Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-09-2014 Ran by Asia at 2014-09-14 00:12:53 Run:2 Running from C:\Documents and Settings\Asia\Moje dokumenty\Pobrane\do logów Boot Mode: Normal ============================================== Content of fixlist: ***************** Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKLM\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\Documents and Settings\All Users\Dane aplikacji\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.8.0.5\coFFFw FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\DOCUME~1\Asia\USTAWI~1\DANEAP~1\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-21] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION RemoveDirectory: C:\AdwCleaner RemoveDirectory: C:\Documents and Settings\All Users\Dane aplikacji\Norton RemoveDirectory: C:\Documents and Settings\All Users\Dane aplikacji\TEMP RemoveDirectory: C:\Documents and Settings\Asia\Dane aplikacji\ap_logs RemoveDirectory: C:\Documents and Settings\Asia\Dane aplikacji\Radmin RemoveDirectory: C:\Documents and Settings\Asia\Pulpit\Stare dane programu Firefox RemoveDirectory: C:\Documents and Settings\Asia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} RemoveDirectory: C:\WINDOWS\jumpshot.com RemoveDirectory: C:\WINDOWS\system32\GroupPolicy\Machine RemoveDirectory: C:\WINDOWS\system32\GroupPolicy\User Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f Reg: reg delete "HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Start Page" /f Reg: reg delete "HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Start Page" /f Reg: reg delete "HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Start Page" /f CMD: del /q "C:\Documents and Settings\Asia\Ustawienia lokalne\Dane aplikacji\*.tmp" CMD: del /q C:\WINDOWS\system32\sqlite3.dll CMD: del /q C:\WINDOWS\system32\GroupPolicy\GPT.INI CMD: del /q C:\WINDOWS\system32\Drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gt.sys CMD: netsh firewall reset CMD: sc config "PLAY ONLINE. RunOuc" start= demand EmptyTemp: ***************** HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully. "HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found. "HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6A060448-60F9-11D5-A6CD-0002B31F7455}" => Key deleted successfully. "HKCR\CLSID\{6A060448-60F9-11D5-A6CD-0002B31F7455}" => Key deleted successfully. "HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully. "HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully. HKLM\Software\Mozilla\Firefox\Extensions\\smartwebprinting@hp.com => value deleted successfully. HKLM\Software\Mozilla\Firefox\Extensions\\{6D5C8FC4-DE46-41bf-9092-93F0F78E9115} => value deleted successfully. HKCU\Software\Mozilla\Firefox\Extensions\\smartwebprinting@hp.com => value deleted successfully. "HKCU\SOFTWARE\Google\Chrome\Extensions\apdfllckaahabafndbhieahigkjlhalf" => Key deleted successfully. C:\DOCUME~1\Asia\USTAWI~1\DANEAP~1\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. "C:\AdwCleaner" => removed successfully. "C:\Documents and Settings\All Users\Dane aplikacji\Norton" => removed successfully. "C:\Documents and Settings\All Users\Dane aplikacji\TEMP" => removed successfully. "C:\Documents and Settings\Asia\Dane aplikacji\ap_logs" => removed successfully. "C:\Documents and Settings\Asia\Dane aplikacji\Radmin" => removed successfully. "C:\Documents and Settings\Asia\Pulpit\Stare dane programu Firefox" => removed successfully. "C:\Documents and Settings\Asia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}" => removed successfully. "C:\WINDOWS\jumpshot.com" => removed successfully. "C:\WINDOWS\system32\GroupPolicy\Machine" => removed successfully. "C:\WINDOWS\system32\GroupPolicy\User" => removed successfully. ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Start Page" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Start Page" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Start Page" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= del /q "C:\Documents and Settings\Asia\Ustawienia lokalne\Dane aplikacji\*.tmp" ========= ========= End of CMD: ========= ========= del /q C:\WINDOWS\system32\sqlite3.dll ========= ========= End of CMD: ========= ========= del /q C:\WINDOWS\system32\GroupPolicy\GPT.INI ========= ========= End of CMD: ========= ========= del /q C:\WINDOWS\system32\Drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gt.sys ========= ========= End of CMD: ========= ========= netsh firewall reset ========= Ok. ========= End of CMD: ========= ========= sc config "PLAY ONLINE. RunOuc" start= demand ========= [SC] ChangeServiceConfig SUCCESS ========= End of CMD: ========= EmptyTemp: => Removed 1.4 GB temporary data. The system needed a reboot. ==== End of Fixlog ====