Fix result of Farbar Recovery Scan Tool (x64) Version:27-04-2016
Ran by Kinia (2016-04-29 20:35:02) Run:1
Running from C:\Users\Kinia\Desktop\Nowy folder (2)
Loaded Profiles: Kinia (Available Profiles: Kinia)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
R1 {4bf99d86-1f37-4311-a79d-5136408f4421}Gw64; C:\Windows\System32\drivers\{4bf99d86-1f37-4311-a79d-5136408f4421}Gw64.sys [48784 2016-02-28] (StdLib)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
Task: {20A74FA4-81D2-4FE4-9D7A-5C9B89B4237C} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: {C0FC2055-B707-46F5-AFDC-CC14A67B6D2F} - System32\Tasks\{1FFF8A45-CDA3-45FB-A8A0-DA3B96305192} => pcalua.exe -a F:\Sims3SP01Setup.exe -d F:\
Task: {FCB78D4A-3B88-4B4D-995E-8BF3DCF01BF8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software)
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\...\Run: [IgfxTray] => "C:\Windows\system32\igfxtray.exe"
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-318038007-921987228-2979523656-1000\...\Run: [BingSvc] => C:\Users\Kinia\AppData\Local\Microsoft\BingSvc\BingSvc.exe
HKU\S-1-5-21-318038007-921987228-2979523656-1000\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-318038007-921987228-2979523656-1000\...\Policies\Explorer: []
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-318038007-921987228-2979523656-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-318038007-921987228-2979523656-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-318038007-921987228-2979523656-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=pl-pl
CHR HKU\S-1-5-21-318038007-921987228-2979523656-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
DeleteKey: HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
DeleteKey: HKCU\Software\dobreprogramy
DeleteKey: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main
C:\Program Files\Common Files\AV\avast! Antivirus
C:\Program Files (x86)\GUTB1A3.tmp
C:\Program Files (x86)\Mozilla Firefox\plugins
C:\ProgramData\AVAST Software
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk Design Review 2013.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Content Service\Content Service — konsola konfiguracji.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Diablo III - Instrukcja.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Pomoc techniczna Blizzard.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Zarządzanie kontem Battle.net.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gnumeric
C:\Users\Kinia\AppData\Local\cache
C:\Users\Kinia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
C:\Users\Kinia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk\Zainstaluj*.lnk
C:\Users\Kinia\Dropbox\Studia\6 semestr\Ciepło\easyQuizzy.lnk
C:\Windows\System32\drivers\{4bf99d86-1f37-4311-a79d-5136408f4421}Gw64.sys
CMD: ipconfig /flushdns
CMD: netsh advfirewall reset
EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
{4bf99d86-1f37-4311-a79d-5136408f4421}Gw64 => Service stopped successfully.
{4bf99d86-1f37-4311-a79d-5136408f4421}Gw64 => service removed successfully
catchme => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{20A74FA4-81D2-4FE4-9D7A-5C9B89B4237C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20A74FA4-81D2-4FE4-9D7A-5C9B89B4237C}" => key removed successfully
C:\Windows\System32\Tasks\DriverToolkit Autorun => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DriverToolkit Autorun" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0FC2055-B707-46F5-AFDC-CC14A67B6D2F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0FC2055-B707-46F5-AFDC-CC14A67B6D2F}" => key removed successfully
C:\Windows\System32\Tasks\{1FFF8A45-CDA3-45FB-A8A0-DA3B96305192} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1FFF8A45-CDA3-45FB-A8A0-DA3B96305192}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{FCB78D4A-3B88-4B4D-995E-8BF3DCF01BF8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCB78D4A-3B88-4B4D-995E-8BF3DCF01BF8}" => key removed successfully
C:\Windows\System32\Tasks\AVAST Software\Avast settings backup => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Avast settings backup" => key removed successfully
C:\Windows\Tasks\DriverToolkit Autorun.job => moved successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys" => key removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\IgfxTray => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\RestrictRun => value removed successfully
HKU\S-1-5-21-318038007-921987228-2979523656-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc => value removed successfully
HKU\S-1-5-21-318038007-921987228-2979523656-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\RestrictRun => value removed successfully
HKU\S-1-5-21-318038007-921987228-2979523656-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => key removed successfully
HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => key removed successfully
HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => key removed successfully
HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => key removed successfully
HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => key not found. 
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-318038007-921987228-2979523656-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-318038007-921987228-2979523656-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-318038007-921987228-2979523656-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-318038007-921987228-2979523656-1000\SOFTWARE\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => key removed successfully
HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I => key removed successfully
HKCU\Software\dobreprogramy => key removed successfully
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main => could not remove at first attempt (ErrorCode: C0000121), see next line.
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main => key removed successfully
C:\Program Files\Common Files\AV\avast! Antivirus => moved successfully
C:\Program Files (x86)\GUTB1A3.tmp => moved successfully
C:\Program Files (x86)\Mozilla Firefox\plugins => moved successfully
C:\ProgramData\AVAST Software => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk Design Review 2013.lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Content Service\Content Service — konsola konfiguracji.lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Diablo III - Instrukcja.lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Pomoc techniczna Blizzard.lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Zarządzanie kontem Battle.net.lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gnumeric => moved successfully
C:\Users\Kinia\AppData\Local\cache => moved successfully
C:\Users\Kinia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url => moved successfully

=========== "C:\Users\Kinia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk\Zainstaluj*.lnk" ==========

C:\Users\Kinia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk\Zainstaluj teraz dla programu Autodesk Inventor 2014.lnk => moved successfully
C:\Users\Kinia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk\Zainstaluj teraz dla programu Autodesk® AutoCAD® 2014.lnk => moved successfully
C:\Users\Kinia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk\Zainstaluj teraz dla programu Autodesk® AutoCAD® 2015.lnk => moved successfully

========= End -> "C:\Users\Kinia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk\Zainstaluj*.lnk" ========

C:\Users\Kinia\Dropbox\Studia\6 semestr\Ciepło\easyQuizzy.lnk => moved successfully
C:\Windows\System32\drivers\{4bf99d86-1f37-4311-a79d-5136408f4421}Gw64.sys => moved successfully

=========  ipconfig /flushdns =========


Konfiguracja IP systemu Windows

Pomy�lnie opr��niono pami�� podr�czn� programu rozpoznawania nazw DNS.

========= End of CMD: =========


=========  netsh advfirewall reset =========

Ok.


========= End of CMD: =========

EmptyTemp: => 1.7 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 20:35:59 ====