Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-12-2014 Ran by Prv at 2014-12-04 09:42:46 Run:1 Running from D:\WALKA_Z_TROJANEM Loaded Profile: Prv (Available profiles: Prv & User) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: S2 51cdb72; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.11\OptProCrash.dll",ENT S2 Update SourceApp; "C:\Program Files (x86)\SourceApp\updateSourceApp.exe" [X] S3 NPF; system32\drivers\NPF.sys [X] HKLM-x32\...\Run: [IR_SERVER] => C:\PROGRA~2\Realtek\REALTE~1\IR_SERVER.exe HKLM-x32\...\Run: [] => [X] SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-1562262702-2853843880-2879626507-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = DPF: HKLM-x32 {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-1562262702-2853843880-2879626507-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 C:\Program Files (x86)\SourceApp C:\ProgramData\600440862 C:\ProgramData\Temp C:\Users\Prv\AppData\Local\Google\Chrome C:\Users\Prv\AppData\Local\Opera Software C:\Users\Prv\AppData\Roaming\Opera Software C:\Users\Prv\AppData\Roaming\sp_data.sys Folder: C:\Windows\system32\GroupPolicy Folder: C:\Windows\SysWOW64\GroupPolicy Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f EmptyTemp: ***************** Processes closed successfully. 51cdb72 => Service deleted successfully. Update SourceApp => Service deleted successfully. NPF => Service deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\IR_SERVER => value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKU\S-1-5-21-1562262702-2853843880-2879626507-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{68282C51-9459-467B-95BF-3C0E89627E55}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{68282C51-9459-467B-95BF-3C0E89627E55}" => Key deleted successfully. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\smartwebprinting@hp.com => value deleted successfully. HKU\S-1-5-21-1562262702-2853843880-2879626507-1000\Software\Mozilla\Firefox\Extensions\\smartwebprinting@hp.com => value deleted successfully. C:\Program Files (x86)\SourceApp => Moved successfully. C:\ProgramData\600440862 => Moved successfully. C:\ProgramData\Temp => Moved successfully. C:\Users\Prv\AppData\Local\Google\Chrome => Moved successfully. C:\Users\Prv\AppData\Local\Opera Software => Moved successfully. C:\Users\Prv\AppData\Roaming\Opera Software => Moved successfully. C:\Users\Prv\AppData\Roaming\sp_data.sys => Moved successfully. ========================= Folder: C:\Windows\system32\GroupPolicy ======================== 2014-11-27 17:32 - 2014-11-27 17:32 - 0000000 ____D () C:\Windows\system32\GroupPolicy\Machine 2014-11-27 17:32 - 2014-11-27 17:32 - 0000000 ____D () C:\Windows\system32\GroupPolicy\User ====== End of Folder: ====== ========================= Folder: C:\Windows\SysWOW64\GroupPolicy ======================== 2014-11-27 17:32 - 2014-11-27 17:32 - 0000011 _____ () C:\Windows\SysWOW64\GroupPolicy\gpt.ini ====== End of Folder: ====== ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= EmptyTemp: => Removed 2.8 GB temporary data. The system needed a reboot. ==== End of Fixlog ====