Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-11-2014 03 Ran by Samsung at 2014-11-17 18:12:28 Run:2 Running from C:\Users\Samsung\Downloads Loaded Profile: Samsung (Available profiles: Samsung) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" HKLM-x32\...\Run: [tuto4pc_pl_21] => [X] CHR HomePage: Default -> hxxp://www.istartsurf.com/?type=hp&ts=1410890247&from=ild&uid=HitachiXHTS547575A9E384_J1140021GBV31KGBV31KX CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hp&ts=1410890247&from=ild&uid=HitachiXHTS547575A9E384_J1140021GBV31KGBV31KX" C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Preferences C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\*localstorage* C:\Users\Samsung\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z C:\Users\Samsung\AppData\Roaming\0F1F1C2Y1H1P1C0I0T C:\Users\Samsung\AppData\Roaming\Bonanza C:\Users\Samsung\AppData\Roaming\DigitalSite C:\Users\Samsung\AppData\Roaming\DigitalSites C:\Users\Samsung\AppData\Roaming\UpdateBonanza Reg: reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /f Reg: reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /ve /t REG_SZ /d Bing /f Reg: reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v URL /t REG_SZ /d "http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" /f Reg: reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v DisplayName /t REG_SZ /d "@ieframe.dll,-12512" /f Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /f Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /ve /t REG_SZ /d Bing /f Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v URL /t REG_SZ /d "http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" /f Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v DisplayName /t REG_SZ /d "@ieframe.dll,-12512" /f Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{3CD242FD-3221-4896-B3F0-1AB473ED083A}" /f CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a C:\ProgramData CMD: dir /a C:\Users\Samsung\AppData\Local CMD: dir /a C:\Users\Samsung\AppData\LocalLow CMD: dir /a C:\Users\Samsung\AppData\Roaming EmptyTemp: ***************** Processes closed successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\tuto4pc_pl_21 => value deleted successfully. Chrome HomePage deleted successfully. Chrome StartupUrls deleted successfully. C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Preferences => Moved successfully. C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Local Storage\*localstorage* => Moved successfully. C:\Users\Samsung\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z => Moved successfully. C:\Users\Samsung\AppData\Roaming\0F1F1C2Y1H1P1C0I0T => Moved successfully. C:\Users\Samsung\AppData\Roaming\Bonanza => Moved successfully. C:\Users\Samsung\AppData\Roaming\DigitalSite => Moved successfully. C:\Users\Samsung\AppData\Roaming\DigitalSites => Moved successfully. C:\Users\Samsung\AppData\Roaming\UpdateBonanza => Moved successfully. ========= reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /ve /t REG_SZ /d Bing /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v URL /t REG_SZ /d "http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v DisplayName /t REG_SZ /d "@ieframe.dll,-12512" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /ve /t REG_SZ /d Bing /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v URL /t REG_SZ /d "http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v DisplayName /t REG_SZ /d "@ieframe.dll,-12512" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{3CD242FD-3221-4896-B3F0-1AB473ED083A}" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= dir /a "C:\Program Files" ========= Volume in drive C has no label. Volume Serial Number is 9837-F9E6 Directory of C:\Program Files 2013-12-19 01:03 . 2013-12-19 01:03 .. 2013-01-25 01:42 ATI 2013-01-25 02:06 Bitcasa 2013-06-19 15:08 Classic Shell 2014-05-15 08:03 Common Files 2012-07-26 09:11 174 desktop.ini 2013-01-25 01:47 Intel 2014-11-14 21:36 Internet Explorer 2013-06-19 15:34 Microsoft Analysis Services 2013-06-19 15:35 Microsoft Office 2014-08-07 17:34 Microsoft Silverlight 2013-06-19 15:35 Microsoft SQL Server Compact Edition 2013-06-19 15:35 Microsoft Sync Framework 2013-06-19 15:36 Microsoft Synchronization Services 2012-08-07 13:22 MSBuild 2013-01-25 01:44 Realtek 2012-08-07 13:22 Reference Assemblies 2013-01-25 01:58 Samsung 2013-01-25 01:48 Synaptics 2012-07-26 08:22 Uninstall Information 2014-11-14 21:36 Windows Defender 2014-07-18 09:24 Windows Journal 2013-06-19 14:39 Windows Mail 2013-06-19 14:39 Windows Media Player 2012-07-26 09:13 Windows Multimedia Platform 2012-07-26 09:12 Windows NT 2013-09-19 14:09 Windows Photo Viewer 2012-07-26 09:13 Windows Portable Devices 2012-07-26 09:12 Windows Sidebar 2014-11-16 17:56 WindowsApps 2013-06-19 15:06 WinRAR 1 File(s) 174 bytes 31 Dir(s) 527ÿ543ÿ918ÿ592 bytes free ========= End of CMD: ========= ========= dir /a "C:\Program Files (x86)" ========= Volume in drive C has no label. Volume Serial Number is 9837-F9E6 Directory of C:\Program Files (x86) 2014-11-15 13:55 . 2014-11-15 13:55 .. 2013-06-19 15:07 Adobe 2013-01-25 01:44 AMD APP 2013-01-25 01:44 ATI Technologies 2014-10-24 08:24 AVG 2013-01-25 01:48 Bluetooth Suite 2014-10-02 20:56 BonanzaDeals 2013-10-22 11:31 BonanzaDealsLive 2014-11-07 21:37 Common Files 2013-01-25 02:03 CyberLink 2013-06-19 15:08 DAEMON Tools Lite 2012-07-26 09:11 174 desktop.ini 2014-10-02 20:48 FTDownloader.com 2013-06-19 15:07 Gadu-Gadu 10 2013-09-17 20:08 Google 2013-01-25 02:03 InstallShield Installation Information 2013-01-25 02:07 Intel 2014-11-14 21:36 Internet Explorer 2013-06-19 15:07 K-Lite Codec Pack 2013-06-19 18:04 Librus 2013-06-19 15:34 Microsoft Analysis Services 2013-06-19 15:34 Microsoft Office 2014-08-07 17:34 Microsoft Silverlight 2013-01-25 02:05 Microsoft SQL Server Compact Edition 2013-06-19 15:35 Microsoft Visual Studio 8 2013-06-19 15:35 Microsoft.NET 2014-10-02 21:03 Mobogenie 2014-11-11 21:57 Mozilla Firefox 2014-11-14 21:41 Mozilla Maintenance Service 2013-06-19 15:35 MSBuild 2013-06-19 15:11 Nero 2013-01-25 01:55 Norton Online Backup ARA 2013-06-19 14:41 NortonInstaller 2013-06-19 15:08 OpenOffice.org 3 2014-11-12 09:12 Opera 2013-09-17 20:05 PhotoScape 2013-01-25 02:02 PopCap Games 2014-10-02 21:07 predm 2013-01-25 00:59 Qualcomm Atheros 2013-01-25 01:45 Realtek 2012-08-07 13:22 Reference Assemblies 2013-01-25 02:06 Samsung 2014-11-07 21:38 Skype 2013-01-25 01:55 Symantec 2013-01-25 02:15 SymSilent 2013-01-25 01:44 Temp 2013-06-19 15:08 VideoLAN 2013-06-19 15:07 Winamp 2013-06-19 15:06 Winamp Detect 2014-11-14 21:36 Windows Defender 2013-01-25 02:05 Windows Live 2013-06-19 14:38 Windows Mail 2013-06-19 14:38 Windows Media Player 2012-07-26 09:13 Windows Multimedia Platform 2012-07-26 09:12 Windows NT 2013-09-19 14:09 Windows Photo Viewer 2012-07-26 09:13 Windows Portable Devices 2012-07-26 09:12 Windows Sidebar 1 File(s) 174 bytes 58 Dir(s) 527ÿ543ÿ914ÿ496 bytes free ========= End of CMD: ========= ========= dir /a C:\ProgramData ========= Volume in drive C has no label. Volume Serial Number is 9837-F9E6 Directory of C:\ProgramData 2014-10-24 08:19 . 2014-10-24 08:19 .. 2013-06-26 17:28 Adobe 2013-06-19 15:11 Ahead 2013-10-18 11:43 APN 2012-07-26 08:22 Application Data [C:\ProgramData] 2013-09-15 23:44 Atheros 2013-01-25 02:17 ATI 2013-12-19 00:50 Autodesk 2013-09-29 12:59 AVG Security Toolbar 2014-10-24 08:25 AVG2013 2014-10-24 08:23 AVG2015 2013-09-17 20:04 Babylon 2013-10-22 11:31 BonanzaDealsLive 2013-01-25 01:55 boost_interprocess 2013-01-25 01:51 ColorMode 2013-08-23 17:36 Common Files 2013-09-15 16:44 CyberLink 2013-06-19 15:33 DAEMON Tools Lite 2012-07-26 08:22 Desktop [C:\Users\Public\Desktop] 2012-07-26 08:22 Documents [C:\Users\Public\Documents] 2013-06-19 15:08 Gadu-Gadu 10 2013-11-17 22:04 HP 2013-01-25 02:03 install_clap 2013-01-25 02:07 Intel 2012-08-08 05:07 2ÿ258ÿ432 MakeMarkerFile.exe 2012-08-07 11:11 3ÿ196 MakeMarkerFile.xml 2014-11-17 18:03 MFAData 2013-09-19 18:26 Microsoft 2014-11-14 09:56 Microsoft Help 2013-06-19 15:04 Mozilla 2013-06-19 15:11 Nero 2013-06-19 14:41 Norton 2013-01-25 01:51 NortonInstaller 2013-01-25 02:02 PopCap Games 2013-09-15 21:39 PRICache 2013-01-25 00:59 Qualcomm Atheros 2013-06-30 20:33 regid.1986-12.com.adobe 2013-01-25 18:17 regid.1991-06.com.microsoft 2014-05-13 12:27 Samsung 2014-11-07 21:37 Skype 2012-07-26 08:22 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 2013-01-25 01:55 Symantec 2013-01-25 01:55 Synaptics 2013-06-19 19:04 Temp 2012-07-26 08:22 Templates [C:\ProgramData\Microsoft\Windows\Templates] 2014-11-17 17:11 WinClon 2014-10-27 12:50 WindowsMangerProtect 2 File(s) 2ÿ261ÿ628 bytes 46 Dir(s) 527ÿ543ÿ910ÿ400 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\Samsung\AppData\Local ========= Volume in drive C has no label. Volume Serial Number is 9837-F9E6 Directory of C:\Users\Samsung\AppData\Local 2014-11-17 14:03 . 2014-11-17 14:03 .. 2013-06-19 15:33 Adobe 2013-06-19 15:11 Ahead 2013-06-19 13:24 ATI 2014-10-24 08:23 Avg2015 2013-09-20 11:58 avgchrome 2013-06-19 14:49 bitcasa 2013-06-19 13:24 BMExplorer 2013-10-22 11:31 BonanzaDealsLive 2013-12-26 13:28 cache 2013-10-18 11:43 Cool_Mirage 2014-11-10 16:53 CrashDumps 2013-12-19 21:34 CrashRpt 2013-06-19 13:22 Dane aplikacji [C:\Users\Samsung\AppData\Local] 2014-09-23 10:28 Diagnostics 2013-07-25 20:48 ElevatedDiagnostics 2013-09-17 20:08 Google 2013-06-19 13:22 Historia [C:\Users\Samsung\AppData\Local\Microsoft\Windows\History] 2014-11-17 00:52 75ÿ015 IconCache.db 2013-06-19 18:35 Librus —wiadectwa 2013-06-19 18:14 Macromedia 2013-08-23 17:36 MFAData 2013-10-23 08:28 Microsoft 2014-10-03 07:38 Microsoft Help 2014-10-02 21:03 Mobogenie 2013-10-01 10:27 Mozilla 2014-09-16 18:59 Opera Software 2013-09-15 21:39 Packages 2013-06-19 13:24 Power2Go8 2013-12-19 21:35 Programs 2013-06-19 13:25 Samsung 2013-06-19 15:10 Screamer Radio 2014-11-07 21:37 Skype 2014-11-17 18:12 Temp 2013-06-19 13:22 Temporary Internet Files [C:\Users\Samsung\AppData\Local\Microsoft\Windows\Temporary Internet Files] 2014-05-15 08:03 VirtualStore 1 File(s) 75ÿ015 bytes 36 Dir(s) 527ÿ543ÿ910ÿ400 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\Samsung\AppData\LocalLow ========= Volume in drive C has no label. Volume Serial Number is 9837-F9E6 Directory of C:\Users\Samsung\AppData\LocalLow 2014-10-02 21:05 . 2014-10-02 21:05 .. 2013-06-19 15:14 Adobe 2013-11-04 14:21 Delta 2013-10-23 08:28 Microsoft 2013-11-06 09:36 PlayReady [C:\ProgramData\Microsoft\PlayReady] 0 File(s) 0 bytes 6 Dir(s) 527ÿ543ÿ906ÿ304 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\Samsung\AppData\Roaming ========= Volume in drive C has no label. Volume Serial Number is 9837-F9E6 Directory of C:\Users\Samsung\AppData\Roaming 2014-11-17 18:12 . 2014-11-17 18:12 .. 2013-06-30 20:33 Adobe 2014-10-22 21:06 Atheros 2013-06-19 13:24 ATI 2013-12-19 00:50 Autodesk 2014-10-24 08:23 AVG2015 2013-09-15 16:44 CyberLink 2013-06-19 15:33 DAEMON Tools Lite 2013-06-19 15:08 Gadu-Gadu 10 2013-06-19 13:25 Intel Corporation 2013-06-19 15:17 Macromedia 2013-08-14 18:32 Media Player Classic 2014-11-16 16:44 Microsoft 2013-07-14 22:19 Mozilla 2014-11-16 16:28 OpenOffice.org 2014-09-16 18:59 Opera Software 2013-09-19 09:48 PhotoScape 2014-11-17 18:09 Skype 2013-06-19 13:23 Synaptics 2013-11-25 18:13 TeamViewer 2013-08-23 17:48 TuneUp Software 2014-11-06 10:29 vlc 2014-09-17 12:39 95 WB.CFG 2014-01-03 12:09 5 WBPU-Q5-TTL.DAT 2014-01-28 11:34 5 WBPU-TTL.DAT 2013-09-15 17:35 WebApp 2013-06-19 15:14 Winamp 2013-06-19 16:52 WinRAR 3 File(s) 105 bytes 26 Dir(s) 527ÿ543ÿ906ÿ304 bytes free ========= End of CMD: ========= EmptyTemp: => Removed 299.8 MB temporary data. The system needed a reboot. ==== End of Fixlog ====