Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-10-2014
Ran by tad at 2014-10-23 11:51:58 Run:1
Running from C:\Users\tad\Desktop\diagnostyka_kompa
Loaded Profiles: tad & UpdatusUser (Available profiles: tad & UpdatusUser)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
HKLM-x32\...\Run: [fst_de_6] => [X]
HKU\S-1-5-21-857324733-421609195-1616938436-1000\...\Run: [DT Emphelungstool] => "C:\Users\tad\AppData\Local\Deutsche Telekom\Empfehlungstool\DTEmpfehlungstool.exe" 2
HKU\S-1-5-21-857324733-421609195-1616938436-1000\...\Run: [Browser Extensions] => "C:\Users\tad\AppData\Roaming\Browser Extensions\CouponsHelper.exe"
HKU\S-1-5-21-857324733-421609195-1616938436-1000\...\RunOnce: [Application Restart #0] => C:\Users\tad\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-ph (the data entry has 536 more characters).
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
BootExecute: autocheck autochk * aswBoot.exe /M:c9928bd19 /wow /dir:"C:\Program Files\AVAST Software\Avast"
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/pl-pl/?pc=UP97&ocid=UP97DHP
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - 8AEC04ACA3824DEE976FC1DCC4A23F9A URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=0541516913024078&q={searchTerms}
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {F07D5355-9070-41C4-8836-0BD632C940B4} URL = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_19_ff&cd=2XzuyEtN2Y1L1QzutBtBtBtAyE0D0AtA0D0DyBtBtBtA0AyCtN0D0Tzu0SzzyDzytN1L2XzutBtFtBtDtFzytFtCtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyB0ByDyEtD0Ezy0BtGtB0AtCzytGyE0AtC0BtG0DyCtAyEtGtDyE0AtDzyyBtBzy0D0C0Czz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0A0EtAzyyDtC0CtG0AtDyBzytG0DyB0FyDtGzzzy0FyBtGtByB0DtC0CzztC0AtCyCtA0D2Q&cr=717292320&ir=
FF HKLM-x32\...\Firefox\Extensions: [termtutor@termtutor.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com
CHR HomePage: Default -> hxxp://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ch
CHR StartupUrls: Default -> "hxxp://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ch", "hxxp://www.msn.com/?pc=AV01"
CHR Extension: (Bing) - C:\Users\tad\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2014-10-22]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CustomCLSID: HKU\S-1-5-21-857324733-421609195-1616938436-1000_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}\InprocServer32 -> %LOCALAPPDATA%\Pokki\ocdeskband_0.dll No File
Task: {26BDA604-7D75-469E-8B6C-19420BBA6C5B} - System32\Tasks\{D1214508-7F77-4F52-8DD4-FBC620886435} => Firefox.exe http://ui.skype.com/ui/0/6.5.0.158/pl/abandoninstall?page=tsProgressBar
Task: {2C9FB589-871A-4321-9723-2D616F1100D2} - \923e656c-7931-4c44-9b19-6d3c00ebfbd9-3 No Task File <==== ATTENTION
Task: {6684E26F-2B34-4350-A34A-6B2E1977F333} - \923e656c-7931-4c44-9b19-6d3c00ebfbd9-5 No Task File <==== ATTENTION
Task: {753E7B92-960F-4FE9-82DE-569F469733EE} - \14ecb001-f416-4a5e-b100-cc6e315349af-3 No Task File <==== ATTENTION
Task: {93EDAA36-0293-4848-8554-BA3951F1F773} - System32\Tasks\{FE028F2A-ACC2-43B6-8243-869ABE596ED4} => Firefox.exe http://ui.skype.com/ui/0/6.21.80.104/pl/abandoninstall?page=tsMain
Task: {B246DCC5-F005-4E1A-8F69-74508A4140B0} - \14ecb001-f416-4a5e-b100-cc6e315349af-5 No Task File <==== ATTENTION
C:\Program Files\TermTutor
C:\Program Files (x86)\Mozilla Firefox\extensions
C:\Program Files (x86)\TermTutor
C:\Users\tad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dragons of Atlantis.lnk
C:\Users\tad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
C:\Users\tad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pirate Storm.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
C:\ProgramData\TEMP
C:\Users\Public\AlexaNSISPlugin.4516.dll
C:\Users\Public\Desktop\YTD Video Downloader.lnk
C:\Users\tad\AppData\Local\Google\Chrome\User Data\Default\Preferences
C:\Users\tad\AppData\Roaming\GoldenGate
C:\Users\tad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
C:\Users\tad\Desktop\Continue Download Manager 2 Installation.lnk
C:\Users\tad\Downloads\Adblock Plus 1.1*.exe
C:\Users\tad\Downloads\AdwCleaner*.exe
C:\Users\tad\Downloads\IDM2*.exe
C:\Windows\System32\drivers\ttnfd.sys
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} /f
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
Reg: reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Image Editor Packages" /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
CMD: dir /a "C:\Program Files"
CMD: dir /a "C:\Program Files (x86)"
CMD: dir /a C:\ProgramData
CMD: dir /a C:\Users\tad\AppData\Local
CMD: dir /a C:\Users\tad\AppData\LocalLow
CMD: dir /a C:\Users\tad\AppData\Roaming
EmptyTemp:
*****************

Processes closed successfully.
esgiguard => Service deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\fst_de_6 => value deleted successfully.
HKU\S-1-5-21-857324733-421609195-1616938436-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DT Emphelungstool => value deleted successfully.
HKU\S-1-5-21-857324733-421609195-1616938436-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Browser Extensions => value deleted successfully.
HKU\S-1-5-21-857324733-421609195-1616938436-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #0 => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
"HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => Key deleted successfully.
"HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" => Key not found.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\8AEC04ACA3824DEE976FC1DCC4A23F9A" => Key deleted successfully.
"HKCR\CLSID\8AEC04ACA3824DEE976FC1DCC4A23F9A" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key deleted successfully.
"HKCR\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F07D5355-9070-41C4-8836-0BD632C940B4}" => Key deleted successfully.
"HKCR\CLSID\{F07D5355-9070-41C4-8836-0BD632C940B4}" => Key not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\termtutor@termtutor.com => value deleted successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
C:\Users\tad\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd => Moved successfully.
"HKCU\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-857324733-421609195-1616938436-1000_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26BDA604-7D75-469E-8B6C-19420BBA6C5B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26BDA604-7D75-469E-8B6C-19420BBA6C5B}" => Key deleted successfully.
C:\Windows\System32\Tasks\{D1214508-7F77-4F52-8DD4-FBC620886435} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D1214508-7F77-4F52-8DD4-FBC620886435}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2C9FB589-871A-4321-9723-2D616F1100D2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C9FB589-871A-4321-9723-2D616F1100D2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\923e656c-7931-4c44-9b19-6d3c00ebfbd9-3" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6684E26F-2B34-4350-A34A-6B2E1977F333}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6684E26F-2B34-4350-A34A-6B2E1977F333}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\923e656c-7931-4c44-9b19-6d3c00ebfbd9-5" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{753E7B92-960F-4FE9-82DE-569F469733EE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{753E7B92-960F-4FE9-82DE-569F469733EE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\14ecb001-f416-4a5e-b100-cc6e315349af-3" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93EDAA36-0293-4848-8554-BA3951F1F773}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93EDAA36-0293-4848-8554-BA3951F1F773}" => Key deleted successfully.
C:\Windows\System32\Tasks\{FE028F2A-ACC2-43B6-8243-869ABE596ED4} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FE028F2A-ACC2-43B6-8243-869ABE596ED4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B246DCC5-F005-4E1A-8F69-74508A4140B0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B246DCC5-F005-4E1A-8F69-74508A4140B0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\14ecb001-f416-4a5e-b100-cc6e315349af-5" => Key deleted successfully.
"C:\Program Files\TermTutor" => File/Directory not found.
C:\Program Files (x86)\Mozilla Firefox\extensions => Moved successfully.
"C:\Program Files (x86)\TermTutor" => File/Directory not found.
C:\Users\tad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dragons of Atlantis.lnk => Moved successfully.
C:\Users\tad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk => Moved successfully.
C:\Users\tad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pirate Storm.lnk => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader => Moved successfully.
C:\ProgramData\TEMP => Moved successfully.
C:\Users\Public\AlexaNSISPlugin.4516.dll => Moved successfully.
C:\Users\Public\Desktop\YTD Video Downloader.lnk => Moved successfully.
C:\Users\tad\AppData\Local\Google\Chrome\User Data\Default\Preferences => Moved successfully.
C:\Users\tad\AppData\Roaming\GoldenGate => Moved successfully.
C:\Users\tad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url => Moved successfully.
C:\Users\tad\Desktop\Continue Download Manager 2 Installation.lnk => Moved successfully.
C:\Users\tad\Downloads\Adblock Plus 1.1*.exe => Moved successfully.
C:\Users\tad\Downloads\AdwCleaner*.exe => Moved successfully.
C:\Users\tad\Downloads\IDM2*.exe => Moved successfully.
"C:\Windows\System32\drivers\ttnfd.sys" => File/Directory not found.

========= reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Image Editor Packages" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


=========  dir /a "C:\Program Files" =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 7CE8-23A6

 Katalog: C:\Program Files

2014-10-23  11:49    <DIR>          .
2014-10-23  11:49    <DIR>          ..
2014-08-02  21:41    <DIR>          A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E
2014-10-03  18:47    <DIR>          Adblock Plus for IE
2009-07-14  05:20    <DIR>          Common Files
2014-05-08  19:47    <DIR>          CONEXANT
2009-07-14  06:54               174 desktop.ini
2011-02-04  19:42    <DIR>          DVD Maker
2013-11-12  10:36    <DIR>          Enigma Software Group
2013-04-06  20:34    <DIR>          HP
2014-10-13  17:58    <DIR>          Internet Explorer
2013-08-01  10:00    <DIR>          Microsoft Office
2009-07-14  07:32    <DIR>          MSBuild
2014-05-08  19:51    <DIR>          NVIDIA Corporation
2009-07-14  07:32    <DIR>          Reference Assemblies
2014-05-08  19:44    <DIR>          Synaptics
2009-07-14  07:09    <DIR>          Uninstall Information
2013-07-30  23:12    <DIR>          Windows Defender
2014-10-13  20:49    <DIR>          Windows Journal
2011-02-04  19:42    <DIR>          Windows Mail
2014-02-14  19:38    <DIR>          Windows Media Player
2007-09-03  13:40    <DIR>          Windows NT
2011-02-04  19:42    <DIR>          Windows Photo Viewer
2010-11-21  05:31    <DIR>          Windows Portable Devices
2011-02-04  19:42    <DIR>          Windows Sidebar
               1 plik(�w)                174 bajt�w
              24 katalog(�w)  44�461�355�008 bajt�w wolnych

========= End of CMD: =========


=========  dir /a "C:\Program Files (x86)" =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 7CE8-23A6

 Katalog: C:\Program Files (x86)

2014-10-23  11:49    <DIR>          .
2014-10-23  11:49    <DIR>          ..
2014-08-13  19:16    <DIR>          A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E
2013-07-07  22:25    <DIR>          Adobe
2013-11-10  14:33    <DIR>          Amazon
2013-07-04  17:39    <DIR>          Ares
2014-09-19  17:02    <DIR>          Common Files
2009-07-14  06:54               174 desktop.ini
2013-11-08  20:02    <DIR>          Google
2013-11-08  19:35    <DIR>          Image Converter
2014-10-13  17:58    <DIR>          Internet Explorer
2013-08-01  09:59    <DIR>          Microsoft Analysis Services
2013-08-01  10:04    <DIR>          Microsoft Office
2013-09-10  21:31    <DIR>          Microsoft WSE
2013-08-01  10:04    <DIR>          Microsoft.NET
2014-10-23  11:53    <DIR>          Mozilla Firefox
2014-09-27  08:51    <DIR>          Mozilla Maintenance Service
2009-07-14  07:32    <DIR>          MSBuild
2014-05-08  20:00    <DIR>          NVIDIA Corporation
2013-07-07  22:20    <DIR>          pdf995
2013-07-03  21:05    <DIR>          PDFCreator
2013-03-24  14:48    <DIR>          PhotoScape
2009-07-14  07:32    <DIR>          Reference Assemblies
2014-10-20  16:58    <DIR>          Skype
2014-05-08  19:34    <DIR>          TeamViewer
2009-07-14  06:57    <DIR>          Uninstall Information
2014-05-01  15:49    <DIR>          VideoLAN
2013-07-30  23:12    <DIR>          Windows Defender
2011-02-04  19:42    <DIR>          Windows Mail
2014-02-14  19:38    <DIR>          Windows Media Player
2009-07-14  07:32    <DIR>          Windows NT
2011-02-04  19:42    <DIR>          Windows Photo Viewer
2010-11-21  05:31    <DIR>          Windows Portable Devices
2011-02-04  19:42    <DIR>          Windows Sidebar
               1 plik(�w)                174 bajt�w
              33 katalog(�w)  44�461�350�912 bajt�w wolnych

========= End of CMD: =========


=========  dir /a C:\ProgramData =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 7CE8-23A6

 Katalog: C:\ProgramData

2014-10-23  11:53    <DIR>          .
2014-10-23  11:53    <DIR>          ..
2013-07-07  22:29    <DIR>          Adobe
2009-07-14  07:08    <JUNCTION>     Application Data [C:\ProgramData]
2014-05-06  07:56    <DIR>          AVAST Software
2013-08-01  09:51    <DIR>          DAEMON Tools Ultra
2007-09-03  13:40    <JUNCTION>     Dane aplikacji [C:\ProgramData]
2009-07-14  07:08    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
2009-07-14  07:08    <JUNCTION>     Documents [C:\Users\Public\Documents]
2007-09-03  13:40    <JUNCTION>     Dokumenty [C:\Users\Public\Documents]
2009-07-14  07:08    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
2013-09-15  17:39    <DIR>          FLEXnet
2014-10-23  08:16    <DIR>          Kaspersky Lab
2007-09-03  13:40    <JUNCTION>     Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu]
2014-05-05  23:56    <DIR>          Microsoft
2013-08-01  10:10    <DIR>          Microsoft Help
2013-03-10  10:15    <DIR>          Mozilla
2013-09-13  19:07    <DIR>          mquadr.at
2014-10-23  08:16           262�144 ntuser.dat
2014-10-23  08:16             5�120 ntuser.dat.LOG1
2014-10-23  08:16                 0 ntuser.dat.LOG2
2014-10-23  08:16            65�536 ntuser.dat{fcfcb2a6-5a78-11e4-9aad-001d727c0d53}.TM.blf
2014-10-23  08:16           524�288 ntuser.dat{fcfcb2a6-5a78-11e4-9aad-001d727c0d53}.TMContainer00000000000000000001.regtrans-ms
2014-10-23  08:16           524�288 ntuser.dat{fcfcb2a6-5a78-11e4-9aad-001d727c0d53}.TMContainer00000000000000000002.regtrans-ms
2014-10-23  08:16            65�536 ntuser.dat{fcfcb2b1-5a78-11e4-9aad-001d727c0d53}.TM.blf
2014-10-23  08:16           524�288 ntuser.dat{fcfcb2b1-5a78-11e4-9aad-001d727c0d53}.TMContainer00000000000000000001.regtrans-ms
2014-10-23  08:16           524�288 ntuser.dat{fcfcb2b1-5a78-11e4-9aad-001d727c0d53}.TMContainer00000000000000000002.regtrans-ms
2014-10-23  07:54    <DIR>          NVIDIA
2014-05-08  20:00    <DIR>          NVIDIA Corporation
2014-10-03  18:47    <DIR>          Package Cache
2014-07-30  19:14    <DIR>          pdf995
2007-09-03  13:40    <JUNCTION>     Pulpit [C:\Users\Public\Desktop]
2014-10-20  16:56    <DIR>          Skype
2009-07-14  07:08    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
2007-09-03  13:40    <JUNCTION>     Szablony [C:\ProgramData\Microsoft\Windows\Templates]
2009-07-14  07:08    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
2007-09-03  13:40    <JUNCTION>     Ulubione [C:\Users\Public\Favorites]
2013-09-15  17:39    <DIR>          Vodafone
2014-05-08  20:56    <DIR>          YTD Video Downloader
               9 plik(�w)          2�495�488 bajt�w
              30 katalog(�w)  44�461�346�816 bajt�w wolnych

========= End of CMD: =========


=========  dir /a C:\Users\tad\AppData\Local =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 7CE8-23A6

 Katalog: C:\Users\tad\AppData\Local

2014-10-23  10:14    <DIR>          .
2014-10-23  10:14    <DIR>          ..
2013-07-07  22:27    <DIR>          Adobe
2013-03-10  10:13    <DIR>          Apps
2013-07-05  20:03    <DIR>          Ares
2014-04-28  17:36    <DIR>          com
2007-09-03  13:40    <JUNCTION>     Dane aplikacji [C:\Users\tad\AppData\Local]
2013-11-08  20:01    <DIR>          Deployment
2013-09-10  21:30    <DIR>          Deutsche Telekom
2014-08-21  20:42    <DIR>          Diagnostics
2014-09-21  21:21    <DIR>          DTAG
2014-07-27  22:14    <DIR>          ElevatedDiagnostics
2014-05-08  20:56           109�296 GDIPFONTCACHEV1.DAT
2013-08-01  09:36    <DIR>          GHISLER
2013-07-30  21:23    <DIR>          Google
2007-09-03  13:40    <JUNCTION>     Historia [C:\Users\tad\AppData\Local\Microsoft\Windows\History]
2014-10-22  20:14         2�001�368 IconCache.db
2013-03-11  22:03    <DIR>          Macromedia
2007-09-01  01:06    <DIR>          Microsoft
2013-10-04  23:52    <DIR>          Microsoft Help
2013-10-02  17:36    <DIR>          Mozilla
2013-09-10  21:22    <DIR>          mquadr.at
2014-04-28  17:32         1�107�768 nsx297C.tmp
2013-07-30  20:09    <DIR>          Programs
2014-03-04  17:09    <DIR>          Skype
2014-10-23  11:53    <DIR>          Temp
2007-09-03  13:40    <JUNCTION>     Temporary Internet Files [C:\Users\tad\AppData\Local\Microsoft\Windows\Temporary Internet Files]
2014-05-09  16:57    <DIR>          VirtualStore
2013-09-15  17:38    <DIR>          {86DD38A2-C8BD-404A-A1BD-907F6B69C913}
               3 plik(�w)          3�218�432 bajt�w
              26 katalog(�w)  44�461�346�816 bajt�w wolnych

========= End of CMD: =========


=========  dir /a C:\Users\tad\AppData\LocalLow =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 7CE8-23A6

 Katalog: C:\Users\tad\AppData\LocalLow

2014-10-03  18:47    <DIR>          .
2014-10-03  18:47    <DIR>          ..
2014-10-03  18:47    <DIR>          Adblock Plus for IE
2013-07-07  22:27    <DIR>          Adobe
2013-10-18  20:44    <DIR>          Microsoft
2013-07-07  22:21    <DIR>          pdf995
               0 plik(�w)                  0 bajt�w
               6 katalog(�w)  44�461�346�816 bajt�w wolnych

========= End of CMD: =========


=========  dir /a C:\Users\tad\AppData\Roaming =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 7CE8-23A6

 Katalog: C:\Users\tad\AppData\Roaming

2014-10-23  11:53    <DIR>          .
2014-10-23  11:53    <DIR>          ..
2013-07-07  22:27    <DIR>          Adobe
2013-08-01  09:55    <DIR>          DAEMON Tools Ultra
2014-03-24  17:33    <DIR>          Dropbox
2014-03-24  17:33    <DIR>          DropboxMaster
2013-09-15  17:47    <DIR>          FLEXnet
2013-08-01  09:35    <DIR>          GHISLER
2007-09-03  13:40    <DIR>          Identities
2013-03-11  22:03    <DIR>          Macromedia
2010-11-21  09:16    <DIR>          Media Center Programs
2014-07-30  19:14    <DIR>          Microsoft
2013-03-10  10:15    <DIR>          Mozilla
2013-07-07  22:21    <DIR>          pdf995
2013-03-24  14:55    <DIR>          PhotoScape
2013-09-23  19:35    <DIR>          Schnellstart-DVD
2014-10-23  11:25    <DIR>          Skype
2014-05-05  23:52    <DIR>          TeamViewer
2013-03-17  20:44    <DIR>          TFP
2013-03-10  20:49            33�134 UserTile.png
2013-06-04  17:11    <DIR>          vlc
2013-09-15  17:40    <DIR>          Vodafone
2014-05-10  16:58                83 WB.CFG
2013-11-12  08:36                 6 WBPU-TTL.DAT
               3 plik(�w)             33�223 bajt�w
              21 katalog(�w)  44�461�342�720 bajt�w wolnych

========= End of CMD: =========

EmptyTemp: => Removed 929.9 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====