Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-02-2015 Ran by Admin at 2015-02-07 00:53:41 Run:2 Running from C:\Users\Admin\Downloads Loaded Profiles: Admin (Available profiles: Admin) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: Task: {F9E04659-7BED-4935-B0C9-903915999941} - System32\Tasks\Microsoft\d85905a753f3d1c26ec81ed7e9d98e29 => C:\Users\Admin\AppData\Roaming\DownloadManager\Loader.exe [2015-02-07] (SOFTWARE AGILITY LIMITED) <==== ATTENTION C:\ProgramData\shopshop C:\Users\Admin\AppData\Roaming\appdataFr3.bin C:\Users\Admin\AppData\Roaming\DownloadManager C:\Users\Admin\Downloads\{SpyHunter_4_Crack_Keygen_Setup}.exe C:\Users\Admin\Downloads\{SpyHunter_4_Crack_Keygen_Setup} (1).exe C:\Users\Admin\Downloads\SpyHunter-Installer.exe Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HKLM-x32\...\MSC /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Media+PlayerVidEd2.1 /f CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a "C:\Program Files\Common Files" CMD: dir /a "C:\Program Files (x86)\Common Files" CMD: dir /a C:\ProgramData CMD: dir /a C:\Users\Admin\AppData\Local CMD: dir /a C:\Users\Admin\AppData\LocalLow CMD: dir /a C:\Users\Admin\AppData\Roaming ***************** Processes closed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F9E04659-7BED-4935-B0C9-903915999941}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9E04659-7BED-4935-B0C9-903915999941}" => Key deleted successfully. C:\Windows\System32\Tasks\Microsoft\d85905a753f3d1c26ec81ed7e9d98e29 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\d85905a753f3d1c26ec81ed7e9d98e29" => Key deleted successfully. C:\ProgramData\shopshop => Moved successfully. C:\Users\Admin\AppData\Roaming\appdataFr3.bin => Moved successfully. C:\Users\Admin\AppData\Roaming\DownloadManager => Moved successfully. C:\Users\Admin\Downloads\{SpyHunter_4_Crack_Keygen_Setup}.exe => Moved successfully. C:\Users\Admin\Downloads\{SpyHunter_4_Crack_Keygen_Setup} (1).exe => Moved successfully. C:\Users\Admin\Downloads\SpyHunter-Installer.exe => Moved successfully. ========= reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HKLM-x32\...\MSC /f ========= ERROR: The system was unable to find the specified registry key or value. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Media+PlayerVidEd2.1 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= dir /a "C:\Program Files" ========= Volume in drive C is Windows Volume Serial Number is C2D6-A636 Directory of C:\Program Files 2015-02-06 23:56 . 2015-02-06 23:56 .. 2014-12-09 11:04 7-Zip 2013-11-20 00:36 ATI 2015-02-07 00:13 Common Files 2013-08-22 16:35 174 desktop.ini 2013-11-20 00:49 Hewlett-Packard 2013-11-20 00:42 Intel 2014-12-13 23:01 Internet Explorer 2013-08-26 07:12 MSBuild 2014-09-20 07:17 OblyTile 2013-11-20 00:39 Realtek 2013-08-26 07:12 Reference Assemblies 2013-11-20 00:37 Synaptics 2013-08-22 15:47 Uninstall Information 2014-11-28 23:15 Windows Defender 2014-11-28 23:15 Windows Journal 2013-09-07 02:59 Windows Mail 2014-11-19 21:47 Windows Media Player 2014-11-19 21:48 Windows Multimedia Platform 2014-07-31 09:28 Windows NT 2013-09-07 03:01 Windows Photo Viewer 2014-11-19 21:47 Windows Portable Devices 2013-08-22 16:36 Windows Sidebar 2015-01-25 10:19 WindowsApps 2013-08-22 16:36 WindowsPowerShell 1 File(s) 174 bytes 25 Dir(s) 939ÿ282ÿ001ÿ920 bytes free ========= End of CMD: ========= ========= dir /a "C:\Program Files (x86)" ========= Volume in drive C is Windows Volume Serial Number is C2D6-A636 Directory of C:\Program Files (x86) 2015-02-07 00:19 . 2015-02-07 00:19 .. 2014-12-27 15:59 16aaa09b-8dec-431a-8646-831e986169e9 2013-11-20 00:37 ATI Technologies 2014-09-20 07:17 Common Files 2013-11-20 01:03 CyberLink 2014-11-08 19:27 Cyfrowy Polsat HSPA 2014-12-09 00:19 DeltaFix 2013-08-22 16:34 174 desktop.ini 2014-12-27 15:59 e16569ea-3776-4c7c-badd-7384cb4c864c 2015-02-03 13:38 Google 2013-11-20 01:16 Hewlett-Packard 2013-09-06 17:28 HPConnectedMusic 2013-11-20 01:03 InstallShield Installation Information 2013-11-20 00:39 Intel 2014-11-03 17:28 Intel IPOS BTS 2014 2014-12-13 23:01 Internet Explorer 2014-12-05 21:19 Java 2013-11-20 00:57 McAfee 2013-11-20 00:56 mcafee.com 2013-09-06 17:21 Microsoft Office 2015-01-13 15:44 Microsoft Silverlight 2013-09-06 17:25 Microsoft SQL Server Compact Edition 2013-08-22 16:36 Microsoft.NET 2015-01-15 21:29 Mozilla Firefox 2015-02-03 11:28 Mozilla Maintenance Service 2013-08-26 07:12 MSBuild 2014-07-31 09:31 Online Services 2015-02-06 22:59 Opera 2014-11-11 08:46 PhotoScape 2013-11-20 00:43 Ralink Corporation 2013-11-20 00:41 Realtek 2013-08-26 07:12 Reference Assemblies 2013-11-20 00:41 Temp 2014-11-28 23:15 Windows Defender 2013-09-06 17:25 Windows Live 2013-09-07 02:59 Windows Mail 2014-11-19 21:48 Windows Media Player 2014-11-19 21:48 Windows Multimedia Platform 2013-08-22 16:36 Windows NT 2013-09-07 03:01 Windows Photo Viewer 2014-11-19 21:48 Windows Portable Devices 2013-08-22 16:36 Windows Sidebar 2013-08-22 16:36 WindowsPowerShell 1 File(s) 174 bytes 43 Dir(s) 939ÿ281ÿ874ÿ944 bytes free ========= End of CMD: ========= ========= dir /a "C:\Program Files\Common Files" ========= Volume in drive C is Windows Volume Serial Number is C2D6-A636 Directory of C:\Program Files\Common Files 2015-02-07 00:13 . 2015-02-07 00:13 .. 2013-11-20 00:37 ATI Technologies 2014-11-19 17:52 microsoft shared 2013-08-22 16:36 Services 2015-02-07 00:13 System 0 File(s) 0 bytes 6 Dir(s) 939ÿ281ÿ874ÿ944 bytes free ========= End of CMD: ========= ========= dir /a "C:\Program Files (x86)\Common Files" ========= Volume in drive C is Windows Volume Serial Number is C2D6-A636 Directory of C:\Program Files (x86)\Common Files 2014-09-20 07:17 . 2014-09-20 07:17 .. 2013-11-20 00:56 CyberLink 2013-11-20 00:39 InstallShield 2013-11-20 00:33 Intel 2013-11-20 00:42 Intel Corporation 2015-02-03 13:19 mcafee 2014-11-19 17:52 Microsoft Shared 2013-11-20 01:03 Nikon 2013-11-20 00:38 postureAgent 2013-08-22 16:36 Services 2014-09-20 07:17 SWF Studio 2013-09-07 03:01 System 2013-09-06 17:24 Windows Live 0 File(s) 0 bytes 14 Dir(s) 939ÿ281ÿ870ÿ848 bytes free ========= End of CMD: ========= ========= dir /a C:\ProgramData ========= Volume in drive C is Windows Volume Serial Number is C2D6-A636 Directory of C:\ProgramData 2015-02-07 00:53 . 2015-02-07 00:53 .. 2014-09-20 07:17 389ÿ006 2014-09-20_08-08-08_IPOSInstall.log 2014-11-20 15:43 3831199576290697427 2013-11-20 00:42 Apple 2013-08-22 15:45 Application Data [C:\ProgramData] 2013-11-20 00:37 ATI 2014-12-28 09:34 AVAST Software 2014-11-08 19:28 BandRich 2014-11-20 15:42 cnnknchknkconngmplgpgjgkjlmlehnp 2014-12-08 23:39 Common Files 2014-12-27 15:47 CyberLink 2014-07-31 09:28 Dane aplikacji [C:\ProgramData] 2013-08-22 15:45 Desktop [C:\Users\Public\Desktop] 2013-08-22 15:45 Documents [C:\Users\Public\Documents] 2014-07-31 09:28 Dokumenty [C:\Users\Public\Documents] 2014-12-08 09:57 Hewlett-Packard 2014-11-20 15:43 ideceebndgipdkknkofjoiffpoecbjkn 2014-12-08 23:51 IHProtectUpDate 2013-11-20 01:03 install_clap 2013-11-20 00:42 Intel 2015-02-03 12:20 Malwarebytes 2014-11-11 08:38 McAfee 2014-07-31 09:28 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 2015-01-13 15:45 Microsoft 2014-11-10 11:55 MobileBrServ 2014-11-30 10:23 Mozilla 2015-02-07 00:15 8 ntuser.pol 2014-12-05 21:20 Oracle 2013-11-20 00:35 Package Cache 2014-07-31 09:28 Pulpit [C:\Users\Public\Desktop] 2013-11-20 00:44 Ralink Driver 2013-11-20 10:19 regid.1991-06.com.microsoft 2013-08-22 15:45 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 2014-07-31 09:33 Synaptics 2014-07-31 09:28 Szablony [C:\ProgramData\Microsoft\Windows\Templates] 2014-09-20 07:08 TCE 2013-11-20 01:03 Temp 2013-08-22 15:45 Templates [C:\ProgramData\Microsoft\Windows\Templates] 2013-09-06 17:29 {A5CCDB92-FA53-47D1-89E6-32B82D86621A} 2 File(s) 389ÿ014 bytes 38 Dir(s) 939ÿ281ÿ870ÿ848 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\Admin\AppData\Local ========= Volume in drive C is Windows Volume Serial Number is C2D6-A636 Directory of C:\Users\Admin\AppData\Local 2015-02-07 00:23 . 2015-02-07 00:23 .. 2015-02-06 08:37 Adobe 2014-07-31 09:32 ATI 2014-12-08 23:39 Avg2015 2014-12-27 16:04 com 2014-11-08 19:37 CyberLink 2014-07-31 09:30 Dane aplikacji [C:\Users\Admin\AppData\Local] 2014-11-24 11:56 EmieBrowserModeList 2014-11-20 15:31 EmieSiteList 2014-11-20 15:31 EmieUserList 2014-11-11 08:47 Google 2014-07-31 09:32 Hewlett-Packard 2014-07-31 09:30 Historia [C:\Users\Admin\AppData\Local\Microsoft\Windows\History] 2015-01-30 17:03 HPConnectedMusic 2015-02-07 00:14 284ÿ234 IconCache.db 2014-12-14 12:58 Intel_Corporation 2014-12-06 19:17 Macromedia 2014-11-08 19:39 MediaShow 2014-12-08 23:39 MFAData 2015-02-06 23:11 Microsoft 2014-11-30 10:24 Mozilla 2014-11-11 08:44 Opera Software 2014-11-12 23:25 Packages 2014-07-31 09:32 Power2Go8 2014-12-09 00:03 Programs 2015-02-07 00:53 Temp 2014-07-31 09:30 Temporary Internet Files [C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache] 2014-10-03 09:58 VirtualStore 1 File(s) 284ÿ234 bytes 28 Dir(s) 939ÿ281ÿ866ÿ752 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\Admin\AppData\LocalLow ========= Volume in drive C is Windows Volume Serial Number is C2D6-A636 Directory of C:\Users\Admin\AppData\LocalLow 2015-02-06 08:22 . 2015-02-06 08:22 .. 2014-11-24 12:05 EmieBrowserModeList 2014-11-20 15:31 EmieSiteList 2014-11-20 15:31 EmieUserList 2015-01-13 15:45 Microsoft 2014-12-05 21:17 Sun 0 File(s) 0 bytes 7 Dir(s) 939ÿ281ÿ866ÿ752 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\Admin\AppData\Roaming ========= Volume in drive C is Windows Volume Serial Number is C2D6-A636 Directory of C:\Users\Admin\AppData\Roaming 2015-02-07 00:53 . 2015-02-07 00:53 .. 2014-07-31 09:31 Adobe 2014-07-31 09:32 ATI 2014-11-08 19:38 CyberLink 2014-12-09 00:18 Dropbox 2014-12-08 23:50 GoforFiles 2015-01-08 06:44 HD Tune Pro 2014-07-31 09:35 Hewlett-Packard 2014-07-31 09:35 hpqlog 2014-09-20 07:08 Intel 2014-09-20 07:17 Macromedia 2015-01-31 16:03 Microsoft 2014-11-30 10:24 Mozilla 2014-11-11 08:44 Opera Software 2014-11-11 08:46 PhotoScape 2014-07-31 09:32 Synaptics 2014-12-09 00:03 WebTest 0 File(s) 0 bytes 18 Dir(s) 939ÿ281ÿ866ÿ752 bytes free ========= End of CMD: ========= The system needed a reboot. ==== End of Fixlog 00:53:44 ====