Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015 Ran by kubos at 2015-03-18 15:58:02 Run:2 Running from C:\Users\kubos\Desktop Loaded Profiles: kubos (Available profiles: kubos & UpdatusUser) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: CreateRestorePoint: R1 {078ad437-dc9f-4228-9edb-b3d1c0246ff8}Gw64; C:\Windows\System32\drivers\{078ad437-dc9f-4228-9edb-b3d1c0246ff8}Gw64.sys [48784 2014-12-09] (StdLib) R1 {27899312-155f-40f3-8661-fb6675d82b4b}Gw64; C:\Windows\System32\drivers\{27899312-155f-40f3-8661-fb6675d82b4b}Gw64.sys [48784 2014-12-21] (StdLib) R1 {2bf1e193-df72-4e3c-9f15-d1dc6e2f810f}Gw64; C:\Windows\System32\drivers\{2bf1e193-df72-4e3c-9f15-d1dc6e2f810f}Gw64.sys [48784 2014-12-07] (StdLib) R1 {40d1e549-9fca-4f25-a19d-d845842dd635}Gw64; C:\Windows\System32\drivers\{40d1e549-9fca-4f25-a19d-d845842dd635}Gw64.sys [48784 2014-12-31] (StdLib) R1 {507a9b68-2b48-4a22-b662-e674fb6a16f7}Gw64; C:\Windows\System32\drivers\{507a9b68-2b48-4a22-b662-e674fb6a16f7}Gw64.sys [48776 2014-12-05] (StdLib) R1 {84edc66f-0e16-4519-bd1a-cead01f243ac}Gw64; C:\Windows\System32\drivers\{84edc66f-0e16-4519-bd1a-cead01f243ac}Gw64.sys [48784 2015-01-04] (StdLib) R1 {91975f83-f39c-43cf-aad4-0b3396b0f6db}Gw64; C:\Windows\System32\drivers\{91975f83-f39c-43cf-aad4-0b3396b0f6db}Gw64.sys [48784 2015-01-05] (StdLib) R1 {a16a1775-5ab3-4034-ac52-de0795db97f0}Gw64; C:\Windows\System32\drivers\{a16a1775-5ab3-4034-ac52-de0795db97f0}Gw64.sys [48784 2014-12-13] (StdLib) R1 {c88279d3-91dd-4bd9-ad38-681f71d6e36d}Gw64; C:\Windows\System32\drivers\{c88279d3-91dd-4bd9-ad38-681f71d6e36d}Gw64.sys [48784 2014-12-27] (StdLib) R1 {ca4e7e4c-3ebf-4428-bf75-cc138b7061f1}Gw64; C:\Windows\System32\drivers\{ca4e7e4c-3ebf-4428-bf75-cc138b7061f1}Gw64.sys [48784 2014-12-25] (StdLib) R1 {df47b99d-26f5-45f4-85c5-97b4da365f21}Gw64; C:\Windows\System32\drivers\{df47b99d-26f5-45f4-85c5-97b4da365f21}Gw64.sys [48776 2014-11-29] (StdLib) R1 {f2f2c4d5-f6ac-4c21-8cea-257783669e49}Gw64; C:\Windows\System32\drivers\{f2f2c4d5-f6ac-4c21-8cea-257783669e49}Gw64.sys [48776 2014-11-28] (StdLib) R1 {fb92e7a9-ee13-44c3-a51b-600382fe9211}Gw64; C:\Windows\System32\drivers\{fb92e7a9-ee13-44c3-a51b-600382fe9211}Gw64.sys [48784 2014-12-18] (StdLib) S2 51cdb72; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.11\OptProCrash.dll",ENT Task: {20D97CD1-A735-41C7-B0B2-4B95F8811BEA} - System32\Tasks\{8B0ADA23-6339-4A92-BA17-8BD048CC3740} => pcalua.exe -a C:\PROGRA~2\SearchProtect\Main\bin\uninstall.exe -c /S <==== ATTENTION Task: {2881B310-63B1-4578-9210-8E6329411CE3} - System32\Tasks\{6540ED2A-C93A-41D0-B771-3AAF5B282D0D} => pcalua.exe -a "C:\Users\kubos\Downloads\Nero Free 9.4.12.3d [1].exe" -d C:\Users\kubos\Downloads Task: {31F970C7-95CA-42D8-B4DB-382BC87E7E51} - System32\Tasks\fc6a064f-a2dd-4cc3-9a73-369f24d55904 => C:\Program Files (x86)\Internet Speed Checker\fc6a064f-a2dd-4cc3-9a73-369f24d55904.exe <==== ATTENTION Task: {42501103-E946-4E04-81B4-8D5AD39D48AA} - System32\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-5_user => C:\Program Files (x86)\Internet Speed Checker\abcbc285-3637-41b2-832a-af47b6df0881-5.exe <==== ATTENTION Task: {6516DC79-98C6-4D96-BFE9-BD862D139235} - System32\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-11 => C:\Program Files (x86)\Internet Speed Checker\abcbc285-3637-41b2-832a-af47b6df0881-11.exe <==== ATTENTION Task: {6569D626-D40F-4525-8673-8ABEB0BAD5D9} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION Task: {8B441A5E-CFFD-4911-8036-1F5134295F86} - System32\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-1 => C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-codedownloader.exe <==== ATTENTION Task: {939C71BB-234E-4F60-9F58-C4B129EAA116} - System32\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-6 => C:\Program Files (x86)\Internet Speed Checker\abcbc285-3637-41b2-832a-af47b6df0881-6.exe <==== ATTENTION Task: {97D052A8-3A56-49A6-8271-E6DBA4BC0F24} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: {AE4FCE2A-A072-4540-84E2-676C2D494006} - System32\Tasks\WSE_Vosteran => C:\Users\kubos\AppData\Roaming\WSE_VO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: {B5795390-4024-4ADB-B06D-2C2DC60A3422} - System32\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-7 => C:\Program Files (x86)\Internet Speed Checker\abcbc285-3637-41b2-832a-af47b6df0881-7.exe <==== ATTENTION Task: {BE1350EB-A9BF-4A46-9B1D-BFFD817DE58F} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: {D7AB393A-9F53-4225-92BF-5E3DCCC9E9DC} - System32\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-4 => C:\Program Files (x86)\Internet Speed Checker\abcbc285-3637-41b2-832a-af47b6df0881-4.exe <==== ATTENTION Task: {DE514776-EE0F-439D-9774-92F70F5D32CE} - System32\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-5 => C:\Program Files (x86)\Internet Speed Checker\abcbc285-3637-41b2-832a-af47b6df0881-5.exe <==== ATTENTION Task: {FD1608F1-C577-4570-BABF-47F4B4D51FD5} - System32\Tasks\9472bf32-801e-4380-a93a-312d3363a0e3 => C:\Program Files (x86)\Internet Speed Checker\9472bf32-801e-4380-a93a-312d3363a0e3.exe <==== ATTENTION Task: C:\Windows\Tasks\9472bf32-801e-4380-a93a-312d3363a0e3.job => C:\Program Files (x86)\Internet Speed Checker\9472bf32-801e-4380-a93a-312d3363a0e3.exe <==== ATTENTION Task: C:\Windows\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-1.job => C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-11.job => C:\Program Files (x86)\Internet Speed Checker\abcbc285-3637-41b2-832a-af47b6df0881-11.exe <==== ATTENTION Task: C:\Windows\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-4.job => C:\Program Files (x86)\Internet Speed Checker\abcbc285-3637-41b2-832a-af47b6df0881-4.exe <==== ATTENTION Task: C:\Windows\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-5.job => C:\Program Files (x86)\Internet Speed Checker\abcbc285-3637-41b2-832a-af47b6df0881-5.exe <==== ATTENTION Task: C:\Windows\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-5_user.job => C:\Program Files (x86)\Internet Speed Checker\abcbc285-3637-41b2-832a-af47b6df0881-5.exe <==== ATTENTION Task: C:\Windows\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-6.job => C:\Program Files (x86)\Internet Speed Checker\abcbc285-3637-41b2-832a-af47b6df0881-6.exe <==== ATTENTION Task: C:\Windows\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-7.job => C:\Program Files (x86)\Internet Speed Checker\abcbc285-3637-41b2-832a-af47b6df0881-7.exe <==== ATTENTION Task: C:\Windows\Tasks\fc6a064f-a2dd-4cc3-9a73-369f24d55904.job => C:\Program Files (x86)\Internet Speed Checker\fc6a064f-a2dd-4cc3-9a73-369f24d55904.exe/agentregpath='Internet Speed Checker' /appid=61752 /srcid='001726' /subid='0' /zdata='0' /bic=0F0585D1A52C44C2B41A5CE792074BC2IE /verifier=9e3f5c19e8c89e01b16a0281ad9e9ad1 /installerversion=1_35_09_29 /installationtime=1416664547 /statsdomain=http://stats.newonlinedemoserv.com /errorsdomain=http://errors.newonlinedemoserv.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 /monetizationdomain=http://logs.newonlinedemoserv.com <==== ATTENTION HKU\S-1-5-18\...\Run: [DevconDefaultDB] => C:\Windows\system32\READREG /SILENT /FAIL=1 AppInit_DLLs-x32: _c:\progra~2\search~1\search~1\bin\vc32lo~1.dll => "c:\progra~2\search~1\search~1\bin\vc32lo~1.dll" File Not Found ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKU\S-1-5-21-1364691054-2715564713-2932916954-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE HKU\S-1-5-21-1364691054-2715564713-2932916954-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID=226786&Mkt=pl-PL&Src=MSE&Tid=00032955&OHP=http%3A%2F%2FVosteran.com%2F%3Ff%3D1%26a%3Dvst_aw_14_48_ie%26cd%3D2XzuyEtN2Y1L1QzutDtDtD0F0E0AyD0Czz0AzyzytAyByC0FtN0D0Tzu0StCtDyCyEtN1L2XzutAtFyCtFyCtFtDtN1L1Czu0C0I0S0V0E0R1V1BtN1L1G1B1V1N2Y1L1Qzu2SyCyEtBtCtAyCtBzytGtAtA0C0FtGtCzz0F0BtG0ByDtB0AtGtA0EtAtDyBtBtCtDzz0Czz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzyyC0B0EzytAzztGtDtCtCtBtGyE0B0DtAtG0AyBtC0CtG0C0B0CyB0B0FzztDtA0AtA0B2Q%26cr%3D112183739%26ir%3D&OSP=http%3A%2F%2FVosteran.com%2Fresults.php%3Ff%3D4%26q%3D{searchTerms}%26a%3Dvst_aw_14_48_ie%26cd%3D2XzuyEtN2Y1L1QzutDtDtD0F0E0AyD0Czz0AzyzytAyByC0FtN0D0Tzu0StCtDyCyEtN1L2XzutAtFyCtFyCtFtDtN1L1Czu0C0I0S0V0E0R1V1BtN1L1G1B1V1N2Y1L1Qzu2SyCyEtBtCtAyCtBzytGtAtA0C0FtGtCzz0F0BtG0ByDtB0AtGtA0EtAtDyBtBtCtDzz0Czz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzyyC0B0EzytAzztGtDtCtCtBtGyE0B0DtAtG0AyBtC0CtG0C0B0CyB0B0FzztDtA0AtA0B2Q%26cr%3D112183739%26ir%3D SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = SearchScopes: HKU\S-1-5-21-1364691054-2715564713-2932916954-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKU\S-1-5-21-1364691054-2715564713-2932916954-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = BHO-x32: Hold Page 1.0.0.7 -> {6c14185e-4de6-4a79-985b-19f23fd1e638} -> C:\Program Files (x86)\Hold Page\HoldPageBHO.dll No File BHO-x32: ruealdEal -> {914eceaa-4582-4925-891d-1b356511fc4f} -> C:\Program Files (x86)\ruealdEal\oR4mmrqaUf7kxy.dll No File BHO-x32: sAvinngttoYooU -> {a5a20214-55dc-484d-8d8e-fd236e9bfd85} -> C:\Program Files (x86)\sAvinngttoYooU\u49bid3w2SzBJI.dll No File FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll No File FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File C:\Program Files (x86)\02b93d75-5ec8-462c-851f-5d91d227cd32 C:\Program Files (x86)\BocaInit C:\Program Files (x86)\dealsterr C:\Program Files (x86)\GeoSurf C:\Program Files (x86)\Google C:\Program Files (x86)\ruealdEal C:\Program Files (x86)\saViNesuhop C:\Program Files (x86)\savingtoyoouu C:\Program Files (x86)\sAvinngttoYooU C:\ProgramData\11127976247202785533 C:\ProgramData\600440862 C:\ProgramData\AVAST Software C:\ProgramData\RandomDealApp C:\Users\kubos\AppData\Local\Kosong.Bron.Tok.txt C:\Users\kubos\AppData\Local\Google C:\Users\kubos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url C:\Users\kubos\Desktop\Play Games Online.url C:\Windows\46B04D534E344388B6EE80FAB66AEF9B.TMP C:\Windows\system32\2015-*.log C:\Windows\System32\drivers\{078ad437-dc9f-4228-9edb-b3d1c0246ff8}Gw64.sys C:\Windows\System32\drivers\{27899312-155f-40f3-8661-fb6675d82b4b}Gw64.sys C:\Windows\System32\drivers\{2bf1e193-df72-4e3c-9f15-d1dc6e2f810f}Gw64.sys C:\Windows\System32\drivers\{40d1e549-9fca-4f25-a19d-d845842dd635}Gw64.sys C:\Windows\System32\drivers\{507a9b68-2b48-4a22-b662-e674fb6a16f7}Gw64.sys C:\Windows\System32\drivers\{84edc66f-0e16-4519-bd1a-cead01f243ac}Gw64.sys C:\Windows\System32\drivers\{91975f83-f39c-43cf-aad4-0b3396b0f6db}Gw64.sys C:\Windows\System32\drivers\{a16a1775-5ab3-4034-ac52-de0795db97f0}Gw64.sys C:\Windows\System32\drivers\{c88279d3-91dd-4bd9-ad38-681f71d6e36d}Gw64.sys C:\Windows\System32\drivers\{ca4e7e4c-3ebf-4428-bf75-cc138b7061f1}Gw64.sys C:\Windows\System32\drivers\{df47b99d-26f5-45f4-85c5-97b4da365f21}Gw64.sys C:\Windows\System32\drivers\{f2f2c4d5-f6ac-4c21-8cea-257783669e49}Gw64.sys C:\Windows\System32\drivers\{fb92e7a9-ee13-44c3-a51b-600382fe9211}Gw64.sys Reg: reg delete HKCU\Software\Google /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Google /f CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a "C:\Program Files\Common Files" CMD: dir /a "C:\Program Files (x86)\Common Files" CMD: dir /a C:\ProgramData CMD: dir /a C:\Users\kubos\AppData\Local CMD: dir /a C:\Users\kubos\AppData\LocalLow CMD: dir /a C:\Users\kubos\AppData\Roaming EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. {078ad437-dc9f-4228-9edb-b3d1c0246ff8}Gw64 => Service stopped successfully. {078ad437-dc9f-4228-9edb-b3d1c0246ff8}Gw64 => Service deleted successfully. {27899312-155f-40f3-8661-fb6675d82b4b}Gw64 => Service stopped successfully. {27899312-155f-40f3-8661-fb6675d82b4b}Gw64 => Service deleted successfully. {2bf1e193-df72-4e3c-9f15-d1dc6e2f810f}Gw64 => Service stopped successfully. {2bf1e193-df72-4e3c-9f15-d1dc6e2f810f}Gw64 => Service deleted successfully. {40d1e549-9fca-4f25-a19d-d845842dd635}Gw64 => Service stopped successfully. {40d1e549-9fca-4f25-a19d-d845842dd635}Gw64 => Service deleted successfully. {507a9b68-2b48-4a22-b662-e674fb6a16f7}Gw64 => Service stopped successfully. {507a9b68-2b48-4a22-b662-e674fb6a16f7}Gw64 => Service deleted successfully. {84edc66f-0e16-4519-bd1a-cead01f243ac}Gw64 => Service stopped successfully. {84edc66f-0e16-4519-bd1a-cead01f243ac}Gw64 => Service deleted successfully. {91975f83-f39c-43cf-aad4-0b3396b0f6db}Gw64 => Service stopped successfully. {91975f83-f39c-43cf-aad4-0b3396b0f6db}Gw64 => Service deleted successfully. {a16a1775-5ab3-4034-ac52-de0795db97f0}Gw64 => Service stopped successfully. {a16a1775-5ab3-4034-ac52-de0795db97f0}Gw64 => Service deleted successfully. {c88279d3-91dd-4bd9-ad38-681f71d6e36d}Gw64 => Service stopped successfully. {c88279d3-91dd-4bd9-ad38-681f71d6e36d}Gw64 => Service deleted successfully. {ca4e7e4c-3ebf-4428-bf75-cc138b7061f1}Gw64 => Service stopped successfully. {ca4e7e4c-3ebf-4428-bf75-cc138b7061f1}Gw64 => Service deleted successfully. {df47b99d-26f5-45f4-85c5-97b4da365f21}Gw64 => Service stopped successfully. {df47b99d-26f5-45f4-85c5-97b4da365f21}Gw64 => Service deleted successfully. {f2f2c4d5-f6ac-4c21-8cea-257783669e49}Gw64 => Service stopped successfully. {f2f2c4d5-f6ac-4c21-8cea-257783669e49}Gw64 => Service deleted successfully. {fb92e7a9-ee13-44c3-a51b-600382fe9211}Gw64 => Service stopped successfully. {fb92e7a9-ee13-44c3-a51b-600382fe9211}Gw64 => Service deleted successfully. 51cdb72 => Service not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20D97CD1-A735-41C7-B0B2-4B95F8811BEA}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20D97CD1-A735-41C7-B0B2-4B95F8811BEA}" => Key deleted successfully. C:\Windows\System32\Tasks\{8B0ADA23-6339-4A92-BA17-8BD048CC3740} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8B0ADA23-6339-4A92-BA17-8BD048CC3740}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2881B310-63B1-4578-9210-8E6329411CE3}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2881B310-63B1-4578-9210-8E6329411CE3}" => Key deleted successfully. C:\Windows\System32\Tasks\{6540ED2A-C93A-41D0-B771-3AAF5B282D0D} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6540ED2A-C93A-41D0-B771-3AAF5B282D0D}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{31F970C7-95CA-42D8-B4DB-382BC87E7E51}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31F970C7-95CA-42D8-B4DB-382BC87E7E51}" => Key deleted successfully. C:\Windows\System32\Tasks\fc6a064f-a2dd-4cc3-9a73-369f24d55904 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\fc6a064f-a2dd-4cc3-9a73-369f24d55904" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{42501103-E946-4E04-81B4-8D5AD39D48AA}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42501103-E946-4E04-81B4-8D5AD39D48AA}" => Key deleted successfully. C:\Windows\System32\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-5_user => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\abcbc285-3637-41b2-832a-af47b6df0881-5_user" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6516DC79-98C6-4D96-BFE9-BD862D139235}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6516DC79-98C6-4D96-BFE9-BD862D139235}" => Key deleted successfully. C:\Windows\System32\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-11 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\abcbc285-3637-41b2-832a-af47b6df0881-11" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6569D626-D40F-4525-8673-8ABEB0BAD5D9}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6569D626-D40F-4525-8673-8ABEB0BAD5D9}" => Key deleted successfully. C:\Windows\System32\Tasks\LaunchSignup => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8B441A5E-CFFD-4911-8036-1F5134295F86}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B441A5E-CFFD-4911-8036-1F5134295F86}" => Key deleted successfully. C:\Windows\System32\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-1 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\abcbc285-3637-41b2-832a-af47b6df0881-1" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{939C71BB-234E-4F60-9F58-C4B129EAA116}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{939C71BB-234E-4F60-9F58-C4B129EAA116}" => Key deleted successfully. C:\Windows\System32\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-6 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\abcbc285-3637-41b2-832a-af47b6df0881-6" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{97D052A8-3A56-49A6-8271-E6DBA4BC0F24}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97D052A8-3A56-49A6-8271-E6DBA4BC0F24}" => Key deleted successfully. C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE4FCE2A-A072-4540-84E2-676C2D494006}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE4FCE2A-A072-4540-84E2-676C2D494006}" => Key deleted successfully. C:\Windows\System32\Tasks\WSE_Vosteran => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WSE_Vosteran" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B5795390-4024-4ADB-B06D-2C2DC60A3422}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5795390-4024-4ADB-B06D-2C2DC60A3422}" => Key deleted successfully. C:\Windows\System32\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-7 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\abcbc285-3637-41b2-832a-af47b6df0881-7" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE1350EB-A9BF-4A46-9B1D-BFFD817DE58F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE1350EB-A9BF-4A46-9B1D-BFFD817DE58F}" => Key deleted successfully. C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D7AB393A-9F53-4225-92BF-5E3DCCC9E9DC}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7AB393A-9F53-4225-92BF-5E3DCCC9E9DC}" => Key deleted successfully. C:\Windows\System32\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-4 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\abcbc285-3637-41b2-832a-af47b6df0881-4" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DE514776-EE0F-439D-9774-92F70F5D32CE}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE514776-EE0F-439D-9774-92F70F5D32CE}" => Key deleted successfully. C:\Windows\System32\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-5 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\abcbc285-3637-41b2-832a-af47b6df0881-5" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FD1608F1-C577-4570-BABF-47F4B4D51FD5}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD1608F1-C577-4570-BABF-47F4B4D51FD5}" => Key deleted successfully. C:\Windows\System32\Tasks\9472bf32-801e-4380-a93a-312d3363a0e3 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9472bf32-801e-4380-a93a-312d3363a0e3" => Key deleted successfully. C:\Windows\Tasks\9472bf32-801e-4380-a93a-312d3363a0e3.job => Moved successfully. C:\Windows\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-1.job => Moved successfully. C:\Windows\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-11.job => Moved successfully. C:\Windows\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-4.job => Moved successfully. C:\Windows\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-5.job => Moved successfully. C:\Windows\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-5_user.job => Moved successfully. C:\Windows\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-6.job => Moved successfully. C:\Windows\Tasks\abcbc285-3637-41b2-832a-af47b6df0881-7.job => Moved successfully. C:\Windows\Tasks\fc6a064f-a2dd-4cc3-9a73-369f24d55904.job => Moved successfully. HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\DevconDefaultDB => value deleted successfully. "_c:\progra~2\search~1\search~1\bin\vc32lo~1.dll" => Value Data removed successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => Key not found. HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found. C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKU\S-1-5-21-1364691054-2715564713-2932916954-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKU\S-1-5-21-1364691054-2715564713-2932916954-1000\Software\Microsoft\Internet Explorer\Main\\First Home Page => value deleted successfully. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}" => Key deleted successfully. HKCR\CLSID\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => Key not found. HKU\S-1-5-21-1364691054-2715564713-2932916954-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. "HKU\S-1-5-21-1364691054-2715564713-2932916954-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}" => Key deleted successfully. HKCR\CLSID\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => Key not found. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c14185e-4de6-4a79-985b-19f23fd1e638}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{6c14185e-4de6-4a79-985b-19f23fd1e638}" => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{914eceaa-4582-4925-891d-1b356511fc4f} => Key not found. HKCR\Wow6432Node\CLSID\{914eceaa-4582-4925-891d-1b356511fc4f} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a5a20214-55dc-484d-8d8e-fd236e9bfd85} => Key not found. HKCR\Wow6432Node\CLSID\{a5a20214-55dc-484d-8d8e-fd236e9bfd85} => Key not found. "HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision" => Key deleted successfully. "HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming" => Key deleted successfully. C:\Program Files (x86)\02b93d75-5ec8-462c-851f-5d91d227cd32 => Moved successfully. C:\Program Files (x86)\BocaInit => Moved successfully. C:\Program Files (x86)\dealsterr => Moved successfully. C:\Program Files (x86)\GeoSurf => Moved successfully. C:\Program Files (x86)\Google => Moved successfully. C:\Program Files (x86)\ruealdEal => Moved successfully. C:\Program Files (x86)\saViNesuhop => Moved successfully. C:\Program Files (x86)\savingtoyoouu => Moved successfully. C:\Program Files (x86)\sAvinngttoYooU => Moved successfully. C:\ProgramData\11127976247202785533 => Moved successfully. C:\ProgramData\600440862 => Moved successfully. C:\ProgramData\AVAST Software => Moved successfully. C:\ProgramData\RandomDealApp => Moved successfully. C:\Users\kubos\AppData\Local\Kosong.Bron.Tok.txt => Moved successfully. C:\Users\kubos\AppData\Local\Google => Moved successfully. C:\Users\kubos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url => Moved successfully. C:\Users\kubos\Desktop\Play Games Online.url => Moved successfully. C:\Windows\46B04D534E344388B6EE80FAB66AEF9B.TMP => Moved successfully. C:\Windows\system32\2015-*.log => Moved successfully. C:\Windows\System32\drivers\{078ad437-dc9f-4228-9edb-b3d1c0246ff8}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{27899312-155f-40f3-8661-fb6675d82b4b}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{2bf1e193-df72-4e3c-9f15-d1dc6e2f810f}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{40d1e549-9fca-4f25-a19d-d845842dd635}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{507a9b68-2b48-4a22-b662-e674fb6a16f7}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{84edc66f-0e16-4519-bd1a-cead01f243ac}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{91975f83-f39c-43cf-aad4-0b3396b0f6db}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{a16a1775-5ab3-4034-ac52-de0795db97f0}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{c88279d3-91dd-4bd9-ad38-681f71d6e36d}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{ca4e7e4c-3ebf-4428-bf75-cc138b7061f1}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{df47b99d-26f5-45f4-85c5-97b4da365f21}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{f2f2c4d5-f6ac-4c21-8cea-257783669e49}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{fb92e7a9-ee13-44c3-a51b-600382fe9211}Gw64.sys => Moved successfully. ========= reg delete HKCU\Software\Google /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Google /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= dir /a "C:\Program Files" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: EC54-376F Katalog: C:\Program Files 2015-03-13 18:36