Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-08-2013 01 Ran by pc at 2013-08-31 11:47:48 Run:1 Running from C:\Users\pc\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** Task: {0091B4CF-59B0-44A5-9E0C-791397144291} - \EPUpdater No Task File Task: {09A47C9C-4643-4528-8BB4-B321F421E290} - \Program aktualizacji online firmy Divx. No Task File Task: {20291F04-E0DE-4C8C-8AF6-5E6DC7F51920} - System32\Tasks\{DEF02776-5B5C-446F-A06E-CFAC1C70E4DE} => C:\Users\pc\Desktop\Combatarms_eu.exe No File Task: {2073F3CA-C380-404A-AC09-4048E3528B2A} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe No File Task: {91F069DD-6CE9-4E2A-A393-4AF5984B0B26} - System32\Tasks\B2CNotiAgent => C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe No File Task: {CE0A4498-7A46-4D98-B355-DC0F6E51AD8C} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe No File Task: {D21C522F-72F4-4C24-9811-97CD6F08BE5B} - System32\Tasks\{1F6B628B-5C62-4EB6-A582-1AF7641332D0} => C:\Users\pc\Desktop\Combatarms_eu.exe No File Task: {ED4FDDA0-D16C-4995-A41F-39BD71680468} - \Program aktualizacji online firmy Adobe. No Task File HKU\Mcx1-PC-KOMPUTER\...\Winlogon: [Shell] C:\Windows\eHome\McrMgr.exe [343552 2009-07-14] (Microsoft Corporation) BootExecute: autocheck autochk * sdnclean64.exe ProxyServer: :0 SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security) S1 ArcSec; system32\drivers\ArcSec.sys [x] S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x] S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [x] S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [x] S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [x] R3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [x] S3 TBPanel; No ImagePath S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x] S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x] 2013-08-22 13:53 - 2013-04-11 11:06 - 00039504 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys 2013-08-22 13:47 - 2013-08-22 15:25 - 00000000 ____D C:\Users\pc\AppData\Roaming\Ad-Aware Antivirus 2013-08-22 13:47 - 2013-08-22 13:47 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus 2013-08-22 13:45 - 2013-08-22 15:25 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus 2013-08-22 13:45 - 2013-08-22 13:45 - 00000000 ____D C:\ProgramData\Lavasoft Reg: reg add "HKCU\Software\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {5AECF840-CD46-4201-B673-37363A9D08AA} /f Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {5AECF840-CD46-4201-B673-37363A9D08AA} /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ***************** HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0091B4CF-59B0-44A5-9E0C-791397144291} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0091B4CF-59B0-44A5-9E0C-791397144291} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09A47C9C-4643-4528-8BB4-B321F421E290} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09A47C9C-4643-4528-8BB4-B321F421E290} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Program aktualizacji online firmy Divx. => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20291F04-E0DE-4C8C-8AF6-5E6DC7F51920} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20291F04-E0DE-4C8C-8AF6-5E6DC7F51920} => Key deleted successfully. C:\Windows\System32\Tasks\{DEF02776-5B5C-446F-A06E-CFAC1C70E4DE} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DEF02776-5B5C-446F-A06E-CFAC1C70E4DE} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2073F3CA-C380-404A-AC09-4048E3528B2A} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2073F3CA-C380-404A-AC09-4048E3528B2A} => Key deleted successfully. C:\Windows\System32\Tasks\Game_Booster_AutoUpdate => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Game_Booster_AutoUpdate => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91F069DD-6CE9-4E2A-A393-4AF5984B0B26} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91F069DD-6CE9-4E2A-A393-4AF5984B0B26} => Key deleted successfully. C:\Windows\System32\Tasks\B2CNotiAgent => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\B2CNotiAgent => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE0A4498-7A46-4D98-B355-DC0F6E51AD8C} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE0A4498-7A46-4D98-B355-DC0F6E51AD8C} => Key deleted successfully. C:\Windows\System32\Tasks\Ad-Aware Antivirus Scheduled Scan => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Antivirus Scheduled Scan => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D21C522F-72F4-4C24-9811-97CD6F08BE5B} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D21C522F-72F4-4C24-9811-97CD6F08BE5B} => Key deleted successfully. C:\Windows\System32\Tasks\{1F6B628B-5C62-4EB6-A582-1AF7641332D0} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1F6B628B-5C62-4EB6-A582-1AF7641332D0} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED4FDDA0-D16C-4995-A41F-39BD71680468} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED4FDDA0-D16C-4995-A41F-39BD71680468} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Program aktualizacji online firmy Adobe. => Key deleted successfully. HKU\Mcx1-PC-KOMPUTER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully. HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Key deleted successfully. HKCR\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Key not found. HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0 => Key deleted successfully. C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll not found. HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.110.0 => Key deleted successfully. C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll not found. HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.122.0 => Key deleted successfully. C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll not found. gfiark => Service deleted successfully. ArcSec => Service deleted successfully. catchme => Service deleted successfully. cpuz135 => Service deleted successfully. LgBttPort => Service deleted successfully. lgbusenum => Service deleted successfully. LGVMODEM => Service deleted successfully. Prot6Flt => Service deleted successfully. TBPanel => Service deleted successfully. VBoxNetFlt => Service deleted successfully. WinRing0_1_2_0 => Service deleted successfully. C:\Windows\system32\Drivers\gfiark.sys => Moved successfully. C:\Users\pc\AppData\Roaming\Ad-Aware Antivirus => Moved successfully. C:\ProgramData\Ad-Aware Antivirus => Moved successfully. C:\Program Files (x86)\Ad-Aware Antivirus => Moved successfully. C:\ProgramData\Lavasoft => Moved successfully. ========= reg add "HKCU\Software\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {5AECF840-CD46-4201-B673-37363A9D08AA} /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {5AECF840-CD46-4201-B673-37363A9D08AA} /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= The system needs a manual reboot. ==== End of Fixlog ====