014-11-12 08:37 Google 2013-09-24 16:43 HDD Regenerator 2013-04-22 22:13 Hewlett-Packard 2013-04-22 21:17 HP Games 2013-04-22 20:21 HP HD Webcam [Fixed] 2014-09-23 18:32 InstallShield Installation Information 2014-12-02 22:03 Intel 2014-11-18 13:45 Internet Explorer 2013-04-22 20:15 JMicron 2014-12-02 11:05 Malwarebytes Anti-Malware 2013-04-22 20:56 Microsoft 2013-09-11 11:31 Microsoft Application Virtualization Client 2013-04-23 14:26 Microsoft Office 2014-03-09 19:36 Microsoft OneDrive 2014-07-24 14:49 Microsoft Silverlight 2011-05-10 03:06 Microsoft SQL Server Compact Edition 2011-05-10 02:20 Microsoft.NET 2014-04-05 07:45 Movie Maker 2.6 2014-12-02 20:48 Mozilla Firefox 2014-11-12 08:37 Mozilla Maintenance Service 2009-07-14 06:32 MSBuild 2013-04-22 20:39 Online Services 2014-11-12 08:37 Opera 2014-10-07 10:33 Origin 2014-08-19 20:11 Origin Games 2014-12-03 20:57 PasswordBox 2011-05-10 02:55 PDF Complete 2014-04-23 16:26 PhotoScape 2014-03-11 16:36 QuickTime 2014-04-14 13:16 Realtek 2014-09-23 18:34 RedApp 2009-07-14 06:32 Reference Assemblies 2014-10-14 17:52 Skype 2014-03-11 16:35 TechSmith 2009-07-14 05:57 Uninstall Information 2013-04-23 14:33 VideoLAN 2013-07-10 13:19 Windows Defender 2011-05-10 03:06 Windows Live 2013-04-25 18:02 Windows Mail 2013-12-12 15:58 Windows Media Player 2009-07-14 06:32 Windows NT 2013-04-25 18:02 Windows Photo Viewer 2013-04-23 06:53 Windows Portable Devices 2013-04-25 18:02 Windows Sidebar 2011-05-10 02:38 Windows Virtual PC 2013-04-22 20:36 Windows XP Mode 2014-04-22 21:16 WinZip 1 plik(¢w) 174 bajt¢w 58 katalog(¢w) 598ÿ824ÿ443ÿ904 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\ProgramData ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 6A4B-B77D Katalog: C:\ProgramData 2014-12-03 21:20 . 2014-12-03 21:20 .. 2013-04-25 15:14 Adobe 2014-12-02 22:14 AMD 2009-07-14 06:08 Application Data [C:\ProgramData] 2013-04-22 20:22 ArcSoft 2013-04-22 20:19 Atheros 2014-12-02 22:21 ATI 2014-08-25 15:57 AVG 2014-08-27 10:55 Avg_Update_0814tb 2013-08-04 18:15 Common Files 2009-07-14 06:08 Desktop [C:\Users\Public\Desktop] 2013-04-22 22:13 DigitalPersona 2009-07-14 06:08 Documents [C:\Users\Public\Documents] 2014-10-07 10:32 Electronic Arts 2014-03-09 12:30 EmailNotifier 2009-07-14 06:08 Favorites [C:\Users\Public\Favorites] 2014-11-17 06:17 FLEXnet 2013-05-12 12:57 Hewlett-Packard 2013-09-25 09:41 HitmanPro 2013-04-22 21:18 HPQLOG 2014-12-02 21:10 Intel 2011-05-10 02:51 Macrovision 2014-12-02 11:04 Malwarebytes 2014-09-27 18:51 McAfee 2014-12-02 14:16 Microsoft 2014-03-09 19:36 Microsoft OneDrive 2014-09-24 13:59 Mozilla 2013-04-22 20:30 NortonInstaller 2014-10-07 10:32 Origin 2014-12-02 22:10 Package Cache 2014-12-03 20:56 PDFC 2013-12-17 10:25 RedApp 2014-03-11 16:36 regid.1995-08.com.techsmith 2014-06-10 19:49 Samsung 2014-10-14 17:52 Skype 2009-07-14 06:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 2013-04-23 06:09 Sun 2013-04-23 16:22 Synaptics 2014-03-11 16:35 TechSmith 2014-03-09 12:30 TEMP 2009-07-14 06:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 2013-08-04 18:16 TuneUp Software 2013-04-22 20:32 Validity 2013-04-24 18:19 VirtualizedApplications 2013-04-22 21:17 WildTangent 2014-05-10 20:22 WinZip 2014-04-22 21:28 {01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2013-08-04 18:15 {C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} 2011-05-10 02:43 {DDB686B4-4F6B-46EB-B3F0-E73DAF04B8F0} 2013-09-17 23:10 {FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 0 plik(¢w) 0 bajt¢w 51 katalog(¢w) 598ÿ824ÿ439ÿ808 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\Users\Irmina\AppData\Local ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 6A4B-B77D Katalog: C:\Users\Irmina\AppData\Local 2014-12-03 21:20 . 2014-12-03 21:20 .. 2014-09-27 18:51 Adobe 2013-04-23 14:51 Apps 2013-04-22 20:44 ATI 2014-04-22 21:28 AVG 2013-09-15 23:13 avgchrome 2014-11-14 19:07 Big Fish 2014-07-28 23:30 cache 2014-12-02 21:48 CrashDumps 2013-04-22 20:13 Dane aplikacji [C:\Users\Irmina\AppData\Local] 2014-04-22 18:06 20ÿ480 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-04-23 14:51 Deployment 2014-11-06 18:49 Diagnostics 2013-04-22 20:13 DigitalPersona 2013-09-24 15:55 Downloaded Installations 2014-11-13 20:37 EmieBrowserModeList 2014-06-26 13:07 EmieSiteList 2014-06-26 13:07 EmieUserList 2013-10-23 16:26 ESET 2013-07-29 21:24 Facebook 2014-03-29 17:27 58ÿ016 GDIPFONTCACHEV1.DAT 2014-11-12 08:36 Google 2013-04-22 20:41 Hewlett-Packard 2013-04-22 20:39 Hewlett-Packard_Company 2013-04-22 20:46 Hewlett-Packard_Developme 2013-04-22 20:13 Historia [C:\Users\Irmina\AppData\Local\Microsoft\Windows\History] 2014-12-02 23:39 6ÿ168ÿ311 IconCache.db 2014-09-27 18:49 Macromedia 2013-04-28 23:56 1ÿ554 mbt-actwiz.log 2014-12-02 14:16 Microsoft 2014-09-24 13:59 Mozilla 2013-12-15 14:42 MyImageConverter_8j 2014-10-05 20:24 Opera 2014-04-05 07:47 Opera Software 2014-09-23 09:51 PDFC 2014-04-14 13:29 Programs 2013-04-22 20:41 RemEngine 2014-03-17 15:37 Skype 2013-04-23 14:26 SoftGrid Client 2014-03-11 16:38 TechSmith 2014-12-03 21:20 Temp 2013-04-22 20:13 Temporary Internet Files [C:\Users\Irmina\AppData\Local\Microsoft\Windows\Temporary Internet Files] 2013-05-07 15:07 VirtualStore 2014-10-16 21:11 Windows Live 2014-04-22 21:16 WinZip 2014-04-05 07:50 WMTools Downloaded Files 2013-04-22 21:31 Xobni 4 plik(¢w) 6ÿ248ÿ361 bajt¢w 44 katalog(¢w) 598ÿ824ÿ439ÿ808 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\Users\Irmina\AppData\LocalLow ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 6A4B-B77D Katalog: C:\Users\Irmina\AppData\LocalLow 2014-12-02 15:32 . 2014-12-02 15:32 .. 2014-11-13 20:37 EmieBrowserModeList 2014-06-26 13:07 EmieSiteList 2014-06-26 13:07 EmieUserList 2014-09-27 18:49 Microsoft 2013-04-23 06:05 Sun 2014-10-20 10:15 Temp 0 plik(¢w) 0 bajt¢w 8 katalog(¢w) 598ÿ824ÿ439ÿ808 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\Users\Irmina\AppData\Roaming ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 6A4B-B77D Katalog: C:\Users\Irmina\AppData\Roaming 2014-12-03 21:20 . 2014-12-03 21:20 .. 2013-04-23 05:35 Adobe 2013-04-22 20:44 ATI 2014-02-19 14:50 BANDISOFT 2014-01-27 10:13 dvdcss 2013-04-22 21:20 Hewlett-Packard 2013-04-22 21:38 hpqLog 2013-04-22 20:42 Identities 2013-04-22 20:43 Intel Corporation 2013-04-23 05:57 Macromedia 2014-03-09 12:31 ManyCam 2014-11-08 19:10 Microsoft 2014-03-09 15:09 Mozilla 2014-04-05 07:47 Opera Software 2014-12-02 21:48 PhotoScape 2013-04-22 20:27 51ÿ036 QWInstall.log 2014-09-23 18:35 RedApp 2013-04-22 20:14 Sierra Wireless 2014-11-30 12:44 Skype 2014-11-12 08:36 SoftGrid Client 2013-04-22 20:43 Synaptics 2014-03-11 16:38 TechSmith 2013-04-23 14:27 TP 2014-02-09 14:48 vlc 2013-09-26 18:04 WinRAR 1 plik(¢w) 51ÿ036 bajt¢w 25 katalog(¢w) 598ÿ824ÿ435ÿ712 bajt¢w wolnych ========= End of CMD: ========= EmptyTemp: => Removed 1.5 GB temporary data. The system needed a reboot. ==== End of Fixlog ====