Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2015 Ran by admin at 2015-01-24 09:24:04 Run:2 Running from C:\Users\admin\Downloads Loaded Profiles: admin (Available profiles: admin) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: HKLM\...\Run: [] => [X] BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\00824150.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\10881240.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\24602589.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\00824150.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\10881240.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\24602589.sys => ""="Driver" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Uninstall Google Chrome.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster\IsoBuster w sieci.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster\Pomoc.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster\Zamów teraz.lnk C:\Users\Public\Documents\GOOBZO CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a "C:\Program Files\Common Files" CMD: dir /a "C:\Program Files (x86)\Common Files" CMD: dir /a C:\ProgramData CMD: dir /a C:\Users\admin\AppData\Local CMD: dir /a C:\Users\admin\AppData\LocalLow CMD: dir /a C:\Users\admin\AppData\Roaming Reg: reg query "HKLM\SOFTWARE\Clients\StartMenuInternet\OperaStable\shell\open\command" /s Folder: C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\Extensions CMD: type "C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\Preferences" EmptyTemp: ***************** Processes closed successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\00824150.sys" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\10881240.sys" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\24602589.sys" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\00824150.sys" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\10881240.sys" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\24602589.sys" => Key deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Uninstall Google Chrome.lnk => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster\IsoBuster w sieci.lnk => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster\Pomoc.lnk => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster\Zamów teraz.lnk => Moved successfully. C:\Users\Public\Documents\GOOBZO => Moved successfully. ========= dir /a "C:\Program Files" ========= Wolumin w stacji C to TI30811000A Numer seryjny woluminu: 8E25-AD75 Katalog: C:\Program Files 2015-01-23 22:42 . 2015-01-23 22:42 .. 2013-04-15 12:02 Apoint2K 2013-04-15 11:52 ATI 2013-04-15 12:57 AVAST Software 2013-07-02 13:50 Bonjour 2015-01-14 13:37 Common Files 2009-07-14 05:54 174 desktop.ini 2013-07-29 14:01 DVD Maker 2014-05-19 12:13 GIMP 2 2011-08-08 18:28 Google 2014-12-12 08:08 Internet Explorer 2013-04-17 19:59 Microsoft Analysis Services 2013-04-17 20:00 Microsoft Office 2014-09-12 10:05 Microsoft Security Client 2014-07-24 17:57 Microsoft Silverlight 2009-07-14 06:32 MSBuild 2013-04-17 19:56 Office 2011-08-08 17:47 PlayReady 2013-04-15 11:57 Realtek 2009-07-14 06:32 Reference Assemblies 2013-04-15 12:27 TOSHIBA 2009-07-14 06:09 Uninstall Information 2013-12-09 10:10 VueScan 2013-07-29 14:03 Windows Defender 2014-07-11 11:36 Windows Journal 2011-08-08 18:18 Windows Live 2013-07-29 14:03 Windows Mail 2014-10-16 06:38 Windows Media Player 2013-04-15 12:42 Windows NT 2013-07-29 14:03 Windows Photo Viewer 2010-11-21 04:31 Windows Portable Devices 2013-07-29 14:03 Windows Sidebar 2013-04-17 09:30 WinRAR 2013-10-06 09:04 Zune 1 plik(¢w) 174 bajt¢w 34 katalog(¢w) 193ÿ454ÿ002ÿ176 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a "C:\Program Files (x86)" ========= Wolumin w stacji C to TI30811000A Numer seryjny woluminu: 8E25-AD75 Katalog: C:\Program Files (x86) 2015-01-23 23:16 . 2015-01-23 23:16 .. 2015-01-14 20:19 Atheros 2013-04-15 11:53 ATI Technologies 2013-07-02 13:50 Bonjour 2013-10-14 10:23 City Interactive 2015-01-23 23:16 Common Files 2014-11-15 21:11 Cyfrowy Polsat 2009-07-14 05:54 174 desktop.ini 2014-11-11 11:04 Google 2013-04-15 12:02 GUM3BD7.tmp 2014-11-15 21:11 InstallShield Installation Information 2013-04-15 11:55 Intel 2014-12-12 08:08 Internet Explorer 2013-05-21 19:38 JCommerce 2013-06-26 08:42 McAfee 2013-04-17 19:59 Microsoft Analysis Services 2013-05-21 19:33 Microsoft ASP.NET 2013-04-17 19:58 Microsoft Office 2014-09-12 10:05 Microsoft Security Client 2014-07-24 17:57 Microsoft Silverlight 2011-08-08 18:22 Microsoft SQL Server Compact Edition 2011-08-08 17:54 Microsoft.NET 2015-01-23 23:16 Mozilla Firefox 2015-01-19 19:30 Mozilla Maintenance Service 2014-01-05 19:55 MPC-HC 2009-07-14 06:32 MSBuild 2013-04-18 10:57 MSXML 4.0 2015-01-23 22:56 Opera 2013-04-15 11:57 Realtek 2014-11-15 21:12 RedApp 2009-07-14 06:32 Reference Assemblies 2013-04-15 12:00 Renesas Electronics 2013-04-15 12:07 Ricoh 2014-12-28 23:45 Rovio Entertainment Ltd 2014-08-08 13:24 Skype 2015-01-20 08:49 Smart Projects 2013-04-15 11:57 Temp 2013-04-15 12:15 TOH Class Filter 2013-04-15 12:24 TOSHIBA 2011-08-08 17:58 Toshiba TEMPRO 2009-07-14 05:57 Uninstall Information 2013-04-17 19:18 VideoConverter 2013-07-29 14:03 Windows Defender 2011-08-08 18:23 Windows Live 2013-07-29 14:03 Windows Mail 2014-10-16 06:38 Windows Media Player 2009-07-14 06:32 Windows NT 2013-07-29 14:03 Windows Photo Viewer 2010-11-21 04:31 Windows Portable Devices 2013-07-29 14:03 Windows Sidebar 2013-04-17 09:29 WinRAR 1 plik(¢w) 174 bajt¢w 51 katalog(¢w) 193ÿ453ÿ998ÿ080 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a "C:\Program Files\Common Files" ========= Wolumin w stacji C to TI30811000A Numer seryjny woluminu: 8E25-AD75 Katalog: C:\Program Files\Common Files 2015-01-14 13:37 . 2015-01-14 13:37 .. 2014-05-14 21:33 DESIGNER 2013-04-17 20:01 Microsoft Shared 2009-07-14 04:20 Services 2009-07-14 04:20 SpeechEngines 2013-07-29 14:03 System 0 plik(¢w) 0 bajt¢w 7 katalog(¢w) 193ÿ453ÿ998ÿ080 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a "C:\Program Files (x86)\Common Files" ========= Wolumin w stacji C to TI30811000A Numer seryjny woluminu: 8E25-AD75 Katalog: C:\Program Files (x86)\Common Files 2015-01-23 23:16 . 2015-01-23 23:16 .. 2014-12-09 20:41 Apple 2013-04-15 11:57 InstallShield 2013-06-26 08:42 mcafee 2013-04-18 21:43 microsoft shared 2013-04-15 11:47 postureAgent 2009-07-14 04:20 Services 2014-08-08 13:24 Skype 2009-07-14 04:20 SpeechEngines 2014-01-20 08:26 Symantec Shared 2013-07-29 14:03 System 2011-08-08 18:17 Windows Live 2011-08-08 17:58 Wise Installation Wizard 0 plik(¢w) 0 bajt¢w 14 katalog(¢w) 193ÿ445ÿ543ÿ936 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\ProgramData ========= Wolumin w stacji C to TI30811000A Numer seryjny woluminu: 8E25-AD75 Katalog: C:\ProgramData 2015-01-23 22:58 . 2015-01-23 22:58 .. 2014-12-09 20:44 34BE82C4-E596-4e99-A191-52C6199EBF69 2015-01-23 23:14 Adobe 2014-03-18 17:26 Apple 2013-07-02 13:52 Apple Computer 2009-07-14 06:08 Application Data [C:\ProgramData] 2013-04-15 12:10 Atheros 2013-04-15 11:54 ATI 2013-05-15 09:55 AVAST Software 2013-04-17 19:18 Babylon 2013-04-17 11:28 CanonBJ 2015-01-14 11:09 Common Files 2015-01-14 11:19 DAEMON Tools Lite 2013-04-15 12:42 Dane aplikacji [C:\ProgramData] 2009-07-14 06:08 Desktop [C:\Users\Public\Desktop] 2009-07-14 06:08 Documents [C:\Users\Public\Documents] 2013-04-15 12:42 Dokumenty [C:\Users\Public\Documents] 2013-04-15 12:00 Downloaded Installations 2009-07-14 06:08 Favorites [C:\Users\Public\Favorites] 2013-04-15 12:46 Google 2015-01-19 09:36 Kaspersky Lab Setup Files 2013-06-26 08:42 McAfee 2013-04-15 12:42 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 2014-12-12 08:08 Microsoft 2014-12-12 07:47 Microsoft Help 2014-02-04 09:57 Mozilla 2011-08-08 18:06 Nero 2014-01-20 08:28 Norton 2013-07-31 12:08 NortonInstaller 2013-05-07 06:39 Partner 2013-07-31 12:08 PCSettings 2013-04-15 12:42 Pulpit [C:\Users\Public\Desktop] 2014-11-16 02:47 RedApp 2014-08-08 13:24 Skype 2009-07-14 06:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 2011-08-08 17:47 Sun 2013-04-15 12:42 Szablony [C:\ProgramData\Microsoft\Windows\Templates] 2015-01-23 23:00 TEMP 2009-07-14 06:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 2014-04-08 13:32 Toshiba 2013-04-15 12:44 ToshibaEurope 2013-04-15 12:42 Ulubione [C:\Users\Public\Favorites] 0 plik(¢w) 0 bajt¢w 43 katalog(¢w) 193ÿ445ÿ539ÿ840 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\Users\admin\AppData\Local ========= Wolumin w stacji C to TI30811000A Numer seryjny woluminu: 8E25-AD75 Katalog: C:\Users\admin\AppData\Local 2015-01-24 00:43 . 2015-01-24 00:43 .. 2014-12-13 11:51 Adobe 2013-07-02 13:51 Apple 2013-07-02 13:53 Apple Computer 2013-04-15 12:47 ATI 2015-01-14 11:15 31 burnaware.ini 2013-04-15 12:43 Dane aplikacji [C:\Users\admin\AppData\Local] 2014-11-28 15:54 Diagnostics 2015-01-14 10:42 DICOMViewer 2014-01-16 14:14 ElevatedDiagnostics 2014-11-13 19:57 EmieBrowserModeList 2014-04-10 22:00 EmieSiteList 2014-04-10 22:00 EmieUserList 2014-05-19 12:13 fontconfig 2014-11-13 09:06 109ÿ280 GDIPFONTCACHEV1.DAT 2014-05-19 12:13 gegl-0.2 2014-11-11 11:04 Google 2014-07-13 20:54 gtk-2.0 2013-04-15 12:43 Historia [C:\Users\admin\AppData\Local\Microsoft\Windows\History] 2015-01-24 00:43 11ÿ624ÿ527 IconCache.db 2015-01-14 11:21 Installer 2014-02-04 10:44 Macromedia 2014-04-28 10:56 Microsoft 2014-11-11 11:18 Microsoft Help 2014-02-04 09:58 Mozilla 2015-01-14 10:46 Nero 2013-10-30 21:39 Nero_AG 2015-01-23 22:56 Opera Software 2013-04-17 19:33 Programs 2015-01-24 00:43 30ÿ975 recently-used.xbel 2014-08-08 13:24 Skype 2013-04-17 11:34 SoftGrid Client 2015-01-24 09:24 Temp 2013-04-15 12:43 Temporary Internet Files [C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files] 2014-04-08 13:32 TOSHIBA 2013-10-30 23:44 VirtualStore 2014-05-19 12:22 webkit 2013-04-17 07:43 Western Digital 2014-06-11 19:38 Windows Live 2014-10-26 20:57 Wuala 4 plik(¢w) 11ÿ764ÿ813 bajt¢w 37 katalog(¢w) 193ÿ445ÿ015ÿ552 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\Users\admin\AppData\LocalLow ========= Wolumin w stacji C to TI30811000A Numer seryjny woluminu: 8E25-AD75 Katalog: C:\Users\admin\AppData\LocalLow 2015-01-20 08:49 . 2015-01-20 08:49 .. 2015-01-19 19:47 Adobe 2014-11-13 19:57 EmieBrowserModeList 2014-04-10 22:00 EmieSiteList 2014-04-10 22:00 EmieUserList 2015-01-19 19:47 8ÿ542 HELP_DECRYPT.HTML 2015-01-19 19:47 45ÿ541 HELP_DECRYPT.PNG 2015-01-19 19:47 4ÿ214 HELP_DECRYPT.TXT 2015-01-19 19:47 272 HELP_DECRYPT.URL 2015-01-20 08:49 Microsoft 4 plik(¢w) 58ÿ569 bajt¢w 7 katalog(¢w) 193ÿ445ÿ015ÿ552 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\Users\admin\AppData\Roaming ========= Wolumin w stacji C to TI30811000A Numer seryjny woluminu: 8E25-AD75 Katalog: C:\Users\admin\AppData\Roaming 2015-01-23 23:12 . 2015-01-23 23:12 .. 2013-04-17 09:19 Adobe 2014-07-03 19:14 AdobeChk 2014-03-27 16:59 Angry Birds Breakfast 1 2014-03-04 18:01 Angry Birds Breakfast 2 2013-07-02 13:55 Apple Computer 2013-04-15 12:47 ATI 2013-04-17 19:18 Babylon 2015-01-14 11:16 377 burnaware.ini 2014-03-27 16:59 com.rovio.AngryBirdsBreakfast1 2014-03-04 18:01 com.rovio.AngryBirdsBreakfast2 2015-01-14 11:24 DAEMON Tools Lite 2014-02-10 20:18 DigitalSites 2013-04-17 19:18 DSite 2013-04-17 11:30 Google 2013-04-15 12:46 Identities 2013-04-17 07:33 Macromedia 2010-11-21 08:16 Media Center Programs 2014-07-13 20:27 Microsoft 2014-11-03 20:00 Mozilla 2014-01-05 19:56 MPC-HC 2013-04-17 19:23 Nero 2015-01-23 22:56 Opera Software 2014-11-16 02:48 RedApp 2014-12-28 23:45 Rovio 2014-12-28 23:45 Rovio Entertainment Ltd 2014-08-08 13:51 Skype 2013-04-17 13:00 SoftGrid Client 2013-04-15 13:05 Toshiba 2013-04-15 13:01 TOSHIBA Online Product Information 2013-04-17 09:59 TP 2015-01-23 21:19 263 WB.CFG 2014-01-27 21:04 5 WBPU-TTL.DAT 2014-08-25 07:08 Wildfire 2013-04-15 12:45 WinBatch 2013-04-17 09:29 WinRAR 2014-10-26 20:57 Wuala 3 plik(¢w) 645 bajt¢w 35 katalog(¢w) 193ÿ445ÿ011ÿ456 bajt¢w wolnych ========= End of CMD: ========= ========= reg query "HKLM\SOFTWARE\Clients\StartMenuInternet\OperaStable\shell\open\command" /s ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========================= Folder: C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\Extensions ======================== Directory Not Found ========= type "C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\Preferences" ========= ========= End of CMD: ========= EmptyTemp: => Removed 1.2 GB temporary data. The system needed a reboot. ==== End of Fixlog 09:24:32 ====