Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 17-12-2014 Ran by Greg at 2014-12-18 15:11:49 Run:2 Running from D:\Narzedzia\FRST Loaded Profile: Greg (Available profiles: Greg & Administrator) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: HKU\S-1-5-21-861567501-1604221776-839522115-1003\...\Run: [se] => "C:\Documents and Settings\Greg.GS\Dane aplikacji\SkypEmoticons\se.exe" /minimized HKU\S-1-5-21-861567501-1604221776-839522115-1003\...\Run: [YTDownloader] => "C:\Program Files\YTDownloader\YTDownloader.exe" /boot BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\ShopperPro\ShopperPro.dll No File DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 C:\Documents and Settings\Administrator.GS\Dane aplikacji\Adobe C:\Documents and Settings\Administrator.GS\Dane aplikacji\Macromedia C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Adobe C:\Documents and Settings\Greg.GS\Dane aplikacji\Adobe C:\Documents and Settings\Greg.GS\Dane aplikacji\Macromedia C:\Documents and Settings\Greg.GS\Ustawienia lokalne\Dane aplikacji\Adobe C:\WINDOWS\system32\Adobe C:\WINDOWS\system32\Macromed CMD: netsh firewall reset CMD: del /q C:\WINDOWS\DUMP*.tmp CMD: del /q C:\WINDOWS\Minidump\*.dmp CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji" CMD: dir /a "C:\Documents and Settings\Administrator.GS\Dane aplikacji" CMD: dir /a "C:\Documents and Settings\Administrator.GS\Ustawienia lokalne\Dane aplikacji" CMD: dir /a "C:\Documents and Settings\Greg.GS\Dane aplikacji" CMD: dir /a "C:\Documents and Settings\Greg.GS\Ustawienia lokalne\Dane aplikacji" EmptyTemp: ***************** Processes closed successfully. HKU\S-1-5-21-861567501-1604221776-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\se => value deleted successfully. HKU\S-1-5-21-861567501-1604221776-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\YTDownloader => value deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}" => Key deleted successfully. "HKCR\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{17492023-C23A-453E-A040-C7C580BBF700}" => Key deleted successfully. "HKCR\CLSID\{17492023-C23A-453E-A040-C7C580BBF700}" => Key deleted successfully. C:\Documents and Settings\Administrator.GS\Dane aplikacji\Adobe => Moved successfully. C:\Documents and Settings\Administrator.GS\Dane aplikacji\Macromedia => Moved successfully. C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Adobe => Moved successfully. C:\Documents and Settings\Greg.GS\Dane aplikacji\Adobe => Moved successfully. C:\Documents and Settings\Greg.GS\Dane aplikacji\Macromedia => Moved successfully. C:\Documents and Settings\Greg.GS\Ustawienia lokalne\Dane aplikacji\Adobe => Moved successfully. C:\WINDOWS\system32\Adobe => Moved successfully. C:\WINDOWS\system32\Macromed => Moved successfully. ========= netsh firewall reset ========= Ok. ========= End of CMD: ========= ========= del /q C:\WINDOWS\DUMP*.tmp ========= ========= End of CMD: ========= ========= del /q C:\WINDOWS\Minidump\*.dmp ========= ========= End of CMD: ========= ========= dir /a "C:\Program Files" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 5436-40FC Katalog: C:\Program Files 2014-12-18 14:45 . 2014-12-18 14:45 .. 2013-12-03 17:16 ABBYY FineReader 6.0 Sprint 2013-08-15 20:25 ATI 2014-12-18 14:37 Common Files 2014-01-12 23:09 coolpro2 2013-12-06 10:38 DIFX 2014-02-10 11:16 epson 2014-02-09 11:47 Epson Software 2014-02-10 19:33 EpsonNet 2008-05-03 12:48 HighMAT CD Writing Wizard 2014-04-21 09:54 InstallShield Installation Information 2013-08-15 01:30 Intel 2014-04-08 22:46 Internet Explorer 2013-12-22 20:11 ipla 2014-08-18 10:25 Java 2013-12-05 23:40 K-Lite Codec Pack 2008-05-03 13:32 Malicious Software Removal Tool 2013-09-05 23:03 Messenger 2008-05-02 20:51 microsoft frontpage 2013-08-15 23:47 Microsoft LifeCam 2014-09-06 07:41 Microsoft Silverlight 2013-12-11 19:31 Movie Maker 2013-08-15 14:00 MSBuild 2008-05-02 20:47 MSN Gaming Zone 2008-05-03 13:23 MSXML 4.0 2013-08-15 14:48 MSXML 6.0 2013-09-05 22:59 NetMeeting 2014-12-18 12:18 NortonInstaller 2013-12-28 15:02 NVIDIA Corporation 2013-11-21 12:57 ooVoo 2013-12-11 19:24 Outlook Express 2013-10-29 17:29 PC Connectivity Solution 2013-11-04 20:04 PlayReady 2008-05-02 23:13 Realtek 2008-05-03 12:59 Reference Assemblies 2013-12-03 17:27 SAMSUNG 2014-06-19 22:33 Skype 2013-08-16 21:01 Uninstall Information 2013-12-06 13:23 V-Stream Multimedia 2013-08-15 21:51 VIA 2008-05-03 10:35 ViewSonic 2013-12-05 23:40 Vplayer 2008-05-03 13:28 Windows Media Connect 2 2013-09-05 22:59 Windows Media Player 2013-09-05 22:59 Windows NT 2008-05-02 20:49 WindowsUpdate 2008-05-02 20:51 xerox 0 plik(ów) 0 bajtów 48 katalog(ów) 5 754 413 056 bajtów wolnych ========= End of CMD: ========= ========= dir /a "C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 5436-40FC Katalog: C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji 2014-12-18 15:11 . 2014-12-18 15:11 .. 2013-08-15 20:33 ATI 2013-10-21 18:09 AVAST Software 2013-08-18 16:42 Canneverbe Limited 2013-08-15 02:52 62 desktop.ini 2014-02-10 11:15 EPSON 2014-05-03 17:25 ipla 2013-12-03 17:15 0 LauncherAccess.dt 2014-10-25 15:01 Martau 2013-10-29 17:34 Microsoft 2013-09-05 16:08 Norton 2013-09-05 16:08 NortonInstaller 2013-10-29 17:34 PC Suite 2013-11-04 20:03 RDRM 2014-04-21 09:54 Samsung 2014-08-26 10:00 Skype 2013-08-29 21:09 Sun 2013-08-29 21:46 Windows Genuine Advantage 2 plik(ów) 62 bajtów 17 katalog(ów) 5 754 413 056 bajtów wolnych ========= End of CMD: ========= ========= dir /a "C:\Documents and Settings\Administrator.GS\Dane aplikacji" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 5436-40FC Katalog: C:\Documents and Settings\Administrator.GS\Dane aplikacji 2014-12-18 15:11 . 2014-12-18 15:11 .. 2014-12-18 10:15 AVAST Software 2013-08-15 02:52 62 desktop.ini 2014-12-18 10:35 Microsoft 2014-12-18 10:45 Opera 1 plik(ów) 62 bajtów 5 katalog(ów) 5 754 413 056 bajtów wolnych ========= End of CMD: ========= ========= dir /a "C:\Documents and Settings\Administrator.GS\Ustawienia lokalne\Dane aplikacji" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 5436-40FC Katalog: C:\Documents and Settings\Administrator.GS\Ustawienia lokalne\Dane aplikacji 2014-12-18 10:45 . 2014-12-18 10:45 .. 2014-12-18 10:06 148 008 GDIPFONTCACHEV1.DAT 2014-12-18 12:16 4 240 656 IconCache.db 2014-12-18 10:34 Microsoft 2014-12-18 10:45 Opera 2 plik(ów) 4 388 664 bajtów 4 katalog(ów) 5 754 413 056 bajtów wolnych ========= End of CMD: ========= ========= dir /a "C:\Documents and Settings\Greg.GS\Dane aplikacji" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 5436-40FC Katalog: C:\Documents and Settings\Greg.GS\Dane aplikacji 2014-12-18 15:11 . 2014-12-18 15:11 .. 2014-09-27 20:07 .minecraft 2014-08-18 10:29 .minecraftzyczu 2013-08-15 20:33 ATI 2013-10-21 18:58 AVAST Software 2013-08-18 16:42 Canneverbe Limited 2013-08-19 16:56 Corel 2013-08-15 02:52 62 desktop.ini 2014-02-24 17:04 ElevatedDiagnostics 2013-08-15 01:05 Identities 2013-08-20 16:18 InstallShield 2014-05-03 17:23 ipla 2013-12-03 17:58 Media Player Classic 2014-02-24 18:13 Microsoft 2013-10-29 17:36 Nokia 2013-08-17 00:01 Nowe Gadu-Gadu 2013-11-21 12:57 ooVoo Details 2013-08-14 21:26 Opera 2013-10-29 17:34 PC Suite 2014-05-28 16:50 Riot Games 2014-04-21 10:04 Samsung 2014-11-28 21:06 Skype 2013-12-06 17:34 skypePM 2013-08-29 21:07 Sun 2014-11-30 14:49 uTorrent 2013-12-03 13:54 wsInspector 1 plik(ów) 62 bajtów 26 katalog(ów) 5 754 413 056 bajtów wolnych ========= End of CMD: ========= ========= dir /a "C:\Documents and Settings\Greg.GS\Ustawienia lokalne\Dane aplikacji" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 5436-40FC Katalog: C:\Documents and Settings\Greg.GS\Ustawienia lokalne\Dane aplikacji 2014-12-18 15:11 . 2014-12-18 15:11 .. 2013-12-03 13:30 ApplicationHistory 2013-08-15 20:33 ATI 2013-12-03 17:25 BonanzaDealsLive 2013-12-03 17:13 cache 2014-03-17 21:29 Comodo 2014-07-25 16:53 CrashRpt 2014-12-18 12:36 5 120 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-04-21 09:53 Downloaded Installations 2013-12-03 13:24 freeSOFTtoday 2013-08-17 19:42 132 fusioncache.dat 2014-02-10 21:04 148 008 GDIPFONTCACHEV1.DAT 2014-06-05 18:30 Help 2014-12-18 14:29 1 568 656 IconCache.db 2014-02-24 18:13 Identities 2014-11-30 14:36 Installer 2014-12-18 15:00 Microsoft 2014-10-25 13:17 301 608 nsc125.tmp 2014-10-25 13:20 301 608 nsx131.tmp 2013-08-14 21:26 Opera 2014-06-03 18:49 188 rbxcsettings.rbx 2014-06-03 18:49 Roblox 2014-06-22 16:12 RobloxDownloads 2014-08-29 19:51 RobloxVersions 2014-04-21 10:04 Samsung 2014-03-23 19:40 Skype 2013-08-29 21:19 Sun 2014-06-30 08:26 Temp 2014-03-17 21:29 Torch 2013-12-03 17:54 WMTools Downloaded Files 7 plik(ów) 2 325 320 bajtów 24 katalog(ów) 5 754 413 056 bajtów wolnych ========= End of CMD: ========= EmptyTemp: => Removed 482.1 MB temporary data. The system needed a reboot. ==== End of Fixlog ====