Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-08-2013 01 Ran by user at 2013-08-31 11:07:18 Run:1 Running from C:\Users\user\Desktop\logi Boot Mode: Normal ============================================== Content of fixlist: ***************** HKCU\...\Run: [Badoo Desktop] - C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe [x] HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216 2013-03-31] (Ask) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_Prot HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=1&crg=3.1010000&barid={554C6305-0B8D-4241-9470-32F1CFE7C93C} URLSearchHook: ATTENTION ==> Default URLSearchHook is missing. URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File URLSearchHook: (No Name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - No File SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=1&barid={554C6305-0B8D-4241-9470-32F1CFE7C93C}&q={searchTerms}&barid={554C6305-0B8D-4241-9470-32F1CFE7C93C} SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029 SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=1&barid={554C6305-0B8D-4241-9470-32F1CFE7C93C}&q={searchTerms}&barid={554C6305-0B8D-4241-9470-32F1CFE7C93C} SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid=&mid=dc1590634d1447d1b9d1549089e76a6b-3e7aa1fd44011282cfdef6ad347f03fcb76bad88&lang=en&ds=AVG&pr=fr&d=&v=&pid=AVG&sg=&sap=dsp&q={searchTerms} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&AF=110000&tt=090212_ctrl&babsrc=SP_ss&mntrId=f07bd289000000000000582c80139263 SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKCU - {6D8291A7-7BF6-4C96-B809-559B1455D655} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^PL&apn_uid=0465ACD9-97BF-45C6-A2E7-DF2D81A90E6B&apn_sauid=18C37563-EED5-42CB-8AD5-E9B3A1BEA671 SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid=&mid=dc1590634d1447d1b9d1549089e76a6b-3e7aa1fd44011282cfdef6ad347f03fcb76bad88&lang=en&ds=AVG&pr=fr&d=&v=&pid=AVG&sg=&sap=dsp&q={searchTerms} SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029 SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=1&barid={554C6305-0B8D-4241-9470-32F1CFE7C93C}&q={searchTerms}&barid={554C6305-0B8D-4241-9470-32F1CFE7C93C} BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\user\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx FF Extension: Babylon - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\Extensions\ffxtlbr@babylon.com FF Extension: Ask Toolbar - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\Extensions\toolbar@ask.com FF Extension: MyAshampoo Community Toolbar - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\Extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\searchplugins\askcom.xml FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\searchplugins\avg-secure-search.xml FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\searchplugins\conduit.xml FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\searchplugins\sweetim.xml C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\prefs.js C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\user.js C:\Users\user\AppData\Roaming\Babylon C:\Users\user\AppData\Roaming\DealPly Task: {4C4E009A-03E5-47C5-BA74-37FE1C1EAF38} - System32\Tasks\{E23E3CC8-C54D-47D7-A9E5-CBCBCDEE6FEC} => C:\Program Files (x86)\Plus Internet\Plus Internet.exe No File Task: {638C73A7-1F9C-4479-85F1-ECD2DB47FCC6} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-03-31] () Task: {98CFE97D-794D-477F-9746-4FF4D56171B6} - System32\Tasks\{AA8BDB73-4DFA-439B-B06D-849ADABC1F02} => C:\Program Files (x86)\Ares\Ares.exe No File S3 massfilter; system32\drivers\massfilter.sys [x] U3 tmlwf; U3 tmwfp; S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x] S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x] S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x] Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f CMD: del /q C:\Users\user\AppData\Local\Temp*.html CMD: sc config "PLAY ONLINE. RunOuc" start= demand ***************** HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Badoo Desktop => Value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater => Value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value deleted successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value deleted successfully. Default URLSearchHook was restored successfully . HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\\{00000000-6E41-4FD3-8538-502F5495E5FC} => Value deleted successfully. HKCR\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} => Key not found. HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\\{EEE6C35D-6118-11DC-9C72-001320C79847} => Value deleted successfully. HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully. HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully. HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6D8291A7-7BF6-4C96-B809-559B1455D655} => Key deleted successfully. HKCR\CLSID\{6D8291A7-7BF6-4C96-B809-559B1455D655} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key deleted successfully. HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully. HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key deleted successfully. HKCR\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} => Value deleted successfully. HKCR\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully. HKCR\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully. HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully. HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} => Value deleted successfully. HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully. HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found. HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully. HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo => Key deleted successfully. C:\Users\user\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx => Moved successfully. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn => Key deleted successfully. C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx => Moved successfully. C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\Extensions\ffxtlbr@babylon.com => Moved successfully. C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\Extensions\toolbar@ask.com => Moved successfully. C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\Extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} => Moved successfully. C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi => Moved successfully. C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml => Moved successfully. C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml => Moved successfully. C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\searchplugins\askcom.xml => Moved successfully. C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\searchplugins\avg-secure-search.xml => Moved successfully. C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\searchplugins\conduit.xml => Moved successfully. C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\searchplugins\sweetim.xml => Moved successfully. C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\prefs.js => Moved successfully. C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default\user.js => Moved successfully. C:\Users\user\AppData\Roaming\Babylon => Moved successfully. C:\Users\user\AppData\Roaming\DealPly => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C4E009A-03E5-47C5-BA74-37FE1C1EAF38} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C4E009A-03E5-47C5-BA74-37FE1C1EAF38} => Key deleted successfully. C:\Windows\System32\Tasks\{E23E3CC8-C54D-47D7-A9E5-CBCBCDEE6FEC} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E23E3CC8-C54D-47D7-A9E5-CBCBCDEE6FEC} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{638C73A7-1F9C-4479-85F1-ECD2DB47FCC6} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{638C73A7-1F9C-4479-85F1-ECD2DB47FCC6} => Key deleted successfully. C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98CFE97D-794D-477F-9746-4FF4D56171B6} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98CFE97D-794D-477F-9746-4FF4D56171B6} => Key deleted successfully. C:\Windows\System32\Tasks\{AA8BDB73-4DFA-439B-B06D-849ADABC1F02} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AA8BDB73-4DFA-439B-B06D-849ADABC1F02} => Key deleted successfully. massfilter => Service deleted successfully. tmlwf => Service deleted successfully. tmwfp => Service deleted successfully. ZTEusbmdm6k => Service deleted successfully. ZTEusbnmea => Service deleted successfully. ZTEusbser6k => Service deleted successfully. ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= del /q C:\Users\user\AppData\Local\Temp*.html ========= ========= End of CMD: ========= ========= sc config "PLAY ONLINE. RunOuc" start= demand ========= [SC] ChangeServiceConfig SUKCES ========= End of CMD: ========= ==== End of Fixlog ====