Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-04-2015
Ran by samsung at 2015-04-14 20:52:13 Run:1
Running from C:\Users\samsung\Downloads
Loaded Profiles: UpdatusUser & samsung (Available profiles: UpdatusUser & samsung)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
CreateRestorePoint:
R1 {9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64; C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys [61112 2014-04-28] (StdLib)
R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}w64; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}w64.sys [61120 2014-06-11] (StdLib)
S2 Update Greener Web; "C:\Program Files (x86)\Greener Web\updateGreenerWeb.exe" [X]
S2 Util Greener Web; "C:\Program Files (x86)\Greener Web\bin\utilGreenerWeb.exe" [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
Task: {103A2920-F0C0-4006-9983-D24951FAB841} - System32\Tasks\{F56562F1-88F6-42B3-BF71-D32F694875E8} => C:\Program Files\NokiaFREE Unlock Codes Calculator\_NokiaFREE_Calc.exe
Task: {4A50B026-9B51-4FF5-BCAC-E1C88369864C} - System32\Tasks\{E1CC409B-9CEA-4830-9BB9-E2707297CCE3} => pcalua.exe -a "C:\Users\samsung\Downloads\filehost_FIFA 14 Origin Key Generator.exe" -d C:\Users\samsung\Downloads
Task: {73178EA7-241D-4D6F-AA4E-3CE6123E9E92} - System32\Tasks\{E1D7F4A8-0188-4596-9CB2-19228813D123} => C:\Program Files\NokiaFREE Unlock Codes Calculator\NokiaFREE_Calc.exe
Task: {8D81F7A1-4DC7-4E3F-80BC-23E13126FD39} - System32\Tasks\{56A8C543-3339-43C0-9D5D-2BBB2BEA22EB} => pcalua.exe -a "D:\Cultures 2\Setup.exe" -d "D:\Cultures 2"
Task: {8E472DE3-1CA9-4AFD-BB4C-5DA3D3CDBF75} - System32\Tasks\{777FFCBD-0174-4810-860A-9293BB82BFF8} => pcalua.exe -a C:\Users\samsung\Downloads\WorldUnlock_v44_Setup-NOKIA_free\WorldUnlock_v44_Setup\WorldUnlock_v44_Setup.exe -d C:\Users\samsung\Downloads\WorldUnlock_v44_Setup-NOKIA_free\WorldUnlock_v44_Setup
Task: {B578E9E8-3257-4AD6-947A-A7BD29646651} - System32\Tasks\{C425A6E2-B0EA-4C80-9139-950021EA0FD1} => C:\Program Files\NokiaFREE Unlock Codes Calculator\_NokiaFREE_Calc.exe
Task: {CEC982D1-D934-4436-95F6-06900E922A21} - System32\Tasks\{0FCA6DAD-BFE1-4325-8DA0-810D7A2D5B04} => C:\Program Files\NokiaFREE Unlock Codes Calculator\_NokiaFREE_Calc.exe
Task: {EEBCEB77-23E1-4CA8-947E-1E937A52D34F} - System32\Tasks\{3F8273B6-65FE-4D09-985C-99B30A314428} => C:\Program Files\NokiaFREE Unlock Codes Calculator\_NokiaFREE_Calc.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150410
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150410
HKU\S-1-5-21-4209209786-2917733824-1122995674-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150410
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1708250
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1708250
SearchScopes: HKU\S-1-5-21-4209209786-2917733824-1122995674-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1708250
Toolbar: HKU\S-1-5-21-4209209786-2917733824-1122995674-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
C:\Program Files\Common Files\WinPcapNmap.exe
C:\Program Files (x86)\Opera
C:\ProgramData\{*}.log
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NokiaFREE Calculator
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VATowiec
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WorldUnlock Calculator
C:\Users\samsung\AppData\Local\Opera Software
C:\Users\samsung\AppData\Roaming\Opera Software
C:\Users\samsung\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Billiards Club.lnk
C:\Users\samsung\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Play Games.lnk
C:\Users\samsung\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk
C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live for Speed
C:\Users\samsung\AppData\Roaming\Microsoft\Word\Wniosek-dotacja-2013-1%20(1)303557920112727497\Wniosek-dotacja-2013-1%20(1).doc.lnk
C:\Users\samsung\Desktop\Programiki [RÓŻNIASTE]\CamStudio.lnk
C:\Users\samsung\Desktop\Programiki [RÓŻNIASTE]\CC Get MAC Address.lnk
C:\Users\samsung\Desktop\Programiki [RÓŻNIASTE]\ipla.lnk
C:\Users\samsung\Desktop\Programiki [RÓŻNIASTE]\KaraFun Player 2.lnk
C:\Users\samsung\Desktop\Programiki [RÓŻNIASTE]\tatowy\MOTIKO\VATowiec.lnk
C:\Users\samsung\Desktop\Programiki [RÓŻNIASTE]\Gosia - harcerstwo\NOKIA LUMIA 520\Szachy\Książki szachowe\Taktyka\Konotop-Testy_po_taktike_dlya_shahmatistov_III_razryada\Gry i zabawy (attracting).lnk
C:\Users\samsung\Downloads\*(*)-dp*.exe
C:\Users\samsung\Downloads\pobierz_*.exe
C:\Users\samsung\Downloads\OriginThinSetup (*).exe
C:\Users\UpdatusUser\Desktop\*.lnk
C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys
C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}w64.sys
C:\windows\SysWOW64\*.tmp
CMD: for /d %f in (C:\Users\samsung\AppData\Local\{*}) do rd /s /q "%f"
Reg: reg delete HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I /f
Reg: reg delete HKCU\Software\dobreprogramy /f
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
Reg: reg delete HKLM\SOFTWARE\Mozilla /f
Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f
Hosts:
EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64 => Service stopped successfully.
{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64 => Service deleted successfully.
{a3f28269-ad17-41a8-b032-3e0313ef8979}w64 => Service stopped successfully.
{a3f28269-ad17-41a8-b032-3e0313ef8979}w64 => Service deleted successfully.
Update Greener Web => Service deleted successfully.
Util Greener Web => Service deleted successfully.
XFDriver64 => Service deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{103A2920-F0C0-4006-9983-D24951FAB841}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{103A2920-F0C0-4006-9983-D24951FAB841}" => Key deleted successfully.
C:\Windows\System32\Tasks\{F56562F1-88F6-42B3-BF71-D32F694875E8} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F56562F1-88F6-42B3-BF71-D32F694875E8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A50B026-9B51-4FF5-BCAC-E1C88369864C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A50B026-9B51-4FF5-BCAC-E1C88369864C}" => Key deleted successfully.
C:\Windows\System32\Tasks\{E1CC409B-9CEA-4830-9BB9-E2707297CCE3} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E1CC409B-9CEA-4830-9BB9-E2707297CCE3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73178EA7-241D-4D6F-AA4E-3CE6123E9E92}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73178EA7-241D-4D6F-AA4E-3CE6123E9E92}" => Key deleted successfully.
C:\Windows\System32\Tasks\{E1D7F4A8-0188-4596-9CB2-19228813D123} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E1D7F4A8-0188-4596-9CB2-19228813D123}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D81F7A1-4DC7-4E3F-80BC-23E13126FD39}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D81F7A1-4DC7-4E3F-80BC-23E13126FD39}" => Key deleted successfully.
C:\Windows\System32\Tasks\{56A8C543-3339-43C0-9D5D-2BBB2BEA22EB} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{56A8C543-3339-43C0-9D5D-2BBB2BEA22EB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E472DE3-1CA9-4AFD-BB4C-5DA3D3CDBF75}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E472DE3-1CA9-4AFD-BB4C-5DA3D3CDBF75}" => Key deleted successfully.
C:\Windows\System32\Tasks\{777FFCBD-0174-4810-860A-9293BB82BFF8} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{777FFCBD-0174-4810-860A-9293BB82BFF8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B578E9E8-3257-4AD6-947A-A7BD29646651}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B578E9E8-3257-4AD6-947A-A7BD29646651}" => Key deleted successfully.
C:\Windows\System32\Tasks\{C425A6E2-B0EA-4C80-9139-950021EA0FD1} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C425A6E2-B0EA-4C80-9139-950021EA0FD1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEC982D1-D934-4436-95F6-06900E922A21}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEC982D1-D934-4436-95F6-06900E922A21}" => Key deleted successfully.
C:\Windows\System32\Tasks\{0FCA6DAD-BFE1-4325-8DA0-810D7A2D5B04} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0FCA6DAD-BFE1-4325-8DA0-810D7A2D5B04}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EEBCEB77-23E1-4CA8-947E-1E937A52D34F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEBCEB77-23E1-4CA8-947E-1E937A52D34F}" => Key deleted successfully.
C:\Windows\System32\Tasks\{3F8273B6-65FE-4D09-985C-99B30A314428} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3F8273B6-65FE-4D09-985C-99B30A314428}" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-4209209786-2917733824-1122995674-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found. 
"HKU\S-1-5-21-4209209786-2917733824-1122995674-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key deleted successfully.
HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found. 
HKU\S-1-5-21-4209209786-2917733824-1122995674-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found. 
C:\Program Files\Common Files\WinPcapNmap.exe => Moved successfully.
C:\Program Files (x86)\Opera => Moved successfully.
C:\ProgramData\{*}.log => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NokiaFREE Calculator => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VATowiec => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WorldUnlock Calculator => Moved successfully.
C:\Users\samsung\AppData\Local\Opera Software => Moved successfully.
C:\Users\samsung\AppData\Roaming\Opera Software => Moved successfully.
C:\Users\samsung\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Billiards Club.lnk => Moved successfully.
C:\Users\samsung\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Play Games.lnk => Moved successfully.
C:\Users\samsung\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk => Moved successfully.
C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live for Speed => Moved successfully.
C:\Users\samsung\AppData\Roaming\Microsoft\Word\Wniosek-dotacja-2013-1%20(1)303557920112727497\Wniosek-dotacja-2013-1%20(1).doc.lnk => Moved successfully.
C:\Users\samsung\Desktop\Programiki [RÓŻNIASTE]\CamStudio.lnk => Moved successfully.
C:\Users\samsung\Desktop\Programiki [RÓŻNIASTE]\CC Get MAC Address.lnk => Moved successfully.
C:\Users\samsung\Desktop\Programiki [RÓŻNIASTE]\ipla.lnk => Moved successfully.
C:\Users\samsung\Desktop\Programiki [RÓŻNIASTE]\KaraFun Player 2.lnk => Moved successfully.
C:\Users\samsung\Desktop\Programiki [RÓŻNIASTE]\tatowy\MOTIKO\VATowiec.lnk => Moved successfully.
C:\Users\samsung\Desktop\Programiki [RÓŻNIASTE]\Gosia - harcerstwo\NOKIA LUMIA 520\Szachy\Książki szachowe\Taktyka\Konotop-Testy_po_taktike_dlya_shahmatistov_III_razryada\Gry i zabawy (attracting).lnk => Moved successfully.
"C:\Users\samsung\Downloads\*(*)-dp*.exe" => File/Directory not found.
"C:\Users\samsung\Downloads\pobierz_*.exe" => File/Directory not found.
"C:\Users\samsung\Downloads\OriginThinSetup (*).exe" => File/Directory not found.
C:\Users\UpdatusUser\Desktop\*.lnk => Moved successfully.
C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys => Moved successfully.
C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}w64.sys => Moved successfully.
C:\windows\SysWOW64\*.tmp => Moved successfully.

=========  for /d %f in (C:\Users\samsung\AppData\Local\{*}) do rd /s /q "%f" =========


========= End of CMD: =========


========= reg delete HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKCU\Software\dobreprogramy /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Mozilla /f =========

Bť¤D: System nie znalaz w rejestrze okrelonego klucza albo wartoci.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\MozillaPlugins /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========

Hosts was reset successfully.
EmptyTemp: => Removed 16.5 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 20:57:02 ====