Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-01-2015 Ran by dom at 2015-01-17 20:09:23 Run:1 Running from E:\Pliki instalacyjne\Nowy folder (2) Loaded Profile: dom (Available profiles: dom) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: CreateRestorePoint: Task: {1B5412C3-AE00-4ED3-9BED-9BC835CD5794} - System32\Tasks\{47A33EC2-46E0-4F2D-8F37-AEBA2805C67F} => pcalua.exe -a "E:\Pliki instalacyjne\RadioSure-2.2.1042-setup.exe" -d "E:\Pliki instalacyjne" Task: {344D3F6D-159B-4A7F-8CA9-77EDC1058215} - System32\Tasks\{7A89BFE7-6C1C-4902-A560-8661A1BFF68F} => pcalua.exe -a G:\OriginInstaller.exe -d G:\ Task: {70934480-2C71-49F6-B96D-FCDAD1588DC1} - System32\Tasks\{35A02743-9A84-46CB-B9C1-A754B96E3422} => pcalua.exe -a "E:\Pliki instalacyjne\TagesSetup.exe" -d "E:\Pliki instalacyjne" Task: {72739D77-AE0C-4283-A584-35A573A262C6} - \SPBIW_UpdateTask_Time_313338323736313139352d3437415a556c2a3223346c41 No Task File <==== ATTENTION Task: {A10B48EA-4729-4EBA-A623-5B540BD31B92} - System32\Tasks\CJVW => D:\Users\dom\AppData\Roaming\CJVW.exe <==== ATTENTION Task: {E977AB5D-13A5-409F-95FE-93DA21C4E51A} - System32\Tasks\KOO => D:\Users\dom\AppData\Roaming\KOO.exe <==== ATTENTION Task: C:\Windows\Tasks\CJVW.job => D:\Users\dom\AppData\Roaming\CJVW.exe <==== ATTENTION Task: C:\Windows\Tasks\KOO.job => D:\Users\dom\AppData\Roaming\KOO.exe <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-2821332150-970914226-2612375139-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = StartMenuInternet: IEXPLORE.EXE - iexplore.exe BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File BHO: No Name -> {AF949550-9094-4807-95EC-D1C317803333} -> No File BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File Toolbar: HKU\S-1-5-21-2821332150-970914226-2612375139-1004 -> No Name - {D2BF470E-ED1C-487F-A777-2BD8835EB6CE} - No File Toolbar: HKU\S-1-5-21-2821332150-970914226-2612375139-1004 -> No Name - {D2BF470E-ED1C-487F-A333-2BD8835EB6CE} - No File Toolbar: HKU\S-1-5-21-2821332150-970914226-2612375139-1004 -> No Name - {D2BF470E-ED1C-487F-A666-2BD8835EB6CE} - No File FF StartMenuInternet: FIREFOX.EXE - firefox.exe S2 ASPI32; No ImagePath S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X] D:\Users\dom\AppData\Local\~wmrg D:\Users\dom\AppData\Roaming\CJVW D:\Users\dom\AppData\Roaming\KOO D:\Users\dom\AppData\Roaming\Microsoft\Windows\SendTo\Camouflage File - specify a password.lnk D:\Users\dom\AppData\Roaming\Microsoft\Windows\SendTo\Camouflage File - use standard password.lnk D:\Users\dom\AppData\Roaming\Microsoft\Windows\SendTo\De-Camouflage File - specify a password.lnk D:\Users\dom\AppData\Roaming\Microsoft\Windows\SendTo\De-Camouflage File - use standard password.lnk D:\Users\dom\AppData\Roaming\mozilla\firefox\profiles\krhltvqw.default-1399131589036 D:\Users\dom\AppData\Roaming\mozilla\firefox\profiles\n16fgeh3.default-1398884467910 D:\Users\dom\AppData\Roaming\Opera D:\Users\dom\AppData\Roaming\QuickScan Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Pro Agent" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DriverMax" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DriverMax_RESTART" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EaseUs Tray" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EaseUs Watch" /f Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f CMD: copy /y D:\Users\dom\AppData\Roaming\Mozilla\Firefox\Profiles\ddp0ksvy.default-1399131752396\prefs.js D:\Users\dom\Desktop\prefs.js EmptyTemp: ***************** Processes closed successfully. Error: (0) Failed to create a restore point. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B5412C3-AE00-4ED3-9BED-9BC835CD5794}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B5412C3-AE00-4ED3-9BED-9BC835CD5794}" => Key deleted successfully. C:\Windows\System32\Tasks\{47A33EC2-46E0-4F2D-8F37-AEBA2805C67F} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{47A33EC2-46E0-4F2D-8F37-AEBA2805C67F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{344D3F6D-159B-4A7F-8CA9-77EDC1058215}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{344D3F6D-159B-4A7F-8CA9-77EDC1058215}" => Key deleted successfully. C:\Windows\System32\Tasks\{7A89BFE7-6C1C-4902-A560-8661A1BFF68F} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7A89BFE7-6C1C-4902-A560-8661A1BFF68F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{70934480-2C71-49F6-B96D-FCDAD1588DC1}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70934480-2C71-49F6-B96D-FCDAD1588DC1}" => Key deleted successfully. C:\Windows\System32\Tasks\{35A02743-9A84-46CB-B9C1-A754B96E3422} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{35A02743-9A84-46CB-B9C1-A754B96E3422}" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72739D77-AE0C-4283-A584-35A573A262C6} => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_313338323736313139352d3437415a556c2a3223346c41 => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A10B48EA-4729-4EBA-A623-5B540BD31B92} => Key not found. C:\Windows\System32\Tasks\CJVW not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CJVW => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E977AB5D-13A5-409F-95FE-93DA21C4E51A} => Key not found. C:\Windows\System32\Tasks\KOO not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KOO => Key not found. C:\Windows\Tasks\CJVW.job not found. C:\Windows\Tasks\KOO.job not found. HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => Key not found. HKU\S-1-5-21-2821332150-970914226-2612375139-1004\SOFTWARE\Policies\Microsoft\Internet Explorer => Key not found. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found. HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333} => Key not found. HKCR\CLSID\{AF949550-9094-4807-95EC-D1C317803333} => Key not found. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found. HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found. HKU\S-1-5-21-2821332150-970914226-2612375139-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D2BF470E-ED1C-487F-A777-2BD8835EB6CE} => Value not found. HKCR\CLSID\{D2BF470E-ED1C-487F-A777-2BD8835EB6CE} => Key not found. HKU\S-1-5-21-2821332150-970914226-2612375139-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D2BF470E-ED1C-487F-A333-2BD8835EB6CE} => Value not found. HKCR\CLSID\{D2BF470E-ED1C-487F-A333-2BD8835EB6CE} => Key not found. HKU\S-1-5-21-2821332150-970914226-2612375139-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D2BF470E-ED1C-487F-A666-2BD8835EB6CE} => Value not found. HKCR\CLSID\{D2BF470E-ED1C-487F-A666-2BD8835EB6CE} => Key not found. HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Value was restored successfully. ASPI32 => Service not found. VBoxNetFlt => Service not found. D:\Users\dom\AppData\Local\~wmrg => Moved successfully. D:\Users\dom\AppData\Roaming\CJVW => Moved successfully. "D:\Users\dom\AppData\Roaming\KOO" => File/Directory not found. D:\Users\dom\AppData\Roaming\Microsoft\Windows\SendTo\Camouflage File - specify a password.lnk => Moved successfully. D:\Users\dom\AppData\Roaming\Microsoft\Windows\SendTo\Camouflage File - use standard password.lnk => Moved successfully. D:\Users\dom\AppData\Roaming\Microsoft\Windows\SendTo\De-Camouflage File - specify a password.lnk => Moved successfully. D:\Users\dom\AppData\Roaming\Microsoft\Windows\SendTo\De-Camouflage File - use standard password.lnk => Moved successfully. D:\Users\dom\AppData\Roaming\mozilla\firefox\profiles\krhltvqw.default-1399131589036 => Moved successfully. D:\Users\dom\AppData\Roaming\mozilla\firefox\profiles\n16fgeh3.default-1398884467910 => Moved successfully. D:\Users\dom\AppData\Roaming\Opera => Moved successfully. D:\Users\dom\AppData\Roaming\QuickScan => Moved successfully. ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Pro Agent" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DriverMax" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DriverMax_RESTART" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EaseUs Tray" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EaseUs Watch" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= copy /y D:\Users\dom\AppData\Roaming\Mozilla\Firefox\Profiles\ddp0ksvy.default-1399131752396\prefs.js D:\Users\dom\Desktop\prefs.js ========= Liczba skopiowanych plik¢w: 1. ========= End of CMD: ========= EmptyTemp: => Removed 43.5 MB temporary data. The system needed a reboot. ==== End of Fixlog 20:09:46 ====