Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-02-2015 Ran by Michał&Damian at 2015-02-24 15:06:12 Run:5 Running from C:\Users\Michał&Damian\Desktop\frst Loaded Profiles: Michał&Damian (Available profiles: Michał&Damian) Boot Mode: Normal ============================================== Content of fixlist: ***************** Reg: reg query HKLM\SOFTWARE\Classes\.bmp /s Reg: reg query HKLM\SOFTWARE\Classes\.gif /s Reg: reg query HKLM\SOFTWARE\Classes\.jpe /s Reg: reg query HKLM\SOFTWARE\Classes\.jpeg /s Reg: reg query HKLM\SOFTWARE\Classes\.jpg /s Reg: reg query HKLM\SOFTWARE\Classes\.png /s Reg: reg query HKLM\SOFTWARE\Classes\CLSID\{098f2470-bae0-11cd-b579-08002b30bfeb} /s Reg: reg query HKLM\SOFTWARE\Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13} /s Reg: reg query HKLM\SOFTWARE\Classes\CLSID\{607fd4e8-0a03-11d1-ab1d-00c04fc9b304} /s Reg: reg query HKLM\SOFTWARE\Classes\CLSID\{A3CCEDF7-2DE2-11D0-86F4-00A0C913F750} /s Reg: reg query HKLM\SOFTWARE\Classes\MIME\Database\Content Type\image/bmp /s Reg: reg query HKLM\SOFTWARE\Classes\MIME\Database\Content Type\image/gif /s Reg: reg query HKLM\SOFTWARE\Classes\MIME\Database\Content Type\image/jpeg /s Reg: reg query HKLM\SOFTWARE\Classes\MIME\Database\Content Type\image/png /s Reg: reg query HKLM\SOFTWARE\Classes\giffile /s Reg: reg query HKLM\SOFTWARE\Classes\jpegfile /s Reg: reg query HKLM\SOFTWARE\Classes\pngfile /s ***************** ========= reg query HKLM\SOFTWARE\Classes\.bmp /s ========= HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bmp Content Type REG_SZ image/bmp (domy˜lny) REG_SZ Paint.Picture PerceivedType REG_SZ image HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bmp\OpenWithList HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bmp\OpenWithList\ehshell.exe HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bmp\OpenWithList\MSPaint.exe (domy˜lny) REG_SZ HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bmp\OpenWithList\ois.exe (domy˜lny) REG_SZ HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bmp\OpenWithProgids Paint.Picture REG_SZ WindowsLive.PhotoGallery.bmp.14.0 REG_SZ Opera.Image REG_NONE HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bmp\PersistentHandler (domy˜lny) REG_SZ {098f2470-bae0-11cd-b579-08002b30bfeb} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bmp\ShellNew ItemName REG_EXPAND_SZ @%systemroot%\system32\mspaint.exe,-59414 NullFile REG_SZ ========= End of Reg: ========= ========= reg query HKLM\SOFTWARE\Classes\.gif /s ========= HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.gif Content Type REG_SZ image/gif (domy˜lny) REG_SZ giffile PerceivedType REG_SZ image HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.gif\OpenWithList HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.gif\OpenWithList\ehshell.exe HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.gif\OpenWithList\ois.exe (domy˜lny) REG_SZ HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.gif\OpenWithProgids giffile REG_SZ WindowsLive.PhotoGallery.gif.14.0 REG_SZ Opera.Image REG_NONE HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.gif\PersistentHandler (domy˜lny) REG_SZ {098f2470-bae0-11cd-b579-08002b30bfeb} ========= End of Reg: ========= ========= reg query HKLM\SOFTWARE\Classes\.jpe /s ========= HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpe Content Type REG_SZ image/jpeg (domy˜lny) REG_SZ jpegfile PerceivedType REG_SZ image HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpe\OpenWithList HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpe\OpenWithList\ois.exe (domy˜lny) REG_SZ HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpe\OpenWithProgids jpegfile REG_SZ WindowsLive.PhotoGallery.jpg.14.0 REG_SZ HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpe\PersistentHandler (domy˜lny) REG_SZ {098f2470-bae0-11cd-b579-08002b30bfeb} ========= End of Reg: ========= ========= reg query HKLM\SOFTWARE\Classes\.jpeg /s ========= HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpeg Content Type REG_SZ image/jpeg (domy˜lny) REG_SZ jpegfile PerceivedType REG_SZ image HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpeg\OpenWithList HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpeg\OpenWithList\ehshell.exe HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpeg\OpenWithList\ois.exe (domy˜lny) REG_SZ HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpeg\OpenWithProgids jpegfile REG_SZ WindowsLive.PhotoGallery.jpg.14.0 REG_SZ Opera.Image REG_NONE HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpeg\PersistentHandler (domy˜lny) REG_SZ {098f2470-bae0-11cd-b579-08002b30bfeb} ========= End of Reg: ========= ========= reg query HKLM\SOFTWARE\Classes\.jpg /s ========= HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpg Content Type REG_SZ image/jpeg (domy˜lny) REG_SZ jpegfile PerceivedType REG_SZ image HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpg\OpenWithList HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpg\OpenWithList\ehshell.exe HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpg\OpenWithList\ois.exe (domy˜lny) REG_SZ HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpg\OpenWithProgids jpegfile REG_SZ WindowsLive.PhotoGallery.jpg.14.0 REG_SZ Opera.Image REG_NONE HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jpg\PersistentHandler (domy˜lny) REG_SZ {098f2470-bae0-11cd-b579-08002b30bfeb} ========= End of Reg: ========= ========= reg query HKLM\SOFTWARE\Classes\.png /s ========= HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.png Content Type REG_SZ image/png (domy˜lny) REG_SZ pngfile PerceivedType REG_SZ image HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.png\OpenWithList HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.png\OpenWithList\ehshell.exe HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.png\OpenWithList\ois.exe (domy˜lny) REG_SZ HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.png\OpenWithProgids pngfile REG_SZ WindowsLive.PhotoGallery.png.14.0 REG_SZ Opera.Image REG_NONE HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.png\PersistentHandler (domy˜lny) REG_SZ {098f2470-bae0-11cd-b579-08002b30bfeb} ========= End of Reg: ========= ========= reg query HKLM\SOFTWARE\Classes\CLSID\{098f2470-bae0-11cd-b579-08002b30bfeb} /s ========= HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{098f2470-bae0-11cd-b579-08002b30bfeb} (domy˜lny) REG_SZ Null persistent handler HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{098f2470-bae0-11cd-b579-08002b30bfeb}\PersistentAddinsRegistered HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{098f2470-bae0-11cd-b579-08002b30bfeb}\PersistentAddinsRegistered\{89BCB740-6119-101A-BCB7-00DD010655AF} (domy˜lny) REG_SZ {c3278e90-bea7-11cd-b579-08002b30bfeb} ========= End of Reg: ========= ========= reg query HKLM\SOFTWARE\Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13} /s ========= HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13} (domy˜lny) REG_SZ HTML Document HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\BrowseInPlace HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\DefaultIcon (domy˜lny) REG_SZ C:\Program Files\Internet Explorer\iexplore.exe,-19 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\EnablePlugin HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\EnablePlugin\.css (domy˜lny) REG_SZ PointPlus plugin HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InProcServer32 (domy˜lny) REG_SZ C:\Windows\System32\mshtml.dll Assembly REG_SZ Microsoft.mshtml, Version=7.0.3300.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a RuntimeVersion REG_SZ v1.0.3705 Class REG_SZ mshtml.HTMLDocumentClass ThreadingModel REG_SZ Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InProcServer32\7.0.3300.0 (domy˜lny) REG_SZ C:\Windows\System32\mshtml.dll Assembly REG_SZ Microsoft.mshtml, Version=7.0.3300.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a RuntimeVersion REG_SZ v1.0.3705 Class REG_SZ mshtml.HTMLDocumentClass ThreadingModel REG_SZ Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\MiscStatus (domy˜lny) REG_SZ 2228625 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\PersistentHandler (domy˜lny) REG_SZ {eec97550-47a9-11cf-b952-00aa0051fe20} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\ProgID (domy˜lny) REG_SZ htmlfile HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\TypeLib (domy˜lny) REG_SZ {3050f1c5-98b5-11cf-bb82-00aa00bdce0b} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\Version (domy˜lny) REG_SZ 4.0 ========= End of Reg: ========= ========= reg query HKLM\SOFTWARE\Classes\CLSID\{607fd4e8-0a03-11d1-ab1d-00c04fc9b304} /s ========= HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{607fd4e8-0a03-11d1-ab1d-00c04fc9b304} (domy˜lny) REG_SZ CoICOFilter Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{607fd4e8-0a03-11d1-ab1d-00c04fc9b304}\InProcServer32 (domy˜lny) REG_SZ C:\Windows\System32\mshtml.dll ThreadingModel REG_SZ Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{607fd4e8-0a03-11d1-ab1d-00c04fc9b304}\ProgID (domy˜lny) REG_SZ ICOFilter.CoICOFilter.1 ========= End of Reg: ========= ========= reg query HKLM\SOFTWARE\Classes\CLSID\{A3CCEDF7-2DE2-11D0-86F4-00A0C913F750} /s ========= HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3CCEDF7-2DE2-11D0-86F4-00A0C913F750} (domy˜lny) REG_SZ CoPNGFilter Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3CCEDF7-2DE2-11D0-86F4-00A0C913F750}\InProcServer32 (domy˜lny) REG_SZ C:\Windows\System32\pngfilt.dll ThreadingModel REG_SZ Both HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3CCEDF7-2DE2-11D0-86F4-00A0C913F750}\ProgID (domy˜lny) REG_SZ PNGFilter.CoPNGFilter.1 ========= End of Reg: ========= ========= reg query HKLM\SOFTWARE\Classes\MIME\Database\Content Type\image/bmp /s ========= Bť¤D: Nieprawidˆowa skˆadania. Aby pozna† spos˘b uľycia, wpisz "REG QUERY /?". ========= End of Reg: ========= ========= reg query HKLM\SOFTWARE\Classes\MIME\Database\Content Type\image/gif /s ========= Bť¤D: Nieprawidˆowa skˆadania. Aby pozna† spos˘b uľycia, wpisz "REG QUERY /?". ========= End of Reg: ========= ========= reg query HKLM\SOFTWARE\Classes\MIME\Database\Content Type\image/jpeg /s ========= Bť¤D: Nieprawidˆowa skˆadania. Aby pozna† spos˘b uľycia, wpisz "REG QUERY /?". ========= End of Reg: ========= ========= reg query HKLM\SOFTWARE\Classes\MIME\Database\Content Type\image/png /s ========= Bť¤D: Nieprawidˆowa skˆadania. Aby pozna† spos˘b uľycia, wpisz "REG QUERY /?". ========= End of Reg: ========= ========= reg query HKLM\SOFTWARE\Classes\giffile /s ========= HKEY_LOCAL_MACHINE\SOFTWARE\Classes\giffile (domy˜lny) REG_SZ GIF Image FriendlyTypeName REG_EXPAND_SZ @%SystemRoot%\System32\shell32.dll,-30595 ImageOptionFlags REG_DWORD 0x0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\giffile\CLSID (domy˜lny) REG_SZ {25336920-03F9-11cf-8FD0-00AA00686F13} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\giffile\DefaultIcon (domy˜lny) REG_EXPAND_SZ %SystemRoot%\System32\imageres.dll,-71 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\giffile\shell HKEY_LOCAL_MACHINE\SOFTWARE\Classes\giffile\shell\Convert image file HKEY_LOCAL_MACHINE\SOFTWARE\Classes\giffile\shell\Convert image file\command (domy˜lny) REG_SZ "C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe" -extfind Pixillion "%L" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\giffile\shell\Create slideshow HKEY_LOCAL_MACHINE\SOFTWARE\Classes\giffile\shell\Create slideshow\command (domy˜lny) REG_SZ "C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe" -extfind PhotoStage "%L" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\giffile\shell\Open CommandId REG_SZ IE.File HKEY_LOCAL_MACHINE\SOFTWARE\Classes\giffile\shell\Open\command (domy˜lny) REG_SZ "C:\Program Files\Internet Explorer\iexplore.exe" %1 DelegateExecute REG_SZ {17FE9752-0B5A-4665-84CD-569794602F5C} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\giffile\shell\printto HKEY_LOCAL_MACHINE\SOFTWARE\Classes\giffile\shell\printto\command (domy˜lny) REG_EXPAND_SZ "%SystemRoot%\System32\rundll32.exe" "%SystemRoot%\System32\shimgvw.dll",ImageView_PrintTo /pt "%1" "%2" "%3" "%4" ========= End of Reg: ========= ========= reg query HKLM\SOFTWARE\Classes\jpegfile /s ========= HKEY_LOCAL_MACHINE\SOFTWARE\Classes\jpegfile (domy˜lny) REG_SZ JPEG Image EditFlags REG_DWORD 0x10000 FriendlyTypeName REG_EXPAND_SZ @%SystemRoot%\System32\shell32.dll,-30596 ImageOptionFlags REG_DWORD 0x1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\jpegfile\CLSID (domy˜lny) REG_SZ {25336920-03F9-11cf-8FD0-00AA00686F13} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\jpegfile\DefaultIcon (domy˜lny) REG_EXPAND_SZ %SystemRoot%\System32\imageres.dll,-72 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\jpegfile\shell HKEY_LOCAL_MACHINE\SOFTWARE\Classes\jpegfile\shell\Convert image file HKEY_LOCAL_MACHINE\SOFTWARE\Classes\jpegfile\shell\Convert image file\command (domy˜lny) REG_SZ "C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe" -extfind Pixillion "%L" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\jpegfile\shell\Create slideshow HKEY_LOCAL_MACHINE\SOFTWARE\Classes\jpegfile\shell\Create slideshow\command (domy˜lny) REG_SZ "C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe" -extfind PhotoStage "%L" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\jpegfile\shell\open MuiVerb REG_EXPAND_SZ @%ProgramFiles%\Windows Photo Viewer\photoviewer.dll,-3043 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\jpegfile\shell\open\command (domy˜lny) REG_EXPAND_SZ %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\jpegfile\shell\open\DropTarget Clsid REG_SZ {FFE2A43C-56B9-4bf5-9A79-CC6D4285608A} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\jpegfile\shell\printto HKEY_LOCAL_MACHINE\SOFTWARE\Classes\jpegfile\shell\printto\command (domy˜lny) REG_EXPAND_SZ "%SystemRoot%\System32\rundll32.exe" "%SystemRoot%\System32\shimgvw.dll",ImageView_PrintTo /pt "%1" "%2" "%3" "%4" ========= End of Reg: ========= ========= reg query HKLM\SOFTWARE\Classes\pngfile /s ========= HKEY_LOCAL_MACHINE\SOFTWARE\Classes\pngfile (domy˜lny) REG_SZ PNG Image EditFlags REG_DWORD 0x10000 FriendlyTypeName REG_EXPAND_SZ @%SystemRoot%\System32\shell32.dll,-30598 ImageOptionFlags REG_DWORD 0x1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\pngfile\CLSID (domy˜lny) REG_SZ {25336920-03F9-11cf-8FD0-00AA00686F13} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\pngfile\DefaultIcon (domy˜lny) REG_EXPAND_SZ %SystemRoot%\System32\imageres.dll,-83 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\pngfile\shell HKEY_LOCAL_MACHINE\SOFTWARE\Classes\pngfile\shell\Convert image file HKEY_LOCAL_MACHINE\SOFTWARE\Classes\pngfile\shell\Convert image file\command (domy˜lny) REG_SZ "C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe" -extfind Pixillion "%L" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\pngfile\shell\Create slideshow HKEY_LOCAL_MACHINE\SOFTWARE\Classes\pngfile\shell\Create slideshow\command (domy˜lny) REG_SZ "C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe" -extfind PhotoStage "%L" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\pngfile\shell\open MuiVerb REG_EXPAND_SZ @%ProgramFiles%\Windows Photo Viewer\photoviewer.dll,-3043 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\pngfile\shell\open\command (domy˜lny) REG_EXPAND_SZ %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\pngfile\shell\open\DropTarget Clsid REG_SZ {FFE2A43C-56B9-4bf5-9A79-CC6D4285608A} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\pngfile\shell\printto HKEY_LOCAL_MACHINE\SOFTWARE\Classes\pngfile\shell\printto\command (domy˜lny) REG_EXPAND_SZ "%SystemRoot%\System32\rundll32.exe" "%SystemRoot%\System32\shimgvw.dll",ImageView_PrintTo /pt "%1" "%2" "%3" "%4" ========= End of Reg: ========= ==== End of Fixlog 15:06:12 ====