Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 17-12-2014 Ran by Bartek at 2014-12-18 00:34:27 Run:1 Running from C:\Users\Bartek\Desktop\Antyvir Loaded Profiles: Bartek & UpdatusUser (Available profiles: Bartek & UpdatusUser) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.istartsurf.com/?type=sc&ts=1408459294&from=smt&uid=SAMSUNGXHD502HI_S1VZJ9BZC08744 ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.istartsurf.com/?type=sc&ts=1408459294&from=smt&uid=SAMSUNGXHD502HI_S1VZJ9BZC08744 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKU\S-1-5-21-3105551624-3281779802-1797148407-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki SearchScopes: HKU\S-1-5-21-3105551624-3281779802-1797148407-1001 -> {54521799-693E-4BD8-B4CC-F2FD6CFB30C6} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms} SearchScopes: HKU\S-1-5-21-3105551624-3281779802-1797148407-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Plugin HKU\S-1-5-21-3105551624-3281779802-1797148407-1001: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File HKU\S-1-5-21-3105551624-3281779802-1797148407-1001\...\Run: [VidSpeak] => [X] HKU\S-1-5-21-3105551624-3281779802-1797148407-1001\...\Run: [AdobeBridge] => [X] Task: {09CA2359-29D5-4D92-936B-F5C51A128509} - System32\Tasks\YTAUpdate => C:\PROGRA~1\YouTube <==== ATTENTION Task: {936F951D-7F17-46A5-9708-870026B6EB72} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe Task: {AF5E9090-51BA-4AB4-B476-0801C71B7B2D} - System32\Tasks\{105F7530-8BDE-4D7E-AEF9-9FB9962FB82A} => pcalua.exe -a "C:\Program Files\NETGEAR\WNA1000M\InstallSvc.exe" -d "C:\Program Files\NETGEAR\WNA1000M" Task: {FCFDC6C3-D862-4BA8-BA94-4FAE44053A67} - \SPBIW_UpdateTask_Time_333239353831393234332d3437415a556c2a3223346c41 No Task File <==== ATTENTION S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X] R4 RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [X] S3 RTL8192cu; system32\DRIVERS\RTL8192cu.sys [X] S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X] S3 WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [X] C:\Program Files\Free mp3 Wma Converter C:\Program Files\Freemake C:\Program Files\Mozilla Firefox\extensions C:\Program Files\Mozilla Firefox\plugins C:\ProgramData\hash.dat C:\ProgramData\AVAST Software C:\ProgramData\Freemake C:\ProgramData\McAfee C:\ProgramData\McAfee Security Scan C:\ProgramData\TEMP C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3d Girlz Uninstall.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anki.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixPad Audio Mixer.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Tone Generator.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D SexVilla 2 - Everlust + Addons C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fiszki mp3 aktywny trening C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grupa IMAGE C:\Users\Bartek\AppData\Local\*.exe C:\Users\Bartek\AppData\Local\nsy36FC.tmp C:\Users\Bartek\AppData\Local\Google\Chrome C:\Users\Bartek\AppData\Roaming\temp.ini C:\Users\Bartek\AppData\Roaming\Ashampoo C:\Users\Bartek\AppData\Roaming\avidemux C:\Users\Bartek\AppData\Roaming\DAEMON Tools Lite C:\Users\Bartek\AppData\Roaming\DarkWave Studio C:\Users\Bartek\AppData\Roaming\DVDVideoSoft C:\Users\Bartek\AppData\Roaming\FreeAudioPack C:\Users\Bartek\AppData\Roaming\iFunbox_UserCache C:\Users\Bartek\AppData\Roaming\F-Secure C:\Users\Bartek\AppData\Roaming\Greyfirst C:\Users\Bartek\AppData\Roaming\Kalypso Media C:\Users\Bartek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ALLPlayer V4.6.lnk C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free mp3 Wma Converter.lnk C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DarkWave Studio C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LIMBO C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\SendTo\Xfire Friend.lnk C:\Users\Bartek\AppData\Roaming\Might & Magic Heroes VI C:\Users\Bartek\AppData\Roaming\Mount&Blade Warband C:\Users\Bartek\AppData\Roaming\Polynomial C:\Users\Bartek\AppData\Roaming\REAPER C:\Users\Bartek\AppData\Roaming\redsn0w C:\Users\Bartek\AppData\Roaming\Softinterface, Inc C:\Users\Bartek\AppData\Roaming\Thinstall C:\Users\Bartek\AppData\Roaming\Unity C:\Users\Bartek\AppData\Roaming\WebTest C:\Users\Bartek\Desktop\Programy\Adobe Reader 9.lnk C:\Users\Bartek\Desktop\Programy\Advanced SystemCare 6.lnk C:\Users\Bartek\Desktop\Programy\Anki.lnk C:\Users\Bartek\Desktop\Programy\Ashampoo Burning Studio 2010 Advanced.lnk C:\Users\Bartek\Desktop\Programy\Chmura Osobista.lnk C:\Users\Bartek\Desktop\Programy\CodeBlocks.lnk C:\Users\Bartek\Desktop\Programy\DAEMON Tools Lite.lnk C:\Users\Bartek\Desktop\Programy\DVDVideoSoft Free Studio.lnk C:\Users\Bartek\Desktop\Programy\foobar2000.lnk C:\Users\Bartek\Desktop\Programy\Free YouTube Download.lnk C:\Users\Bartek\Desktop\Programy\Free YouTube to MP3 Converter.lnk C:\Users\Bartek\Desktop\Programy\Freemake Video Downloader.lnk C:\Users\Bartek\Desktop\Programy\Game Booster 3.lnk C:\Users\Bartek\Desktop\Programy\iFunbox.lnk C:\Users\Bartek\Desktop\Programy\IObit Malware Fighter.lnk C:\Users\Bartek\Desktop\Programy\iTunes.lnk C:\Users\Bartek\Desktop\Programy\Last.fm.lnk C:\Users\Bartek\Desktop\Programy\NCH Tone Generator.lnk C:\Users\Bartek\Desktop\Programy\Nexus Mod Manager.lnk C:\Users\Bartek\Desktop\Programy\Prawo Jazdy ABCDT - egzamin wewnÄ™trzny.lnk C:\Users\Bartek\Desktop\Programy\REAPER.lnk C:\Users\Bartek\Desktop\Programy\Skrzyżowania.lnk C:\Users\Bartek\Desktop\Programy\Skype.lnk C:\Users\Bartek\Desktop\Programy\Smart Defrag 2.lnk C:\Users\Bartek\Desktop\Programy\Steam.lnk C:\Users\Bartek\Desktop\Programy\Uninstaller.lnk C:\Users\Bartek\Desktop\Programy\Uplay.lnk C:\Users\Bartek\Desktop\Programy\Tor Browser\Tor Browser.exe — skrót.lnk C:\Users\Bartek\Desktop\Programy\Lektoring\MixPad Audio Mixer.lnk C:\Users\Bartek\Desktop\Programy\Lektoring\WavePad Sound Editor.lnk C:\Users\Bartek\Desktop\Gry\Risen 3 - Titan Lords.lnk C:\Users\Bartek\Desktop\Gry\The Sims 3.lnk C:\Users\Bartek\Desktop\Gry\Total War Rome II.lnk C:\Users\UpdatusUser\Desktop\*.lnk C:\Windows\patsearch.bin C:\Windows\system32\mp3tagv265asetup.exe C:\Windows\system32\Drivers\Msft_Kernel_webinstrNewH_01009.Wdf Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator" /f Reg: reg delete HKU\S-1-5-21-3105551624-3281779802-1797148407-1001_Classes\CLSID /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f CMD: dir /a "C:\Program Files" CMD: dir /a C:\ProgramData CMD: dir /a C:\Users\Bartek\AppData\Local CMD: dir /a C:\Users\Bartek\AppData\LocalLow CMD: dir /a C:\Users\Bartek\AppData\Roaming EmptyTemp: ***************** Processes closed successfully. C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Shortcut argument was removed successfully. C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk => Shortcut argument was removed successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKU\S-1-5-21-3105551624-3281779802-1797148407-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. "HKU\S-1-5-21-3105551624-3281779802-1797148407-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{54521799-693E-4BD8-B4CC-F2FD6CFB30C6}" => Key deleted successfully. "HKCR\CLSID\{54521799-693E-4BD8-B4CC-F2FD6CFB30C6}" => Key not found. HKU\S-1-5-21-3105551624-3281779802-1797148407-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found. "HKU\S-1-5-21-3105551624-3281779802-1797148407-1001\Software\MozillaPlugins\ubisoft.com/uplaypc" => Key deleted successfully. C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll not found. HKU\S-1-5-21-3105551624-3281779802-1797148407-1001\Software\Microsoft\Windows\CurrentVersion\Run\\VidSpeak => value deleted successfully. HKU\S-1-5-21-3105551624-3281779802-1797148407-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09CA2359-29D5-4D92-936B-F5C51A128509}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09CA2359-29D5-4D92-936B-F5C51A128509}" => Key deleted successfully. C:\Windows\System32\Tasks\YTAUpdate => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTAUpdate" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{936F951D-7F17-46A5-9708-870026B6EB72}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{936F951D-7F17-46A5-9708-870026B6EB72}" => Key deleted successfully. C:\Windows\System32\Tasks\Game_Booster_AutoUpdate => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Game_Booster_AutoUpdate" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF5E9090-51BA-4AB4-B476-0801C71B7B2D}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF5E9090-51BA-4AB4-B476-0801C71B7B2D}" => Key deleted successfully. C:\Windows\System32\Tasks\{105F7530-8BDE-4D7E-AEF9-9FB9962FB82A} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{105F7530-8BDE-4D7E-AEF9-9FB9962FB82A}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCFDC6C3-D862-4BA8-BA94-4FAE44053A67}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCFDC6C3-D862-4BA8-BA94-4FAE44053A67}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_333239353831393234332d3437415a556c2a3223346c41" => Key deleted successfully. IntcAzAudAddService => Service deleted successfully. RegFilter => Unable to stop service RegFilter => Error deleting Service RTL8192cu => Service deleted successfully. sptd => Service deleted successfully. WinRing0_1_2_0 => Service deleted successfully. C:\Program Files\Free mp3 Wma Converter => Moved successfully. C:\Program Files\Freemake => Moved successfully. C:\Program Files\Mozilla Firefox\extensions => Moved successfully. C:\Program Files\Mozilla Firefox\plugins => Moved successfully. C:\ProgramData\hash.dat => Moved successfully. C:\ProgramData\AVAST Software => Moved successfully. C:\ProgramData\Freemake => Moved successfully. C:\ProgramData\McAfee => Moved successfully. C:\ProgramData\McAfee Security Scan => Moved successfully. C:\ProgramData\TEMP => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3d Girlz Uninstall.lnk => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anki.lnk => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixPad Audio Mixer.lnk => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Tone Generator.lnk => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D SexVilla 2 - Everlust + Addons => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fiszki mp3 aktywny trening => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grupa IMAGE => Moved successfully. C:\Users\Bartek\AppData\Local\*.exe => Moved successfully. C:\Users\Bartek\AppData\Local\nsy36FC.tmp => Moved successfully. C:\Users\Bartek\AppData\Local\Google\Chrome => Moved successfully. C:\Users\Bartek\AppData\Roaming\temp.ini => Moved successfully. C:\Users\Bartek\AppData\Roaming\Ashampoo => Moved successfully. C:\Users\Bartek\AppData\Roaming\avidemux => Moved successfully. C:\Users\Bartek\AppData\Roaming\DAEMON Tools Lite => Moved successfully. C:\Users\Bartek\AppData\Roaming\DarkWave Studio => Moved successfully. C:\Users\Bartek\AppData\Roaming\DVDVideoSoft => Moved successfully. C:\Users\Bartek\AppData\Roaming\FreeAudioPack => Moved successfully. C:\Users\Bartek\AppData\Roaming\iFunbox_UserCache => Moved successfully. C:\Users\Bartek\AppData\Roaming\F-Secure => Moved successfully. C:\Users\Bartek\AppData\Roaming\Greyfirst => Moved successfully. C:\Users\Bartek\AppData\Roaming\Kalypso Media => Moved successfully. C:\Users\Bartek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ALLPlayer V4.6.lnk => Moved successfully. C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free mp3 Wma Converter.lnk => Moved successfully. C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DarkWave Studio => Moved successfully. C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LIMBO => Moved successfully. C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\SendTo\Xfire Friend.lnk => Moved successfully. C:\Users\Bartek\AppData\Roaming\Might & Magic Heroes VI => Moved successfully. C:\Users\Bartek\AppData\Roaming\Mount&Blade Warband => Moved successfully. C:\Users\Bartek\AppData\Roaming\Polynomial => Moved successfully. C:\Users\Bartek\AppData\Roaming\REAPER => Moved successfully. C:\Users\Bartek\AppData\Roaming\redsn0w => Moved successfully. C:\Users\Bartek\AppData\Roaming\Softinterface, Inc => Moved successfully. C:\Users\Bartek\AppData\Roaming\Thinstall => Moved successfully. C:\Users\Bartek\AppData\Roaming\Unity => Moved successfully. C:\Users\Bartek\AppData\Roaming\WebTest => Moved successfully. C:\Users\Bartek\Desktop\Programy\Adobe Reader 9.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Advanced SystemCare 6.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Anki.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Ashampoo Burning Studio 2010 Advanced.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Chmura Osobista.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\CodeBlocks.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\DAEMON Tools Lite.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\DVDVideoSoft Free Studio.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\foobar2000.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Free YouTube Download.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Free YouTube to MP3 Converter.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Freemake Video Downloader.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Game Booster 3.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\iFunbox.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\IObit Malware Fighter.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\iTunes.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Last.fm.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\NCH Tone Generator.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Nexus Mod Manager.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Prawo Jazdy ABCDT - egzamin wewnÄ™trzny.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\REAPER.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Skrzyżowania.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Skype.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Smart Defrag 2.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Steam.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Uninstaller.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Uplay.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Tor Browser\Tor Browser.exe — skrót.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Lektoring\MixPad Audio Mixer.lnk => Moved successfully. C:\Users\Bartek\Desktop\Programy\Lektoring\WavePad Sound Editor.lnk => Moved successfully. C:\Users\Bartek\Desktop\Gry\Risen 3 - Titan Lords.lnk => Moved successfully. C:\Users\Bartek\Desktop\Gry\The Sims 3.lnk => Moved successfully. C:\Users\Bartek\Desktop\Gry\Total War Rome II.lnk => Moved successfully. C:\Users\UpdatusUser\Desktop\*.lnk => Moved successfully. C:\Windows\patsearch.bin => Moved successfully. C:\Windows\system32\mp3tagv265asetup.exe => Moved successfully. C:\Windows\system32\Drivers\Msft_Kernel_webinstrNewH_01009.Wdf => Moved successfully. ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKU\S-1-5-21-3105551624-3281779802-1797148407-1001_Classes\CLSID /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= dir /a "C:\Program Files" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 5E07-B3DF Katalog: C:\Program Files 2014-12-18 00:35 . 2014-12-18 00:35 .. 2012-12-05 16:24 7-Zip 2014-12-12 22:10 ABBYY FineReader 11 2014-12-01 15:23 Adobe 2014-10-15 18:17 AGEIA Technologies 2012-05-23 14:19 Alcohol Soft 2011-06-15 23:24 ALLPlayer 2013-04-05 09:15 ASUS 2014-03-26 12:53 Audacity 2014-06-26 00:59 Budzik 2014-05-24 01:23 Calibre2 2014-03-30 15:26 CCleaner 2014-12-05 16:55 ChomikBox 2014-12-17 18:54 Common Files 2011-12-20 20:55 Creative 2013-04-28 13:00 Defraggler 2009-07-14 05:41 174 desktop.ini 2014-05-05 20:28 DIFX 2014-06-07 19:18 Docear 2009-07-14 08:42 DVD Maker 2011-06-15 22:58 ESET 2014-04-25 20:09 Evernote 2014-12-17 14:37 ExperimentalScene 2011-10-19 21:06 FileZilla FTP Client 2014-03-26 18:56 Folder Marker 2013-12-03 18:26 Free Sound Recorder 2014-06-26 00:59 FreeAlarmClock 2014-11-25 11:22 FreePOPs 2011-06-16 21:50 Gadu-Gadu 10 2014-02-27 23:20 GoldWave 2013-11-06 23:57 Google 2014-04-01 21:26 GRETECH 2011-10-18 16:38 Guitar Pro 5 2014-03-26 12:32 i-Funbox DevTeam 2012-04-19 19:52 iExplorer 2011-07-01 18:15 Image-Line 2014-03-19 14:51 Innovative Solutions 2014-11-06 14:40 InstallShield Installation Information 2011-06-15 18:31 Intel 2012-11-18 19:19 Internet Explorer 2014-02-21 16:51 IObit 2014-11-23 15:34 ipla 2014-10-01 19:14 iTunes 2014-12-17 18:52 Java 2013-09-11 21:43 JDownloader 2014-11-23 15:34 K-Lite Codec Pack 2011-06-15 21:19 kX Audio Driver 2013-12-03 20:28 Last.fm 2011-06-15 18:05 Lavalys 2014-12-12 19:36 Malwarebytes Anti-Malware 2013-11-20 17:07 Microsoft Analysis Services 2012-10-02 18:52 Microsoft Chart Controls 2012-08-30 10:51 Microsoft Games for Windows - LIVE 2013-11-20 17:09 Microsoft Office 2014-01-27 21:20 Microsoft Silverlight 2014-02-23 12:05 Microsoft SQL Server Compact Edition 2013-11-20 17:09 Microsoft Sync Framework 2013-11-20 17:09 Microsoft Synchronization Services 2013-11-20 17:08 Microsoft Visual Studio 8 2013-11-20 17:09 Microsoft.NET 2014-05-05 19:21 MiniTool Partition Wizard Home Edition 8.1.1 2014-12-18 00:35 Mozilla Firefox 2014-12-17 18:58 Mozilla Maintenance Service 2014-12-05 14:42 Mozilla Thunderbird 2013-11-20 17:10 MSBuild 2012-11-18 19:12 NAMCO BANDAI Games 2012-01-02 23:09 NAPI-PROJEKT 2014-04-10 20:14 NapiProjekt 2014-06-05 11:43 NbuExplorer 2011-06-16 13:32 neostrada tp 2013-03-12 21:33 NETGEAR 2012-09-12 17:41 Nexus Mod Manager 2014-05-05 20:27 Nokia 2014-11-25 10:24 Nozbe 2014-10-15 18:17 NVIDIA Corporation 2013-04-28 14:24 Odkurzacz 2011-07-31 00:42 OpenAL 2013-05-27 19:19 OpenOffice.org 3 2014-12-06 13:26 Opera 2011-07-01 18:15 Outsim 2014-05-05 20:27 PC Connectivity Solution 2014-01-04 01:59 Pidgin 2014-01-04 01:59 pidgin-otr 2012-04-13 23:11 ProtectDisc Driver Installer 2013-11-22 02:33 QuickTime 2009-07-14 05:52 Reference Assemblies 2012-04-03 22:31 SkaWit 2011-10-20 16:33 Skype 2014-01-05 17:39 Softinterface, Inc 2012-06-20 14:55 System.Data.SQLite 2011-11-21 21:54 Temp 2014-11-06 14:41 TP-LINK 2009-07-14 05:53 Uninstall Information 2014-03-27 19:13 Unlocker 2013-05-05 10:36 uTorrent 2013-10-16 01:23 VideoLAN 2013-10-24 20:58 vidspeak 2011-07-01 18:15 VstPlugins 2014-10-01 18:39 Winamp 2014-10-01 18:39 Winamp Detect 2009-07-14 08:37 Windows Defender 2009-07-14 08:42 Windows Journal 2014-02-23 12:05 Windows Live 2009-07-14 08:37 Windows Mail 2011-09-21 19:36 Windows Media Player 2011-06-15 17:52 Windows NT 2009-07-14 08:37 Windows Photo Viewer 2009-07-14 05:52 Windows Portable Devices 2009-07-14 08:37 Windows Sidebar 2014-12-17 19:01 WinMerge 2014-04-07 18:50 WinRAR 2011-07-30 19:28 Xfire 2011-06-15 22:53 Xvid 1 plik(¢w) 174 bajt¢w 113 katalog(¢w) 22ÿ920ÿ941ÿ568 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\ProgramData ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 5E07-B3DF Katalog: C:\ProgramData 2014-12-18 00:35 . 2014-12-18 00:35 .. 2014-05-26 19:46 A-PDF 2014-01-14 21:12 ABBYY 2014-12-03 07:57 Adobe 2011-10-26 20:05 Apple 2011-10-26 20:06 Apple Computer 2009-07-14 05:53 Application Data [C:\ProgramData] 2011-06-15 22:47 ashampoo 2012-09-15 00:06 Battle.net 2014-01-17 22:20 Caminova 2011-11-21 23:00 Creative 2012-11-18 20:08 Creative Labs 2011-09-10 12:39 DAEMON Tools Lite 2011-06-15 17:52 Dane aplikacji [C:\ProgramData] 2009-07-14 05:53 Desktop [C:\Users\Public\Desktop] 2012-02-26 22:57 DivX 2009-07-14 05:53 Documents [C:\Users\Public\Documents] 2011-06-15 17:52 Dokumenty [C:\Users\Public\Documents] 2011-09-05 21:45 EA Core 2011-09-05 21:45 Electronic Arts 2011-06-15 22:58 ESET 2014-10-15 16:41 F-Secure 2009-07-14 05:53 Favorites [C:\Users\Public\Favorites] 2011-06-16 21:50 Gadu-Gadu 10 2014-04-01 21:26 GRETECH 2014-03-19 14:51 Innovative Solutions 2014-05-05 20:25 Installations 2014-02-22 17:30 IObit 2014-11-23 15:34 ipla 2011-09-21 19:36 Last.fm 2014-12-12 19:36 Malwarebytes 2011-06-15 17:52 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 2014-02-23 12:05 Microsoft 2014-01-16 23:57 Microsoft Help 2012-05-13 10:44 Mozilla 2011-10-25 18:27 NCH Swift Sound 2013-03-08 23:18 NETGEAR 2014-12-09 22:57 472 ntuser.pol 2014-12-17 12:44 NVIDIA 2012-01-24 19:33 NVIDIA Corporation 2014-05-25 15:12 Oracle 2014-05-05 20:27 PC Suite 2011-06-15 17:52 Pulpit [C:\Users\Public\Desktop] 2014-11-23 15:34 RDRM 2014-12-01 15:24 regid.1986-12.com.adobe 2012-01-30 18:58 RELOADED 2013-04-17 18:37 REVOLT 2012-05-16 13:40 SecuROM 2013-04-28 14:28 Skype 2009-07-14 05:53 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 2014-10-24 21:20 Steam 2011-08-21 22:26 Sun 2011-06-15 17:52 Szablony [C:\ProgramData\Microsoft\Windows\Templates] 2009-07-14 05:53 Templates [C:\ProgramData\Microsoft\Windows\Templates] 2014-11-06 14:40 TP-LINK 2012-01-27 13:53 Ubisoft 2011-06-15 17:52 Ulubione [C:\Users\Public\Favorites] 2011-10-26 20:07 {429CAD59-35B1-4DBC-BB6D-1DB246563521} 2011-10-25 19:26 {755AC846-7372-4AC8-8550-C52491DAA8BD} 2013-04-28 14:33 {CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} 1 plik(¢w) 472 bajt¢w 60 katalog(¢w) 22ÿ920ÿ941ÿ568 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\Users\Bartek\AppData\Local ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 5E07-B3DF Katalog: C:\Users\Bartek\AppData\Local 2014-12-18 00:35 . 2014-12-18 00:35 .. 2012-04-19 15:52 1C 2011-09-07 20:52 28050 2014-03-30 16:08 4kdownload.com 2014-01-14 21:12 ABBYY 2014-12-17 07:56 Adobe 2011-09-10 14:33 ALI213 2011-06-15 23:24 ALLPlayer 2011-10-25 19:24 Apple 2012-04-13 23:03 Apple Computer 2011-06-15 22:47 ashampoo 2012-04-02 22:18 BigHugeEngine 2013-05-05 19:47 Black_Tree_Gaming 2014-01-17 21:36 calibre-cache 2014-12-11 14:35 ChomikBox 2011-09-11 15:15 Chromium 2011-06-15 17:53 Dane aplikacji [C:\Users\Bartek\AppData\Local] 2013-05-01 22:37 18ÿ874ÿ368 data1.cab 2012-03-06 19:10 dxhr 2014-12-01 16:53 ElevatedDiagnostics 2011-06-15 23:24 ESET 2013-05-28 17:44 Evernote 2014-12-04 01:20 EvernoteNW 2014-10-15 16:38 F-Secure 2013-10-24 20:46 Facebook 2013-04-06 14:28 FLT 2014-12-01 15:25 125ÿ536 GDIPFONTCACHEV1.DAT 2014-12-18 00:35 Google 2013-02-07 15:54 Greyfirst 2011-06-15 17:53 Historia [C:\Users\Bartek\AppData\Local\Microsoft\Windows\History] 2014-12-17 12:42 6ÿ291ÿ456 IconCache.db 2014-03-19 14:51 Innovative Solutions 2014-08-19 15:43 Installer 2014-12-17 12:40 Last.fm 2013-05-01 22:37 1ÿ917 localstore.rdf 2013-02-05 18:52 Macromedia 2012-04-19 19:52 Macroplant 2014-12-14 07:14 Microsoft 2013-11-20 17:07 Microsoft Help 2013-10-01 12:16 Mozilla 2012-06-20 18:36 My Games 2012-08-30 10:56 NBGI 2014-12-17 22:03 Nozbe 2012-05-15 14:56 Opera 2014-08-19 15:41 Opera Software 2013-01-06 00:09 Programs 2011-12-18 20:46 PunkBuster 2012-05-12 12:54 Risen2 2014-10-16 19:47 Risen3 2013-03-12 21:07 screenSHU 2013-05-01 22:37 226 Setup.dat 2012-05-12 12:54 SKIDROW 2013-05-19 20:24 Skyrim 2014-05-10 16:25 Spotify 2014-12-18 00:35 Temp 2011-06-15 17:53 Temporary Internet Files [C:\Users\Bartek\AppData\Local\Microsoft\Windows\Temporary Internet Files] 2011-07-21 13:38 The Witcher 2 2014-11-25 10:19 Thunderbird 2014-03-19 14:53 Ubisoft Game Launcher 2014-03-19 14:53 Unity 2011-09-02 14:24 uTorrent 2012-04-02 15:29 VirtualStore 2014-12-14 07:13 Windows Live 5 plik(¢w) 25ÿ293ÿ503 bajt¢w 59 katalog(¢w) 22ÿ920ÿ937ÿ472 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\Users\Bartek\AppData\LocalLow ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 5E07-B3DF Katalog: C:\Users\Bartek\AppData\LocalLow 2014-12-12 22:12 . 2014-12-12 22:12 .. 2013-05-11 20:49 Adobe 2011-10-25 19:22 Apple Computer 2013-05-28 17:44 Evernote 2013-04-07 19:46 Google 2013-04-28 14:33 IObit 2014-02-23 12:00 Microsoft 2013-04-28 14:47 spiral 2011-08-21 22:24 Sun 2012-11-27 16:05 Temp 2011-09-26 17:35 Unity 0 plik(¢w) 0 bajt¢w 12 katalog(¢w) 22ÿ920ÿ937ÿ472 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\Users\Bartek\AppData\Roaming ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 5E07-B3DF Katalog: C:\Users\Bartek\AppData\Roaming 2014-12-18 00:35 . 2014-12-18 00:35 .. 2012-04-30 19:23 . minecraft - kopia 2 2012-09-15 00:08 .minecraft 2012-05-23 11:27 .minecraft - Kopia 2012-05-23 12:09 .minecraft - Kopia mody 2012-05-23 11:24 .minecraft - modded 2012-05-23 11:28 .minecraft - modded - Kopia 2012-05-23 11:27 .mineshaftersquared 2014-11-25 14:03 .NozbeVer 2014-01-04 02:27 .purple 2014-01-15 00:12 ABBYY 2014-12-01 16:05 Adobe 2013-04-28 14:33 Apple Computer 2014-03-26 17:43 ArcticLine 2014-11-10 21:39 Audacity 2012-05-16 14:08 Bioshock2 2014-01-17 21:55 calibre 2014-04-06 18:51 CodeBlocks 2013-03-12 21:20 DMCache 2014-12-17 12:46 Dropbox 2011-06-15 22:59 ESET 2012-01-27 23:36 FileZilla 2013-12-03 18:29 Free Sound Recorder 2013-01-16 18:30 Gadu-Gadu 10 2014-04-01 21:26 GRETECH 2011-06-15 17:53 Identities 2012-03-30 15:05 1ÿ161 Info!.txt 2014-03-25 22:36 InstallShield 2014-03-25 22:20 IObit 2014-11-24 13:43 ipla 2011-06-16 13:35 Macromedia 2009-07-14 08:42 Media Center Programs 2014-12-12 22:11 Microsoft 2014-03-18 23:25 Mozilla 2013-01-06 00:11 NapiProjekt 2014-06-05 11:38 Nokia 2012-04-10 16:47 NVIDIA 2013-05-27 19:50 OpenOffice.org 2012-05-15 14:56 Opera 2014-08-19 15:41 Opera Software 2014-06-15 16:56 PC Suite 2011-12-18 17:10 PunkBuster 2013-05-01 21:52 RenPy 2014-02-28 11:04 Skype 2014-11-20 19:24 Spotify 2014-10-24 21:20 The Creative Assembly 2012-12-05 17:14 Theta 2014-11-25 10:19 Thunderbird 2014-11-06 14:53 TP-LINK 2013-05-03 16:21 Ubisoft 2014-12-17 14:33 uTorrent 2013-12-10 21:32 vlc 2014-12-17 22:09 Winamp 2011-06-16 13:33 WinRAR 2011-07-30 19:28 Xfire 1 plik(¢w) 1ÿ161 bajt¢w 55 katalog(¢w) 22ÿ920ÿ933ÿ376 bajt¢w wolnych ========= End of CMD: ========= EmptyTemp: => Removed 263 MB temporary data. The system needed a reboot. ==== End of Fixlog ====