Fix result of Farbar Recovery Scan Tool (x86) Version: 28-06-2015 01
Ran by Szyszka at 2015-06-30 11:54:37 Run:1
Running from D:\-=PULPIT=-
Loaded Profiles: Szyszka (Available Profiles: Szyszka)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-2440634791-3158896077-4223476700-1001\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-21-2440634791-3158896077-4223476700-1001\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
Task: {0DE060A0-B70C-4940-ACE3-B767A1A29D1C} - System32\Tasks\{D88536E6-6347-4A9D-BCCA-070A96D4278E} => pcalua.exe -a C:\Users\Szyszka\Desktop\pity2011ngsetup.exe -d C:\Users\Szyszka\Desktop
Task: {3997BD38-B4CF-4E24-BA01-4BEE5C4C231D} - System32\Tasks\{5A731068-33F3-4589-AD74-AC0B2A2010BE} => D:\-=PULPIT=-\accaunt stream\accaunt stream\AccountStreamHotmail.exe
Task: {6B511F6F-9E51-4041-90E7-A9FBA4A1DB58} - System32\Tasks\{02706A6E-53A1-473F-9A90-2C5E248DFA5F} => D:\-=PULPIT=-\niszki z łowcy\Dragon Ball Xenoverse\Dragon Ball Xenoverse.exe
Task: {8A7C714C-C907-45AE-8EFC-61682EC52988} - System32\Tasks\{62D21132-DC3B-4760-B12F-D23A218A89DE} => pcalua.exe -a "C:\Program Files\PITy\PITy2011NG\unins000.exe"
Task: {9BE97635-4286-4F15-BA78-45C2BAA79EA7} - System32\Tasks\e-pity2012_styczen => C:\Program Files\e-file\e-pity2012\signxml.exe
Task: {B2F03C29-533D-4535-9DB6-1DC6C7B41A9C} - System32\Tasks\{98F508C6-98BA-4ACD-B651-4CB9B54F2C76} => D:\-=PULPIT=-\niszki z łowcy\Dragon Ball Xenoverse\Dragon Ball Xenoverse.exe
Task: {C4184739-699F-4035-B77D-6D45E088FE40} - System32\Tasks\{CC7C7B81-0F77-490C-8C01-52818FF0B98A} => D:\-=PULPIT=-\niszki z łowcy\Dragon Ball Xenoverse\Dragon Ball Xenoverse.exe
Task: {C6E1FF7E-5057-440F-970C-414BC34A3EEA} - System32\Tasks\{9BCD6F2A-17D7-464E-BD53-3567CBCA3F9C} => pcalua.exe -a "C:\Users\Szyszka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SQLGWJHL\pity2011ngsetup[1].exe" -d C:\Users\Szyszka\Desktop
Task: {D177D59F-8BA0-4D04-9BE0-D2B391ED9839} - System32\Tasks\e-pity2012_kwiecien => C:\Program Files\e-file\e-pity2012\signxml.exe
Task: {D2F2480A-C93B-44E1-8D4C-2F0628A72196} - System32\Tasks\{1FD00C96-AE97-4A1F-B94D-6734836C4C7D} => C:\Users\Szyszka\Desktop\Office2007HNS_MSLT_PL.EXE
Task: {DED8503A-2C87-4B27-BD59-12F02617A24D} - System32\Tasks\{6DDDB839-87C8-4A89-827E-C7DF2CA99317} => C:\Program Files\Mass Video Downloader\MassVideoDownloader.exe
Task: {E9E5251E-7D8B-44F0-AB10-A7EB36AF61B1} - System32\Tasks\{A9A74089-328D-4C0E-8822-45DCC268CBD0} => C:\Program Files\U2bviews\U2bviews Software\U2bviews Software.exe
Task: {EF6268DA-E9D9-4128-BE7B-60DBA73CB128} - System32\Tasks\{920FF6A2-96B9-44BF-AD31-E8BD289BC8D8} => D:\-=PULPIT=-\PPJoyJoy.exe
S3 ALSysIO; \??\C:\Users\Szyszka\AppData\Local\Temp\ALSysIO.sys [X]
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
U4 WMCoreService; No ImagePath
Startup: C:\Users\Szyszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-09-28]
StartMenuInternet: (HKLM) Opera - c:\program files\opera\opera.exe http://www.delta-homes.com/?utm_source=b&utm_medium=wpm0613&utm_campaign=installer&utm_content=sc&from=wpm0613&uid=TOSHIBAXMK5055GSX_209FP0ZFTXX209FP0ZFT&ts=1402567402
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2440634791-3158896077-4223476700-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\S-1-5-21-2440634791-3158896077-4223476700-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
FF Plugin: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
C:\Program Files\mozilla firefox\plugins
C:\ProgramData\Temp
Folder: C:\Device
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
"HKU\S-1-5-21-2440634791-3158896077-4223476700-1001\Software\Classes\exefile" => key removed successfully.
"HKU\S-1-5-21-2440634791-3158896077-4223476700-1001\Software\Classes\.exe" => key removed successfully.
HKU\S-1-5-21-2440634791-3158896077-4223476700-1001\Software\Classes\exefile => key not found. 
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MpfService" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0DE060A0-B70C-4940-ACE3-B767A1A29D1C}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DE060A0-B70C-4940-ACE3-B767A1A29D1C}" => key removed successfully.
C:\Windows\System32\Tasks\{D88536E6-6347-4A9D-BCCA-070A96D4278E} => moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D88536E6-6347-4A9D-BCCA-070A96D4278E} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3997BD38-B4CF-4E24-BA01-4BEE5C4C231D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3997BD38-B4CF-4E24-BA01-4BEE5C4C231D}" => key removed successfully.
C:\Windows\System32\Tasks\{5A731068-33F3-4589-AD74-AC0B2A2010BE} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5A731068-33F3-4589-AD74-AC0B2A2010BE}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B511F6F-9E51-4041-90E7-A9FBA4A1DB58}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B511F6F-9E51-4041-90E7-A9FBA4A1DB58}" => key removed successfully.
C:\Windows\System32\Tasks\{02706A6E-53A1-473F-9A90-2C5E248DFA5F} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{02706A6E-53A1-473F-9A90-2C5E248DFA5F}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A7C714C-C907-45AE-8EFC-61682EC52988}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A7C714C-C907-45AE-8EFC-61682EC52988}" => key removed successfully.
C:\Windows\System32\Tasks\{62D21132-DC3B-4760-B12F-D23A218A89DE} => moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{62D21132-DC3B-4760-B12F-D23A218A89DE} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9BE97635-4286-4F15-BA78-45C2BAA79EA7}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BE97635-4286-4F15-BA78-45C2BAA79EA7}" => key removed successfully.
C:\Windows\System32\Tasks\e-pity2012_styczen => moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\e-pity2012_styczen => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B2F03C29-533D-4535-9DB6-1DC6C7B41A9C}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2F03C29-533D-4535-9DB6-1DC6C7B41A9C}" => key removed successfully.
C:\Windows\System32\Tasks\{98F508C6-98BA-4ACD-B651-4CB9B54F2C76} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{98F508C6-98BA-4ACD-B651-4CB9B54F2C76}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4184739-699F-4035-B77D-6D45E088FE40}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4184739-699F-4035-B77D-6D45E088FE40}" => key removed successfully.
C:\Windows\System32\Tasks\{CC7C7B81-0F77-490C-8C01-52818FF0B98A} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CC7C7B81-0F77-490C-8C01-52818FF0B98A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C6E1FF7E-5057-440F-970C-414BC34A3EEA}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6E1FF7E-5057-440F-970C-414BC34A3EEA}" => key removed successfully.
C:\Windows\System32\Tasks\{9BCD6F2A-17D7-464E-BD53-3567CBCA3F9C} => moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9BCD6F2A-17D7-464E-BD53-3567CBCA3F9C} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D177D59F-8BA0-4D04-9BE0-D2B391ED9839}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D177D59F-8BA0-4D04-9BE0-D2B391ED9839}" => key removed successfully.
C:\Windows\System32\Tasks\e-pity2012_kwiecien => moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\e-pity2012_kwiecien => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D2F2480A-C93B-44E1-8D4C-2F0628A72196}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2F2480A-C93B-44E1-8D4C-2F0628A72196}" => key removed successfully.
C:\Windows\System32\Tasks\{1FD00C96-AE97-4A1F-B94D-6734836C4C7D} => moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1FD00C96-AE97-4A1F-B94D-6734836C4C7D} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DED8503A-2C87-4B27-BD59-12F02617A24D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DED8503A-2C87-4B27-BD59-12F02617A24D}" => key removed successfully.
C:\Windows\System32\Tasks\{6DDDB839-87C8-4A89-827E-C7DF2CA99317} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6DDDB839-87C8-4A89-827E-C7DF2CA99317}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E9E5251E-7D8B-44F0-AB10-A7EB36AF61B1}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9E5251E-7D8B-44F0-AB10-A7EB36AF61B1}" => key removed successfully.
C:\Windows\System32\Tasks\{A9A74089-328D-4C0E-8822-45DCC268CBD0} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A9A74089-328D-4C0E-8822-45DCC268CBD0}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF6268DA-E9D9-4128-BE7B-60DBA73CB128}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF6268DA-E9D9-4128-BE7B-60DBA73CB128}" => key removed successfully.
C:\Windows\System32\Tasks\{920FF6A2-96B9-44BF-AD31-E8BD289BC8D8} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{920FF6A2-96B9-44BF-AD31-E8BD289BC8D8}" => key removed successfully.
ALSysIO => Service removed successfully.
AppMgmt => Service removed successfully.
MBAMSwissArmy => Service removed successfully.
WMCoreService => Service removed successfully.
C:\Users\Szyszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk => moved successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\Opera\shell\open\command\\Default => value restored successfully
C:\windows\system32\GroupPolicy\Machine => moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-2440634791-3158896077-4223476700-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2440634791-3158896077-4223476700-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" => key removed successfully.
HKCR\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7} => key not found. 
"HKLM\Software\MozillaPlugins\@nexon.net/NxGame" => key removed successfully.
"HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => key removed successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758} => value removed successfully.
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully.
C:\Program Files\mozilla firefox\plugins => moved successfully.
C:\ProgramData\Temp => moved successfully.

========================= Folder: C:\Device ========================


====== End of Folder: ======


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========

EmptyTemp: => 2.9 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 11:56:43 ====