CloseProcesses:
CreateRestorePoint:
R1 wafd_1_10_0_19; C:\Windows\System32\drivers\wafd_1_10_0_19.sys [61312 2015-06-16] (WA)
S2 wasvc_1.10.0.19; "C:\Program Files (x86)\WordAnchor_1.10.0.19\Service\wasvc.exe" [X]
HKLM\...\Run: [] => [X]
Startup: C:\Users\Gosia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\t.lnk [2015-06-07]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-06-13]
Task: {85176E1D-EFA0-4099-ABA4-3038072167AC} - System32\Tasks\Opera N Sunday => C:\Program Files (x86)\Opera\launcher.exe
Task: {FA4755F3-56EE-40D9-9F16-FCB829A23697} - System32\Tasks\Opera N Saturday => C:\Program Files (x86)\Opera\launcher.exe
C:\Program Files (x86)\Opera
C:\ProgramData\f08cac26-e74f-49b4-9ff1-f081aa55e1b3
C:\Users\Gosia\AppData\Local\Opera Software
C:\Users\Gosia\AppData\Roaming\Opera Software
C:\Users\Gosia\AppData\Roaming\GoldenGate
C:\Users\Gosia\AppData\Roaming\Shortcut
C:\Windows\System32\drivers\wafd_1_10_0_19.sys
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
EmptyTemp: