Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-02-2015 Ran by ja at 2015-02-14 20:57:50 Run:2 Running from C:\Documents and Settings\ja\Moje dokumenty\AntyVir i podobne\FRST Loaded Profiles: ja (Available profiles: ja & Administrator & Gość) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: CreateRestorePoint: FF Plugin: @pandasecurity.com/activescan -> C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird HKLM\...\Run: [ISUSPM Startup] => C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup HKLM\...\Run: [ISUSScheduler] => "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start HKLM\...\Policies\Explorer: [NoCDBurning] 0 HKU\S-1-5-21-3955640507-3710774182-547434246-1006\...\Policies\Explorer: [ClassicShell] 0 HKU\S-1-5-21-3955640507-3710774182-547434246-1006\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [1035264 2008-04-14] (Microsoft Corporation) <==== ATTENTION R0 pavboot; C:\WINDOWS\System32\drivers\pavboot.sys [28552 2009-06-30] (Panda Security, S.L.) S3 Ad-Watch Connect Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys [X] S3 Ad-Watch Real-Time Scanner; \??\C:\WINDOWS\system32\drivers\AWRTPD.sys [X] S3 Ad-Watch Registry Filter; \??\C:\WINDOWS\system32\drivers\AWRTRD.sys [X] S3 AthDfu; System32\Drivers\AthDfu.sys [X] S3 Atheros_btAudio; system32\drivers\btathsco.sys [X] S3 btatha2dp; system32\drivers\btatha2dp.sys [X] S3 btathPan; system32\DRIVERS\btathpan.sys [X] S3 BTATHPROT; system32\DRIVERS\btathprot.sys [X] S3 btathrcp; system32\DRIVERS\btathrcp.sys [X] S3 btathspp; system32\DRIVERS\btathspp.sys [X] S3 BTATHUSB; system32\DRIVERS\btathusb.sys [X] S3 btfilter; system32\DRIVERS\btfilter.sys [X] S3 NPF; system32\drivers\npf.sys [X] S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X] S2 svcgdp; C:\Program Files\Software Plate\svcgdp.exe [X] C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software C:\Documents and Settings\All Users\Menu Start\Programy\ALLPlayer C:\Documents and Settings\All Users\Menu Start\Programy\PL-2303 USB-Serial Driver\Uninstaller.lnk C:\Documents and Settings\All Users\Menu Start\Programy\A-Men Technologies USB-Serial Driver\Uninstaller.lnk C:\Documents and Settings\ja\*save2pc.exe C:\Documents and Settings\ja\Dane aplikacji\skype.ini C:\Documents and Settings\ja\Menu Start\Audio Converter Audio Converter.lnk C:\Documents and Settings\ja\Menu Start\Audio Converter Uninstall Audio Converter.lnk C:\Documents and Settings\ja\Menu Start\Video Converter Uninstall Video Converter.lnk C:\Documents and Settings\ja\Menu Start\Video Converter Video Converter.lnk C:\Documents and Settings\ja\Menu Start\Programy\SpyShredder C:\Documents and Settings\ja\Moje dokumenty\Programy ODTWARZACZE\ALLConverter to *.lnk C:\Documents and Settings\ja\Moje dokumenty\Programy ODTWARZACZE\ALLPlayer V4.6.lnk C:\Documents and Settings\ja\Moje dokumenty\Programy ODTWARZACZE\Napi-projekt.lnk C:\Documents and Settings\ja\Moje dokumenty\Programy ODTWARZACZE\QuickTime Player.lnk C:\Documents and Settings\ja\Moje dokumenty\Programy ODTWARZACZE\FLV\flvconverter.exe.lnk C:\Documents and Settings\ja\Pulpit\Lengłydże\ANG...*.lnk C:\Documents and Settings\ja\Pulpit\MOJA GITARA\Skrót do Szkoła Gitary.lnk C:\Documents and Settings\ja\Pulpit\MUZ GIT\Skrót do 1996.Tata 2.lnk C:\Documents and Settings\ja\Pulpit\MUZ GIT\Skrót do Kult.lnk C:\Documents and Settings\ja\Pulpit\MUZ GIT\Олег Шабатовский\Детские песни\Skrót do голубой вагон.doc.lnk C:\Documents and Settings\ja\Pulpit\MUZ GIT\Anna German\Надежда\Skrót do Надежда мой компас земной (Аккорды, видеоразбор).webm.lnk C:\Documents and Settings\ja\Ustawienia lokalne\Dane aplikacji\Conduit C:\Documents and Settings\ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome C:\Program Files\Audacity C:\Program Files\AVAST Software C:\Program Files\Common Files\Ahead C:\Program Files\Mozilla Firefox\extensions C:\Program Files\Mozilla Firefox\plugins C:\Program Files\NAPI-PROJEKT C:\Program Files\Sonic C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension C:\WINDOWS\System32\drivers\pavboot.sys Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f Reg: reg delete HKCU\Software\Google\Chrome /f Reg: reg delete HKLM\SOFTWARE\Google\Chrome /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ALLUpdate" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DLA" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Gadu-Gadu" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UserFaultCheck" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VkontakteDJ" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox (3.0.15)" /f Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6} /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f CMD: sc config "Internet Manager. RunOuc" start= disabled EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan => Key not found. C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll not found. HKLM\Software\Mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} => value deleted successfully. HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup => value deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSScheduler => value deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoCDBurning => value deleted successfully. HKU\S-1-5-21-3955640507-3710774182-547434246-1006\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ClassicShell => value deleted successfully. HKU\S-1-5-21-3955640507-3710774182-547434246-1006\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully. pavboot => Service not found. Ad-Watch Connect Filter => Service deleted successfully. Ad-Watch Real-Time Scanner => Service deleted successfully. Ad-Watch Registry Filter => Service deleted successfully. AthDfu => Service deleted successfully. Atheros_btAudio => Service deleted successfully. btatha2dp => Service deleted successfully. btathPan => Service deleted successfully. BTATHPROT => Service deleted successfully. btathrcp => Service deleted successfully. btathspp => Service deleted successfully. BTATHUSB => Service deleted successfully. btfilter => Service deleted successfully. NPF => Service deleted successfully. rpcapd => Service deleted successfully. svcgdp => Service deleted successfully. C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software => Moved successfully. C:\Documents and Settings\All Users\Menu Start\Programy\ALLPlayer => Moved successfully. C:\Documents and Settings\All Users\Menu Start\Programy\PL-2303 USB-Serial Driver\Uninstaller.lnk => Moved successfully. C:\Documents and Settings\All Users\Menu Start\Programy\A-Men Technologies USB-Serial Driver\Uninstaller.lnk => Moved successfully. C:\Documents and Settings\ja\*save2pc.exe => Moved successfully. C:\Documents and Settings\ja\Dane aplikacji\skype.ini => Moved successfully. C:\Documents and Settings\ja\Menu Start\Audio Converter Audio Converter.lnk => Moved successfully. C:\Documents and Settings\ja\Menu Start\Audio Converter Uninstall Audio Converter.lnk => Moved successfully. C:\Documents and Settings\ja\Menu Start\Video Converter Uninstall Video Converter.lnk => Moved successfully. C:\Documents and Settings\ja\Menu Start\Video Converter Video Converter.lnk => Moved successfully. C:\Documents and Settings\ja\Menu Start\Programy\SpyShredder => Moved successfully. C:\Documents and Settings\ja\Moje dokumenty\Programy ODTWARZACZE\ALLConverter to *.lnk => Moved successfully. C:\Documents and Settings\ja\Moje dokumenty\Programy ODTWARZACZE\ALLPlayer V4.6.lnk => Moved successfully. C:\Documents and Settings\ja\Moje dokumenty\Programy ODTWARZACZE\Napi-projekt.lnk => Moved successfully. C:\Documents and Settings\ja\Moje dokumenty\Programy ODTWARZACZE\QuickTime Player.lnk => Moved successfully. C:\Documents and Settings\ja\Moje dokumenty\Programy ODTWARZACZE\FLV\flvconverter.exe.lnk => Moved successfully. C:\Documents and Settings\ja\Pulpit\Lengłydże\ANG...*.lnk => Moved successfully. C:\Documents and Settings\ja\Pulpit\MOJA GITARA\Skrót do Szkoła Gitary.lnk => Moved successfully. C:\Documents and Settings\ja\Pulpit\MUZ GIT\Skrót do 1996.Tata 2.lnk => Moved successfully. C:\Documents and Settings\ja\Pulpit\MUZ GIT\Skrót do Kult.lnk => Moved successfully. C:\Documents and Settings\ja\Pulpit\MUZ GIT\Олег Шабатовский\Детские песни\Skrót do голубой вагон.doc.lnk => Moved successfully. C:\Documents and Settings\ja\Pulpit\MUZ GIT\Anna German\Надежда\Skrót do Надежда мой компас земной (Аккорды, видеоразбор).webm.lnk => Moved successfully. "C:\Documents and Settings\ja\Ustawienia lokalne\Dane aplikacji\Conduit" => File/Directory not found. C:\Documents and Settings\ja\Ustawienia lokalne\Dane aplikacji\Google\Chrome => Moved successfully. C:\Program Files\Audacity => Moved successfully. C:\Program Files\AVAST Software => Moved successfully. C:\Program Files\Common Files\Ahead => Moved successfully. C:\Program Files\Mozilla Firefox\extensions => Moved successfully. C:\Program Files\Mozilla Firefox\plugins => Moved successfully. C:\Program Files\NAPI-PROJEKT => Moved successfully. C:\Program Files\Sonic => Moved successfully. C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension => Moved successfully. "C:\WINDOWS\System32\drivers\pavboot.sys" => File/Directory not found. ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete HKCU\Software\Google\Chrome /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Google\Chrome /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ALLUpdate" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DLA" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Gadu-Gadu" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UserFaultCheck" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VkontakteDJ" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox (3.0.15)" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6} /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= sc config "Internet Manager. RunOuc" start= disabled ========= [SC] ChangeServiceConfig SUCCESS ========= End of CMD: ========= EmptyTemp: => Removed 1 GB temporary data. The system needed a reboot. ==== End of Fixlog 20:58:11 ====