Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-12-2014 Ran by Ja at 2014-12-04 17:29:04 Run:1 Running from C:\Documents and Settings\Ja\Pulpit\frst1 Loaded Profile: Ja (Available profiles: Ja) Boot Mode: Safe Mode (minimal) ============================================== Content of fixlist: ***************** CloseProcesses: S1 {24616444-765b-4b21-a0d9-3f0c17b29bfe}t; C:\WINDOWS\System32\drivers\{24616444-765b-4b21-a0d9-3f0c17b29bfe}t.sys [55872 2014-11-28] (StdLib) S1 {29b7765c-96a7-42da-b89f-2a7b5f6b5cba}t; C:\WINDOWS\System32\drivers\{29b7765c-96a7-42da-b89f-2a7b5f6b5cba}t.sys [55872 2014-11-30] (StdLib) S1 {397e3208-0393-47ca-9748-370b27e14021}t; C:\WINDOWS\System32\drivers\{397e3208-0393-47ca-9748-370b27e14021}t.sys [55832 2014-10-19] (StdLib) S1 {4059f7a9-d023-4137-a1c8-01f0f6fe6110}t; C:\WINDOWS\System32\drivers\{4059f7a9-d023-4137-a1c8-01f0f6fe6110}t.sys [55832 2014-10-20] (StdLib) S1 {55825785-0831-456c-8958-bd781398505d}t; C:\WINDOWS\System32\drivers\{55825785-0831-456c-8958-bd781398505d}t.sys [55872 2014-11-26] (StdLib) S1 {5eeb83d0-96ea-4249-942c-beead6847053}t; C:\WINDOWS\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}t.sys [55064 2014-09-12] (StdLib) S1 {632916e0-3570-41b8-afb5-b10d86ad94c7}t; C:\WINDOWS\System32\drivers\{632916e0-3570-41b8-afb5-b10d86ad94c7}t.sys [55832 2014-10-21] (StdLib) S1 {71d5e150-c72b-4e5b-a773-e49420251642}t; C:\WINDOWS\System32\drivers\{71d5e150-c72b-4e5b-a773-e49420251642}t.sys [55832 2014-10-22] (StdLib) S1 {8e282837-b584-46f4-a220-bfdd4678d061}t; C:\WINDOWS\System32\drivers\{8e282837-b584-46f4-a220-bfdd4678d061}t.sys [55872 2014-12-01] (StdLib) S1 {98a55059-ac5d-40d9-81ae-6bff294c9b89}t; C:\WINDOWS\System32\drivers\{98a55059-ac5d-40d9-81ae-6bff294c9b89}t.sys [55832 2014-10-19] (StdLib) S1 {c28516e7-f1f3-4437-81ce-ec213355cd9c}t; C:\WINDOWS\System32\drivers\{c28516e7-f1f3-4437-81ce-ec213355cd9c}t.sys [55872 2014-12-01] (StdLib) S1 {c393de5d-8149-4434-ab91-01ec8ea15264}t; C:\WINDOWS\System32\drivers\{c393de5d-8149-4434-ab91-01ec8ea15264}t.sys [55872 2014-11-30] (StdLib) S1 {d0ee745f-6f92-44ac-a7b8-87dfc4a60a3a}t; C:\WINDOWS\System32\drivers\{d0ee745f-6f92-44ac-a7b8-87dfc4a60a3a}t.sys [55872 2014-11-29] (StdLib) S1 {e168bb47-74a7-440b-bf7d-d17153007d6b}t; C:\WINDOWS\System32\drivers\{e168bb47-74a7-440b-bf7d-d17153007d6b}t.sys [55832 2014-10-11] (StdLib) S1 {efa349b9-003c-4506-9e55-957c1cff853c}t; C:\WINDOWS\System32\drivers\{efa349b9-003c-4506-9e55-957c1cff853c}t.sys [55832 2014-10-22] (StdLib) S1 {f06ee1ad-d0c2-4bf7-ada2-fa0fb563c169}t; C:\WINDOWS\System32\drivers\{f06ee1ad-d0c2-4bf7-ada2-fa0fb563c169}t.sys [55832 2014-10-15] (StdLib) S1 {fa50efa5-2c2a-4d8c-b58d-b9548ceccd2b}t; C:\WINDOWS\System32\drivers\{fa50efa5-2c2a-4d8c-b58d-b9548ceccd2b}t.sys [55832 2014-10-11] (StdLib) S1 {fc8e6a5c-9413-4b64-b2fd-0aad0e9e50eb}t; C:\WINDOWS\System32\drivers\{fc8e6a5c-9413-4b64-b2fd-0aad0e9e50eb}t.sys [55832 2014-10-16] (StdLib) S1 {fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}t; C:\WINDOWS\System32\drivers\{fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}t.sys [55832 2014-10-13] (StdLib) S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X] S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X] S3 GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS [X] S3 KUsbGuard; \??\C:\program files\kingsoft\kingsoft antivirus\kusbquery.sys [X] S2 MaintainerSvc7.71.837357; C:\Documents and Settings\All Users\Dane aplikacji\66d59f5c-9429-4c86-9f63-c339daeaabaf\maintainer.exe [123680 2014-12-02] () S2 Util SmarterPower; "C:\Program Files\SmarterPower\bin\utilSmarterPower.exe" [X] HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ProxyEnable: [S-1-5-21-1060284298-796845957-1417001333-1005] => Internet Explorer proxy is enabled. HKU\S-1-5-21-1060284298-796845957-1417001333-1005\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220140911 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220140911 C:\Documents and Settings\All Users\Dane aplikacji\66d59f5c-9429-4c86-9f63-c339daeaabaf C:\WINDOWS\System32\drivers\{24616444-765b-4b21-a0d9-3f0c17b29bfe}t.sys C:\WINDOWS\System32\drivers\{29b7765c-96a7-42da-b89f-2a7b5f6b5cba}t.sys C:\WINDOWS\System32\drivers\{397e3208-0393-47ca-9748-370b27e14021}t.sys C:\WINDOWS\System32\drivers\{4059f7a9-d023-4137-a1c8-01f0f6fe6110}t.sys C:\WINDOWS\System32\drivers\{55825785-0831-456c-8958-bd781398505d}t.sys C:\WINDOWS\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}t.sys C:\WINDOWS\System32\drivers\{632916e0-3570-41b8-afb5-b10d86ad94c7}t.sys C:\WINDOWS\System32\drivers\{71d5e150-c72b-4e5b-a773-e49420251642}t.sys C:\WINDOWS\System32\drivers\{8e282837-b584-46f4-a220-bfdd4678d061}t.sys C:\WINDOWS\System32\drivers\{98a55059-ac5d-40d9-81ae-6bff294c9b89}t.sys C:\WINDOWS\System32\drivers\{c28516e7-f1f3-4437-81ce-ec213355cd9c}t.sys C:\WINDOWS\System32\drivers\{c393de5d-8149-4434-ab91-01ec8ea15264}t.sys C:\WINDOWS\System32\drivers\{d0ee745f-6f92-44ac-a7b8-87dfc4a60a3a}t.sys C:\WINDOWS\System32\drivers\{e168bb47-74a7-440b-bf7d-d17153007d6b}t.sys C:\WINDOWS\System32\drivers\{efa349b9-003c-4506-9e55-957c1cff853c}t.sys C:\WINDOWS\System32\drivers\{f06ee1ad-d0c2-4bf7-ada2-fa0fb563c169}t.sys C:\WINDOWS\System32\drivers\{fa50efa5-2c2a-4d8c-b58d-b9548ceccd2b}t.sys C:\WINDOWS\System32\drivers\{fc8e6a5c-9413-4b64-b2fd-0aad0e9e50eb}t.sys C:\WINDOWS\System32\drivers\{fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}t.sys Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f Folder: C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Opera Software\Opera Stable\Extensions CMD: type "C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Opera Software\Opera Stable\Preferences" EmptyTemp: ***************** Processes closed successfully. {24616444-765b-4b21-a0d9-3f0c17b29bfe}t => Service deleted successfully. {29b7765c-96a7-42da-b89f-2a7b5f6b5cba}t => Service deleted successfully. {397e3208-0393-47ca-9748-370b27e14021}t => Service deleted successfully. {4059f7a9-d023-4137-a1c8-01f0f6fe6110}t => Service deleted successfully. {55825785-0831-456c-8958-bd781398505d}t => Service deleted successfully. {5eeb83d0-96ea-4249-942c-beead6847053}t => Service deleted successfully. {632916e0-3570-41b8-afb5-b10d86ad94c7}t => Service deleted successfully. {71d5e150-c72b-4e5b-a773-e49420251642}t => Service deleted successfully. {8e282837-b584-46f4-a220-bfdd4678d061}t => Service deleted successfully. {98a55059-ac5d-40d9-81ae-6bff294c9b89}t => Service deleted successfully. {c28516e7-f1f3-4437-81ce-ec213355cd9c}t => Service deleted successfully. {c393de5d-8149-4434-ab91-01ec8ea15264}t => Service deleted successfully. {d0ee745f-6f92-44ac-a7b8-87dfc4a60a3a}t => Service deleted successfully. {e168bb47-74a7-440b-bf7d-d17153007d6b}t => Service deleted successfully. {efa349b9-003c-4506-9e55-957c1cff853c}t => Service deleted successfully. {f06ee1ad-d0c2-4bf7-ada2-fa0fb563c169}t => Service deleted successfully. {fa50efa5-2c2a-4d8c-b58d-b9548ceccd2b}t => Service deleted successfully. {fc8e6a5c-9413-4b64-b2fd-0aad0e9e50eb}t => Service deleted successfully. {fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}t => Service deleted successfully. AndNetDiag => Service deleted successfully. ANDNetModem => Service deleted successfully. GMSIPCI => Service deleted successfully. KUsbGuard => Service deleted successfully. MaintainerSvc7.71.837357 => Service deleted successfully. Util SmarterPower => Service deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck => value deleted successfully. C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully. C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. HKU\S-1-5-21-1060284298-796845957-1417001333-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully. HKU\S-1-5-21-1060284298-796845957-1417001333-1005\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. C:\Documents and Settings\All Users\Dane aplikacji\66d59f5c-9429-4c86-9f63-c339daeaabaf => Moved successfully. C:\WINDOWS\System32\drivers\{24616444-765b-4b21-a0d9-3f0c17b29bfe}t.sys => Moved successfully. C:\WINDOWS\System32\drivers\{29b7765c-96a7-42da-b89f-2a7b5f6b5cba}t.sys => Moved successfully. C:\WINDOWS\System32\drivers\{397e3208-0393-47ca-9748-370b27e14021}t.sys => Moved successfully. C:\WINDOWS\System32\drivers\{4059f7a9-d023-4137-a1c8-01f0f6fe6110}t.sys => Moved successfully. C:\WINDOWS\System32\drivers\{55825785-0831-456c-8958-bd781398505d}t.sys => Moved successfully. C:\WINDOWS\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}t.sys => Moved successfully. C:\WINDOWS\System32\drivers\{632916e0-3570-41b8-afb5-b10d86ad94c7}t.sys => Moved successfully. C:\WINDOWS\System32\drivers\{71d5e150-c72b-4e5b-a773-e49420251642}t.sys => Moved successfully. C:\WINDOWS\System32\drivers\{8e282837-b584-46f4-a220-bfdd4678d061}t.sys => Moved successfully. C:\WINDOWS\System32\drivers\{98a55059-ac5d-40d9-81ae-6bff294c9b89}t.sys => Moved successfully. C:\WINDOWS\System32\drivers\{c28516e7-f1f3-4437-81ce-ec213355cd9c}t.sys => Moved successfully. C:\WINDOWS\System32\drivers\{c393de5d-8149-4434-ab91-01ec8ea15264}t.sys => Moved successfully. C:\WINDOWS\System32\drivers\{d0ee745f-6f92-44ac-a7b8-87dfc4a60a3a}t.sys => Moved successfully. C:\WINDOWS\System32\drivers\{e168bb47-74a7-440b-bf7d-d17153007d6b}t.sys => Moved successfully. C:\WINDOWS\System32\drivers\{efa349b9-003c-4506-9e55-957c1cff853c}t.sys => Moved successfully. C:\WINDOWS\System32\drivers\{f06ee1ad-d0c2-4bf7-ada2-fa0fb563c169}t.sys => Moved successfully. C:\WINDOWS\System32\drivers\{fa50efa5-2c2a-4d8c-b58d-b9548ceccd2b}t.sys => Moved successfully. C:\WINDOWS\System32\drivers\{fc8e6a5c-9413-4b64-b2fd-0aad0e9e50eb}t.sys => Moved successfully. C:\WINDOWS\System32\drivers\{fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}t.sys => Moved successfully. ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========================= Folder: C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Opera Software\Opera Stable\Extensions ======================== Directory Not Found ========= type "C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Opera Software\Opera Stable\Preferences" ========= ========= End of CMD: ========= EmptyTemp: => Removed 202.1 MB temporary data. The system needed a reboot. ==== End of Fixlog ====