Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-11-2014 Ran by luq92 at 2014-11-19 20:24:30 Run:1 Running from C:\Users\luq92\Desktop Loaded Profile: luq92 (Available profiles: luq92) Boot Mode: Safe Mode (minimal) ============================================== Content of fixlist: ***************** CloseProcesses: R2 MaintainerSvc6.89.573444; C:\ProgramData\01e58235-010d-43b1-8340-277d43a75321\maintainer.exe [123632 2014-11-19] () R1 {9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw64; C:\Windows\System32\drivers\{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw64.sys [48776 2014-11-15] (StdLib) R3 ALSysIO; \??\C:\Users\luq92\AppData\Local\Temp\ALSysIO64.sys [X] Task: {73FCDE78-655E-4C52-80B0-0982A8AB3877} - System32\Tasks\OZWDNTC => C:\Users\luq92\AppData\Roaming\OZWDNTC.exe <==== ATTENTION Task: {B149163F-07D2-4555-8BD9-71F58B6821E8} - System32\Tasks\ZDBEDRP => C:\Users\luq92\AppData\Roaming\ZDBEDRP.exe [2014-11-15] (Object Browser) <==== ATTENTION Task: C:\Windows\Tasks\OZWDNTC.job => C:\Users\luq92\AppData\Roaming\OZWDNTC.exe <==== ATTENTION Task: C:\Windows\Tasks\ZDBEDRP.job => C:\Users\luq92\AppData\Roaming\ZDBEDRP.exe <==== ATTENTION GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\924d6389-cd3d-47c2-ad41-b00b91c76a09 C:\Program Files (x86)\globalUpdate C:\Program Files (x86)\YouTube Accelerator C:\ProgramData\01e58235-010d-43b1-8340-277d43a75321 C:\ProgramData\APN C:\ProgramData\TEMP C:\Users\luq92\AppData\Local\CrashRpt C:\Users\luq92\AppData\Local\globalUpdate C:\Users\luq92\AppData\Local\Google\Chrome\User Data\Default\Preferences C:\Users\luq92\AppData\Local\Google\Chrome\User Data\Default\Local Storage\*localstorage* C:\Users\luq92\AppData\Roaming\*.exe C:\Users\luq92\AppData\Roaming\OZWDNTC C:\Users\luq92\AppData\Roaming\ZDBEDRP C:\Windows\System32\drivers\{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw64.sys CMD: ipconfig /flushdns CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a C:\ProgramData CMD: dir /a C:\Users\luq92\AppData\Local CMD: dir /a C:\Users\luq92\AppData\LocalLow CMD: dir /a C:\Users\luq92\AppData\Roaming EmptyTemp: ***************** Processes closed successfully. MaintainerSvc6.89.573444 => Service deleted successfully. {9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw64 => Service deleted successfully. ALSysIO => Service deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{73FCDE78-655E-4C52-80B0-0982A8AB3877}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73FCDE78-655E-4C52-80B0-0982A8AB3877}" => Key deleted successfully. C:\Windows\System32\Tasks\OZWDNTC => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OZWDNTC" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B149163F-07D2-4555-8BD9-71F58B6821E8}" => Key not found. C:\Windows\System32\Tasks\ZDBEDRP not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ZDBEDRP" => Key not found. C:\Windows\Tasks\OZWDNTC.job => Moved successfully. C:\Windows\Tasks\ZDBEDRP.job not found. C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. C:\Program Files (x86)\924d6389-cd3d-47c2-ad41-b00b91c76a09 => Moved successfully. C:\Program Files (x86)\globalUpdate => Moved successfully. C:\Program Files (x86)\YouTube Accelerator => Moved successfully. C:\ProgramData\01e58235-010d-43b1-8340-277d43a75321 => Moved successfully. C:\ProgramData\APN => Moved successfully. C:\ProgramData\TEMP => Moved successfully. C:\Users\luq92\AppData\Local\CrashRpt => Moved successfully. C:\Users\luq92\AppData\Local\globalUpdate => Moved successfully. C:\Users\luq92\AppData\Local\Google\Chrome\User Data\Default\Preferences => Moved successfully. C:\Users\luq92\AppData\Local\Google\Chrome\User Data\Default\Local Storage\*localstorage* => Moved successfully. C:\Users\luq92\AppData\Roaming\*.exe => Moved successfully. C:\Users\luq92\AppData\Roaming\OZWDNTC => Moved successfully. "C:\Users\luq92\AppData\Roaming\ZDBEDRP" => File/Directory not found. C:\Windows\System32\drivers\{9642e31c-2703-4a31-ba45-9e8dfb693e38}Gw64.sys => Moved successfully. ========= ipconfig /flushdns ========= Konfiguracja IP systemu Windows Nie mo¾na opr¢¾ni† pami©ci podr©cznej programu rozpoznawania nazw DNS: Niepowodzenie funkcji podczas jej wykonywania. ========= End of CMD: ========= ========= dir /a "C:\Program Files" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: C60B-6397 Katalog: C:\Program Files 2014-11-16 12:00 . 2014-11-16 12:00 .. 2014-11-15 14:31 Common Files 2014-11-15 18:28 COMODO 2014-11-15 12:48 Creative 2009-07-14 05:54 174 desktop.ini 2014-11-17 21:57 DVD Maker 2014-11-15 12:40 IDT 2014-11-15 12:37 Intel 2014-11-19 18:05 Internet Explorer 2009-07-14 19:09 Microsoft Games 2014-11-16 12:00 Microsoft Office 2014-11-15 19:08 Microsoft Silverlight 2009-07-14 06:32 MSBuild 2009-07-14 06:32 Reference Assemblies 2014-11-15 12:33 Synaptics 2009-07-14 06:09 Uninstall Information 2014-11-18 14:06 Windows Defender 2014-11-19 18:05 Windows Journal 2014-11-17 21:57 Windows Mail 2014-11-17 21:57 Windows Media Player 2014-11-15 12:23 Windows NT 2014-11-17 21:57 Windows Photo Viewer 2014-11-17 21:57 Windows Portable Devices 2014-11-17 21:57 Windows Sidebar 1 plik(¢w) 174 bajt¢w 24 katalog(¢w) 23ÿ484ÿ125ÿ184 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a "C:\Program Files (x86)" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: C60B-6397 Katalog: C:\Program Files (x86) 2014-11-19 20:24 . 2014-11-19 20:24 .. 2014-11-19 17:12 Brother 2014-11-19 17:14 Brownie 2014-11-15 12:37 Cisco 2014-11-18 13:09 Common Files 2014-11-16 08:26 Comodo 2014-11-15 12:49 Creative 2014-11-15 12:48 Creative Installation Information 2009-07-14 05:54 174 desktop.ini 2014-11-15 13:18 Google 2014-11-19 17:12 InstallShield Installation Information 2014-11-15 14:27 Intel 2014-11-19 18:05 Internet Explorer 2014-11-18 12:38 Microsoft Office 2014-11-15 13:25 Microsoft OneDrive 2014-11-15 19:08 Microsoft Silverlight 2014-11-17 22:21 Microsoft Works 2014-11-15 18:38 Microsoft.NET 2009-07-14 06:32 MSBuild 2014-11-15 12:42 Realtek 2009-07-14 06:32 Reference Assemblies 2009-07-14 05:57 Uninstall Information 2014-11-18 14:06 Windows Defender 2014-11-17 21:57 Windows Mail 2014-11-17 21:57 Windows Media Player 2009-07-14 06:32 Windows NT 2014-11-17 21:57 Windows Photo Viewer 2014-11-17 21:57 Windows Portable Devices 2014-11-17 21:57 Windows Sidebar 1 plik(¢w) 174 bajt¢w 29 katalog(¢w) 23ÿ484ÿ121ÿ088 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\ProgramData ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: C60B-6397 Katalog: C:\ProgramData 2014-11-19 20:24 . 2014-11-19 20:24 .. 2009-07-14 06:08 Application Data [C:\ProgramData] 2009-02-24 12:40 1ÿ026 cfSB0270.ini 2009-02-24 12:40 1ÿ026 cfSB0271.ini 2009-02-24 12:40 1ÿ302 cfSB0300.ini 2009-02-24 12:40 1ÿ282 cfSB0471.ini 2009-02-24 12:40 1ÿ208 cfSB0490.ini 2009-02-24 12:40 1ÿ027 cfSB0560.ini 2009-02-24 12:40 1ÿ352 cfSB0910.ini 2009-02-24 12:40 590 cfSB0950.ini 2009-02-24 12:40 1ÿ352 cfSB1090.ini 2009-02-24 12:40 1ÿ346 cfSB1100.ini 2014-11-15 18:29 Comodo 2014-11-15 18:27 Comodo Downloader 2014-11-15 12:56 Creative 2014-11-16 11:56 DAEMON Tools Lite 2014-11-15 12:23 Dane aplikacji [C:\ProgramData] 2009-07-14 06:08 Desktop [C:\Users\Public\Desktop] 2009-07-14 06:08 Documents [C:\Users\Public\Documents] 2014-11-15 12:23 Dokumenty [C:\Users\Public\Documents] 2009-07-14 06:08 Favorites [C:\Users\Public\Favorites] 2014-11-15 12:37 Intel 2014-11-15 13:57 Malwarebytes 2014-11-15 12:23 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 2014-11-19 17:51 Microsoft 2014-11-19 16:42 Microsoft Help 2014-11-15 13:24 Microsoft OneDrive 2014-11-19 08:14 266 ntuser.pol 2014-11-15 12:23 Pulpit [C:\Users\Public\Desktop] 2014-11-15 18:29 Shared Space 2009-07-14 06:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 2014-11-15 12:23 Szablony [C:\ProgramData\Microsoft\Windows\Templates] 2009-07-14 06:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 2014-11-15 12:23 Ulubione [C:\Users\Public\Favorites] 11 plik(¢w) 11ÿ777 bajt¢w 24 katalog(¢w) 23ÿ484ÿ121ÿ088 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\Users\luq92\AppData\Local ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: C60B-6397 Katalog: C:\Users\luq92\AppData\Local 2014-11-19 20:24 . 2014-11-19 20:24 .. 2014-11-15 12:55 Apps 2014-11-15 12:23 Dane aplikacji [C:\Users\luq92\AppData\Local] 2014-11-15 12:56 Deployment 2014-11-19 16:57 ElevatedDiagnostics 2014-11-15 13:54 Evernote 2014-11-18 21:11 84ÿ112 GDIPFONTCACHEV1.DAT 2014-11-15 13:18 Google 2014-11-15 12:23 Historia [C:\Users\luq92\AppData\Local\Microsoft\Windows\History] 2014-11-19 20:19 1ÿ382ÿ202 IconCache.db 2014-11-15 13:11 Installer 2014-11-19 18:09 Microsoft 2014-11-16 12:00 Microsoft Help 2014-11-15 13:10 Programs 2014-11-15 13:03 Spotify 2014-11-19 20:22 Temp 2014-11-15 12:23 Temporary Internet Files [C:\Users\luq92\AppData\Local\Microsoft\Windows\Temporary Internet Files] 2014-11-15 12:23 VirtualStore 2014-11-16 13:17 Windows Live 2 plik(¢w) 1ÿ466ÿ314 bajt¢w 18 katalog(¢w) 23ÿ484ÿ121ÿ088 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\Users\luq92\AppData\LocalLow ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: C60B-6397 Katalog: C:\Users\luq92\AppData\LocalLow 2014-11-16 09:47 . 2014-11-16 09:47 .. 2014-11-15 13:53 Evernote 2014-11-16 13:17 Microsoft 0 plik(¢w) 0 bajt¢w 4 katalog(¢w) 23ÿ484ÿ116ÿ992 bajt¢w wolnych ========= End of CMD: ========= ========= dir /a C:\Users\luq92\AppData\Roaming ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: C60B-6397 Katalog: C:\Users\luq92\AppData\Roaming 2014-11-19 20:24 . 2014-11-19 20:24 .. 2014-11-19 18:09 Adobe 2014-11-16 11:56 DAEMON Tools Lite 2014-11-19 19:26 Dropbox 2014-11-15 22:20 e-academy Inc 2014-11-19 17:04 Foxit Software 2014-11-15 12:24 Identities 2014-11-15 12:34 InstallShield 2014-11-15 12:38 Intel 2014-11-15 12:45 Intel Corporation 2009-07-14 19:09 Media Center Programs 2014-11-18 10:59 Microsoft 2014-11-17 22:13 MPC-HC 2014-11-15 13:04 Spotify 2014-11-17 18:33 uTorrent 0 plik(¢w) 0 bajt¢w 16 katalog(¢w) 23ÿ484ÿ116ÿ992 bajt¢w wolnych ========= End of CMD: ========= EmptyTemp: => Removed 748.1 MB temporary data. The system needed a reboot. ==== End of Fixlog ====