Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 23-02-2015 01 Ran by Andrzej Dratwa at 2015-02-24 14:10:17 Run:2 Running from C:\Documents and Settings\Andrzej Dratwa\Pulpit Loaded Profiles: Andrzej Dratwa (Available profiles: Andrzej Dratwa) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: CreateRestorePoint: Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\WINDOWS\TEMP\{25D3E218-1AE8-49E1-A9BC-DF2284AE6F66}.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\WINDOWS\TEMP\{9A7B8BFE-9DF7-4CFA-9125-5B9C0208E058}.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files\AVG Secure Search\PostInstall\ROC.exe R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-05-21] (AVG Technologies) S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X] S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 massfilter; system32\drivers\massfilter.sys [X] S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X] S1 trjjvtvo; \??\C:\WINDOWS\system32\drivers\trjjvtvo.sys [X] S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X] S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X] S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X] HKLM\...\Run: [] => [X] HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = CustomCLSID: HKU\S-1-5-21-1547161642-484763869-1801674531-1004_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> No File Path FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension C:\Program Files\Mozilla Firefoxavg-secure-search.xml C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension C:\WINDOWS\pss\McAfee Security Scan Plus.lnkCommon Startup C:\WINDOWS\system32\drivers\avgtpx86.sys CMD: rd /s /q "USERPROFILE%\Dane aplikacji\Azureus" CMD: del /q "USERPROFILE%\Dane aplikacji\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk" CMD: del /q "USERPROFILE%\Dane aplikacji\Microsoft\Office\Niedawny\*.LNK" CMD: del /q "USERPROFILE%\Pulpit\PROGRAMY\Odkurzacz.lnk" CMD: del /q "USERPROFILE%\Pulpit\PROGRAMY\Szybkie Czyszczenie Dysku.lnk" CMD: del /q "USERPROFILE%\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Preferences" Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^McAfee Security Scan Plus.lnk" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GEST" /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => Moved successfully. C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => Moved successfully. C:\WINDOWS\Tasks\ROC_JAN2013_TB_rmv.job => Moved successfully. avgtp => Service stopped successfully. avgtp => Service deleted successfully. ewusbnet => Service deleted successfully. ew_usbenumfilter => Service deleted successfully. huawei_enumerator => Service deleted successfully. hwdatacard => Service deleted successfully. massfilter => Service deleted successfully. RTL8192su => Service deleted successfully. trjjvtvo => Service deleted successfully. ZTEusbmdm6k => Service deleted successfully. ZTEusbnmea => Service deleted successfully. ZTEusbser6k => Service deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. "HKU\S-1-5-21-1547161642-484763869-1801674531-1004_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}" => Key deleted successfully. HKLM\Software\Mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} => value deleted successfully. C:\Program Files\Mozilla Firefoxavg-secure-search.xml => Moved successfully. C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension => Moved successfully. C:\WINDOWS\pss\McAfee Security Scan Plus.lnkCommon Startup => Moved successfully. C:\WINDOWS\system32\drivers\avgtpx86.sys => Moved successfully. ========= rd /s /q "USERPROFILE%\Dane aplikacji\Azureus" ========= System nie mo¾e odnale«† okre˜lonej ˜cie¾ki. ========= End of CMD: ========= ========= del /q "USERPROFILE%\Dane aplikacji\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk" ========= System nie mo¾e odnale«† okre˜lonej ˜cie¾ki. ========= End of CMD: ========= ========= del /q "USERPROFILE%\Dane aplikacji\Microsoft\Office\Niedawny\*.LNK" ========= System nie mo¾e odnale«† okre˜lonej ˜cie¾ki. ========= End of CMD: ========= ========= del /q "USERPROFILE%\Pulpit\PROGRAMY\Odkurzacz.lnk" ========= System nie mo¾e odnale«† okre˜lonej ˜cie¾ki. ========= End of CMD: ========= ========= del /q "USERPROFILE%\Pulpit\PROGRAMY\Szybkie Czyszczenie Dysku.lnk" ========= System nie mo¾e odnale«† okre˜lonej ˜cie¾ki. ========= End of CMD: ========= ========= del /q "USERPROFILE%\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Preferences" ========= System nie mo¾e odnale«† okre˜lonej ˜cie¾ki. ========= End of CMD: ========= ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f ========= Operacja ukoÅ„czona pomyÅ›lnie ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^McAfee Security Scan Plus.lnk" /f ========= Operacja ukoÅ„czona pomyÅ›lnie ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GEST" /f ========= Operacja ukoÅ„czona pomyÅ›lnie ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoÅ„czona pomyÅ›lnie ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoÅ„czona pomyÅ›lnie ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoÅ„czona pomyÅ›lnie ========= End of Reg: ========= EmptyTemp: => Removed 177 MB temporary data. The system needed a reboot. ==== End of Fixlog 14:10:42 ====