Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-02-2015 01
Ran by Joanna at 2015-02-24 09:43:27 Run:1
Running from D:\Różności\użytkowe\do ochrony\FRST
Loaded Profiles: Joanna (Available profiles: Joanna)
Boot Mode: Safe Mode (minimal)
==============================================

Content of fixlist:
*****************
CloseProcesses:
Task: {2FB57331-F950-472B-9F27-FF102E4A6D3F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {3AF5C748-C0A5-4868-9AA2-79EB7D485A6C} - System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} => C:\ProgramData\cis7ECF.exe <==== ATTENTION
Task: {F13C44EE-78BF-41DE-B0AF-9D74770C1E59} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {F57B16BA-9B97-4588-8B14-D40A48025E9E} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-202346881-863075990-3882824932-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-202346881-863075990-3882824932-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> No File
Toolbar: HKLM-x32 - No Name - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - No File
HKU\S-1-5-21-202346881-863075990-3882824932-1000\...\Policies\Explorer: [NoControlPanel] 0
S4 nvvad_WaveExtensible; No ImagePath
U3 DfSdkS; No ImagePath
AlternateDataStreams: C:\Windows\avastSS.scr:$CmdTcID
AlternateDataStreams: C:\Windows\ST5UNST.EXE:$CmdTcID
AlternateDataStreams: C:\Windows\temp.000:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aswBoot.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\OpenAL32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\unrar64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wrap_oal.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\MSVBVM50.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\OpenAL32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\unrar.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\VB5DE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\VB5StKit.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wrap_oal.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\aswHwid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\aswRvrt.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\aswSP.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\aswVmm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PSKMAD.sys:$CmdTcID
C:\ProgramData\htoelzqn.oia
C:\ProgramData\TEMP
C:\Users\Joanna\x.exe
C:\Windows\System32\Tasks\COMODO
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2FB57331-F950-472B-9F27-FF102E4A6D3F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FB57331-F950-472B-9F27-FF102E4A6D3F}" => Key deleted successfully.
C:\Windows\System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3AF5C748-C0A5-4868-9AA2-79EB7D485A6C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AF5C748-C0A5-4868-9AA2-79EB7D485A6C}" => Key deleted successfully.
C:\Windows\System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F13C44EE-78BF-41DE-B0AF-9D74770C1E59}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F13C44EE-78BF-41DE-B0AF-9D74770C1E59}" => Key deleted successfully.
C:\Windows\System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F57B16BA-9B97-4588-8B14-D40A48025E9E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F57B16BA-9B97-4588-8B14-D40A48025E9E}" => Key deleted successfully.
C:\Windows\System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-202346881-863075990-3882824932-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
"HKU\S-1-5-21-202346881-863075990-3882824932-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7} => Key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{71576546-354D-41c9-AAE8-31F2EC22BF0D} => value deleted successfully.
HKCR\Wow6432Node\CLSID\{71576546-354D-41c9-AAE8-31F2EC22BF0D} => Key not found. 
HKU\S-1-5-21-202346881-863075990-3882824932-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
nvvad_WaveExtensible => Service deleted successfully.
DfSdkS => Service deleted successfully.
C:\Windows\avastSS.scr => ":$CmdTcID" ADS removed successfully.
C:\Windows\ST5UNST.EXE => ":$CmdTcID" ADS removed successfully.
C:\Windows\temp.000 => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\aswBoot.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\OpenAL32.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\unrar64.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\wrap_oal.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\MSVBVM50.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\OpenAL32.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\unrar.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\VB5DE.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\VB5StKit.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\wrap_oal.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\aswHwid.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\aswRvrt.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\aswSP.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\aswVmm.sys => ":$CmdTcID" ADS removed successfully.
"C:\Windows\system32\Drivers\PSKMAD.sys" => ":$CmdTcID" ADS not found.
C:\ProgramData\htoelzqn.oia => Moved successfully.
C:\ProgramData\TEMP => Moved successfully.
C:\Users\Joanna\x.exe => Moved successfully.
C:\Windows\System32\Tasks\COMODO => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO => Key Deleted successfully.

========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========



The system needed a reboot. 

==== End of Fixlog 09:43:28 ====