Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-02-2015 01
Ran by Bartek at 2015-02-26 16:23:45 Run:1
Running from C:\Users\Bartek\Desktop
Loaded Profiles: Bartek (Available profiles: Bartek)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
CreateRestorePoint:
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"="cmd-brontok.exe"
Task: {375F213B-2231-40EB-82C7-57CF8C981A88} - System32\Tasks\{80FF1741-8C57-4297-A63E-A286FF66ADEC} => C:\Users\Bartek\Downloads\battlelog-web-plugins_2.6.2_154.exe
Task: {3B6238C6-9138-4025-B6BE-B24C157204AF} - System32\Tasks\{08F88807-8246-4C45-9511-EF6370C72ADF} => C:\Users\Bartek\Downloads\battlelog-web-plugins_2.6.2_154.exe
HKU\S-1-5-21-1318935594-1313143014-225757962-1000\...\Policies\system: [DisableCMD] 0
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HomePage: Default -> hxxp://home.sweetim.com/?crg=3.1010000.10011
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
U3 kwrdipob; \??\C:\Users\Bartek\AppData\Local\Temp\kwrdipob.sys [X]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Download Manager.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\This War of Mine
C:\Users\Bartek\AppData\Local\Bron.tok.A15.em.bin
C:\Users\Bartek\AppData\Local\Kosong.Bron.Tok.txt
C:\Users\Bartek\AppData\Local\ListHost15.txt
C:\Users\Bartek\AppData\Local\Update.15.Bron.Tok.bin
C:\Users\Bartek\AppData\Local\CrashRpt
C:\Windows\system32\Drivers\etc\hosts.ccebak
CMD: for /d %f in (C:\Users\Bartek\AppData\Local\*Bron*) do rd /s /q "%f"
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
Hosts:
EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\System\CurrentControlSet\Control\SafeBoot\\Default => Value was restored successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\\AlternateShell => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{375F213B-2231-40EB-82C7-57CF8C981A88}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{375F213B-2231-40EB-82C7-57CF8C981A88}" => Key deleted successfully.
C:\Windows\System32\Tasks\{80FF1741-8C57-4297-A63E-A286FF66ADEC} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{80FF1741-8C57-4297-A63E-A286FF66ADEC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B6238C6-9138-4025-B6BE-B24C157204AF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B6238C6-9138-4025-B6BE-B24C157204AF}" => Key deleted successfully.
C:\Windows\System32\Tasks\{08F88807-8246-4C45-9511-EF6370C72ADF} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{08F88807-8246-4C45-9511-EF6370C72ADF}" => Key deleted successfully.
HKU\S-1-5-21-1318935594-1313143014-225757962-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableCMD => value deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
Chrome HomePage deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
FairplayKD => Service deleted successfully.
kwrdipob => Service not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Download Manager.lnk => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\This War of Mine => Moved successfully.
C:\Users\Bartek\AppData\Local\Bron.tok.A15.em.bin => Moved successfully.
C:\Users\Bartek\AppData\Local\Kosong.Bron.Tok.txt => Moved successfully.
C:\Users\Bartek\AppData\Local\ListHost15.txt => Moved successfully.
C:\Users\Bartek\AppData\Local\Update.15.Bron.Tok.bin => Moved successfully.
C:\Users\Bartek\AppData\Local\CrashRpt => Moved successfully.
C:\Windows\system32\Drivers\etc\hosts.ccebak => Moved successfully.

=========  for /d %f in (C:\Users\Bartek\AppData\Local\*Bron*) do rd /s /q "%f" =========


========= End of CMD: =========


========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 777.3 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 16:24:46 ====