Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-12-2014 03 Ran by Mariola at 2014-12-13 09:03:50 Run:1 Running from C:\Users\Mariola\Downloads Loaded Profiles: Mariola & (Available profiles: Mariola) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: S1 {e4a6645a-3f85-4e1f-aa41-8367978844db}w64; system32\drivers\{e4a6645a-3f85-4e1f-aa41-8367978844db}w64.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation) Task: {1CE1CAF8-B073-46B1-A482-0BAD5B740E62} - System32\Tasks\{28B123DB-0563-4657-9CB4-5E1642AA4F5C} => pcalua.exe -a "C:\Program Files (x86)\PopCap Games\Plants vs. Zombies\PopUninstall.exe" -c "C:\Program Files (x86)\PopCap Games\Plants vs. Zombies\Install.log" Task: {2ACDC6D4-7082-47C1-9173-C7224A0F2844} - \SPDriver No Task File <==== ATTENTION Task: {600AE852-E36A-4FF2-81EE-8DC1DBF856A5} - \bench-sys No Task File <==== ATTENTION Task: {9CC57E81-3703-44C3-BAAB-1C9CB8F9481C} - \SPBIW_UpdateTask_Time_323238343032363735322d2350785732325b6c342a2d45 No Task File <==== ATTENTION Task: C:\windows\Tasks\NDFNWE.job => C:\Users\Mariola\AppData\Roaming\NDFNWE.exe <==== ATTENTION Task: C:\windows\Tasks\PZBSD.job => C:\Users\Mariola\AppData\Roaming\PZBSD.exe <==== ATTENTION Startup: C:\Users\Mariola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_05838380.lnk CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3331319&octid=EB_ORIGINAL_CTID&ISID=MA8376247-F9E9-488D-94FC-D64D6EE6B2DE&SearchSource=55&CUI=&UM=6&UP=SPC1C339F9-086D-4F72-BAB3-E869D1CB1FBA&SSPV= CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3331319&octid=EB_ORIGINAL_CTID&ISID=MA8376247-F9E9-488D-94FC-D64D6EE6B2DE&SearchSource=55&CUI=&UM=6&UP=SPC1C339F9-086D-4F72-BAB3-E869D1CB1FBA&SSPV=" GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1389066822-2107305290-2761972221-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-1389066822-2107305290-2761972221-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1389066822-2107305290-2761972221-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKU\S-1-5-21-1389066822-2107305290-2761972221-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKU\S-1-5-21-1389066822-2107305290-2761972221-1001 -> {5387967B-EEB6-4153-9D59-0F3C7606A394} URL = C:\Program Files (x86)\Bench C:\Program Files (x86)\CommonShare C:\Program Files (x86)\globalUpdate C:\Program Files (x86)\predm C:\ProgramData\Kaspersky Lab C:\ProgramData\Norton C:\ProgramData\WPM C:\ProgramData\Temp C:\Users\Mariola\AppData\Local\Google\Chrome\User Data\Default\Preferences C:\Users\Mariola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\*localstorage* C:\Users\Mariola\AppData\Roaming\Opera Software\Opera Stable\Local Storage\*localstorage* C:\Users\Mariola\AppData\Roaming\systweak C:\Users\Mariola\Desktop\Wyczyść rejestr za darmo!.lnk Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v SPDriver /f Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v GoobzoYouTubeAccelerator /f Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v "Super Optimizer" /f Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v fst_pl_78 /f Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v SPDriver /f Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v fst_pl_211 /f Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v fst_pl_79 /f Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v fst_pl_99 /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Sense /f Reg: reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {5387967B-EEB6-4153-9D59-0F3C7606A394} /f Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {5387967B-EEB6-4153-9D59-0F3C7606A394} /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f CMD: sc config "Multimedia mobilNET. RunOuc" start= disabled CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a C:\ProgramData CMD: dir /a C:\Users\Mariola\AppData\Local CMD: dir /a C:\Users\Mariola\AppData\LocalLow CMD: dir /a C:\Users\Mariola\AppData\Roaming EmptyTemp: ***************** Processes closed successfully. {e4a6645a-3f85-4e1f-aa41-8367978844db}w64 => Service deleted successfully. catchme => Service deleted successfully. AppMgmt => Service deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1CE1CAF8-B073-46B1-A482-0BAD5B740E62}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CE1CAF8-B073-46B1-A482-0BAD5B740E62}" => Key deleted successfully. C:\Windows\System32\Tasks\{28B123DB-0563-4657-9CB4-5E1642AA4F5C} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{28B123DB-0563-4657-9CB4-5E1642AA4F5C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2ACDC6D4-7082-47C1-9173-C7224A0F2844}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2ACDC6D4-7082-47C1-9173-C7224A0F2844}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPDriver" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{600AE852-E36A-4FF2-81EE-8DC1DBF856A5}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{600AE852-E36A-4FF2-81EE-8DC1DBF856A5}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bench-sys" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CC57E81-3703-44C3-BAAB-1C9CB8F9481C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CC57E81-3703-44C3-BAAB-1C9CB8F9481C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_323238343032363735322d2350785732325b6c342a2d45" => Key deleted successfully. C:\windows\Tasks\NDFNWE.job => Moved successfully. C:\windows\Tasks\PZBSD.job => Moved successfully. C:\Users\Mariola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_05838380.lnk => Moved successfully. Chrome HomePage deleted successfully. Chrome StartupUrls deleted successfully. C:\windows\system32\GroupPolicy\Machine => Moved successfully. C:\windows\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. "HKU\S-1-5-21-1389066822-2107305290-2761972221-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKU\S-1-5-21-1389066822-2107305290-2761972221-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKU\S-1-5-21-1389066822-2107305290-2761972221-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. HKU\S-1-5-21-1389066822-2107305290-2761972221-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. "HKU\S-1-5-21-1389066822-2107305290-2761972221-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5387967B-EEB6-4153-9D59-0F3C7606A394}" => Key deleted successfully. "HKCR\CLSID\{5387967B-EEB6-4153-9D59-0F3C7606A394}" => Key not found. C:\Program Files (x86)\Bench => Moved successfully. C:\Program Files (x86)\CommonShare => Moved successfully. C:\Program Files (x86)\globalUpdate => Moved successfully. C:\Program Files (x86)\predm => Moved successfully. C:\ProgramData\Kaspersky Lab => Moved successfully. C:\ProgramData\Norton => Moved successfully. C:\ProgramData\WPM => Moved successfully. C:\ProgramData\Temp => Moved successfully. C:\Users\Mariola\AppData\Local\Google\Chrome\User Data\Default\Preferences => Moved successfully. C:\Users\Mariola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\*localstorage* => Moved successfully. C:\Users\Mariola\AppData\Roaming\Opera Software\Opera Stable\Local Storage\*localstorage* => Moved successfully. C:\Users\Mariola\AppData\Roaming\systweak => Moved successfully. C:\Users\Mariola\Desktop\Wyczyść rejestr za darmo!.lnk => Moved successfully. ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v SPDriver /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v GoobzoYouTubeAccelerator /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v "Super Optimizer" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v fst_pl_78 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v SPDriver /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v fst_pl_211 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v fst_pl_79 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v fst_pl_99 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Sense /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {5387967B-EEB6-4153-9D59-0F3C7606A394} /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {5387967B-EEB6-4153-9D59-0F3C7606A394} /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= sc config "Multimedia mobilNET. RunOuc" start= disabled ========= [SC] ChangeServiceConfig SUCCESS ========= End of CMD: ========= ========= dir /a "C:\Program Files" ========= Volume in drive C has no label. Volume Serial Number is 1256-FDB4 Directory of C:\Program Files 2014-12-13 08:42 . 2014-12-13 08:42 .. 2014-12-12 21:22 AVAST Software 2013-03-11 11:16 Bitcasa 2014-12-13 08:42 CCleaner 2014-03-12 12:15 Classic Shell 2014-12-12 21:08 Common Files 2012-07-26 09:11 174 desktop.ini 2013-03-11 08:34 Intel 2014-12-12 21:40 Internet Explorer 2012-08-07 13:22 MSBuild 2013-03-11 08:35 Realtek 2012-08-07 13:22 Reference Assemblies 2013-03-11 11:14 Samsung 2014-03-10 23:41 Synaptics 2012-07-26 08:22 Uninstall Information 2014-12-12 21:41 Windows Defender 2014-12-12 21:40 Windows Journal 2014-12-12 21:40 Windows Mail 2014-12-12 21:40 Windows Media Player 2012-07-26 09:13 Windows Multimedia Platform 2012-07-26 09:12 Windows NT 2014-12-12 21:40 Windows Photo Viewer 2012-07-26 09:13 Windows Portable Devices 2012-07-26 09:12 Windows Sidebar 2014-12-12 17:30 WindowsApps 1 File(s) 174 bytes 25 Dir(s) 398ÿ432ÿ628ÿ736 bytes free ========= End of CMD: ========= ========= dir /a "C:\Program Files (x86)" ========= Volume in drive C has no label. Volume Serial Number is 1256-FDB4 Directory of C:\Program Files (x86) 2014-12-13 09:04 . 2014-12-13 09:04 .. 2013-03-11 11:04 Adobe 2013-03-11 10:34 Bluetooth Suite 2014-12-12 18:26 Common Files 2013-03-11 10:42 CyberLink 2012-07-26 09:11 174 desktop.ini 2014-03-12 11:15 Google 2013-03-11 11:12 InstallShield Installation Information 2013-03-11 10:54 Intel 2014-12-12 21:40 Internet Explorer 2014-12-12 19:59 Malwarebytes Anti-Malware 2014-03-12 11:43 Microsoft Office 2013-03-11 11:08 Microsoft SQL Server Compact Edition 2014-03-12 11:43 Microsoft.NET 2012-08-07 13:22 MSBuild 2014-03-15 14:25 Multimedia mobilNET 2014-12-12 21:20 Opera 2013-03-11 08:38 Qualcomm Atheros 2013-03-11 08:36 Realtek 2012-08-07 13:22 Reference Assemblies 2013-03-11 11:14 Samsung 2014-03-12 13:04 Skype 2013-03-11 11:00 Symantec 2013-03-11 11:24 SymSilent 2013-03-11 08:35 Temp 2014-12-12 21:41 Windows Defender 2013-03-11 11:08 Windows Live 2014-12-12 21:40 Windows Mail 2014-12-12 21:40 Windows Media Player 2012-07-26 09:13 Windows Multimedia Platform 2012-07-26 09:12 Windows NT 2014-12-12 21:40 Windows Photo Viewer 2012-07-26 09:13 Windows Portable Devices 2012-07-26 09:12 Windows Sidebar 2014-03-12 11:37 WinRAR 2014-03-12 11:33 YouTube Accelerator 1 File(s) 174 bytes 36 Dir(s) 398ÿ432ÿ624ÿ640 bytes free ========= End of CMD: ========= ========= dir /a C:\ProgramData ========= Volume in drive C has no label. Volume Serial Number is 1256-FDB4 Directory of C:\ProgramData 2014-12-13 09:04 . 2014-12-13 09:04 .. 2013-03-11 11:04 Adobe 2012-07-26 08:22 Application Data [C:\ProgramData] 2014-03-10 23:43 Atheros 2014-12-12 21:22 AVAST Software 2013-03-11 11:00 boost_interprocess 2013-03-11 08:38 ColorMode 2014-04-27 17:05 CyberLink 2014-03-15 14:29 DataCardService 2012-07-26 08:22 Desktop [C:\Users\Public\Desktop] 2014-12-13 11:11 Doctor Web 2012-07-26 08:22 Documents [C:\Users\Public\Documents] 2013-03-11 10:41 install_clap 2013-03-11 10:55 Intel 2013-02-19 08:34 2ÿ064ÿ264 MakeMarkerFile.exe 2013-01-12 15:51 3ÿ004 MakeMarkerFile.xml 2014-12-12 19:59 Malwarebytes 2014-03-12 12:55 Microsoft 2014-03-15 14:25 Multimedia mobilNET 2014-11-30 18:12 NortonInstaller 2014-12-12 21:31 PopCap Games 2014-03-15 19:15 PRICache 2013-03-11 08:37 Qualcomm Atheros 2013-03-12 00:03 regid.1991-06.com.microsoft 2014-03-10 23:39 Samsung 2014-03-12 13:05 Skype 2012-07-26 08:22 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 2013-03-11 11:00 Symantec 2014-03-12 10:58 Synaptics 2012-07-26 08:22 Templates [C:\ProgramData\Microsoft\Windows\Templates] 2014-12-12 21:32 WinClon 2 File(s) 2ÿ067ÿ268 bytes 30 Dir(s) 398ÿ432ÿ624ÿ640 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\Mariola\AppData\Local ========= Volume in drive C has no label. Volume Serial Number is 1256-FDB4 Directory of C:\Users\Mariola\AppData\Local 2014-12-12 21:08 . 2014-12-12 21:08 .. 2014-03-10 23:42 Adobe 2014-03-10 23:44 bitcasa 2014-03-10 23:43 BMExplorer 2014-12-13 08:44 CrashDumps 2014-03-12 11:02 CrashRpt 2014-10-25 20:15 globalUpdate 2014-03-12 11:15 Google 2014-12-12 21:11 229ÿ236 IconCache.db 2014-03-12 11:04 Installer 2014-11-30 18:13 Microsoft 2014-10-25 20:22 Opera Software 2014-03-15 19:15 Packages 2014-03-10 23:42 Power2Go8 2014-03-12 11:02 Programs 2014-03-10 23:41 Samsung 2014-03-12 13:05 Skype 2014-12-13 09:04 temp 2014-12-12 17:41 VirtualStore 1 File(s) 229ÿ236 bytes 19 Dir(s) 398ÿ432ÿ620ÿ544 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\Mariola\AppData\LocalLow ========= Volume in drive C has no label. Volume Serial Number is 1256-FDB4 Directory of C:\Users\Mariola\AppData\LocalLow 2014-12-12 21:22 . 2014-12-12 21:22 .. 2014-12-12 19:03 GoHD 2014-03-12 11:06 Microsoft 2014-10-22 19:22 Sense 2014-03-12 11:49 {EA34C851-D481-49F5-A356-3A8B0A8F3B7E} 0 File(s) 0 bytes 6 Dir(s) 398ÿ432ÿ620ÿ544 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\Mariola\AppData\Roaming ========= Volume in drive C has no label. Volume Serial Number is 1256-FDB4 Directory of C:\Users\Mariola\AppData\Roaming 2014-12-13 09:04 . 2014-12-13 09:04 .. 2014-03-10 23:41 Adobe 2014-03-10 23:42 Atheros 2014-12-12 21:29 AVAST Software 2014-12-12 23:19 ClassicShell 2014-03-15 14:44 CyberLink 2014-03-12 11:01 Macromedia 2014-03-12 10:54 Microsoft 2014-09-01 09:18 1ÿ248 NDFNWE 2014-10-25 20:22 Opera Software 2014-09-01 09:18 2ÿ086 PZBSD 2014-11-22 00:25 Skype 2014-03-12 10:57 Synaptics 2014-03-15 14:45 WebApp 2014-03-12 12:20 WinRAR 2 File(s) 3ÿ334 bytes 14 Dir(s) 398ÿ432ÿ620ÿ544 bytes free ========= End of CMD: ========= EmptyTemp: => Removed 378.3 MB temporary data. The system needed a reboot. ==== End of Fixlog ====