Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013 Ran by Olga Wiesio at 2013-10-12 10:42:09 Run:1 Running from C:\Users\Olga Wiesio\Desktop\Nowy folder (6) Boot Mode: Normal ============================================== Content of fixlist: ***************** HKLM-x32\...\Run: [GProton] - %ALLUSERSPROFILE%\GProton.exe HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" HKLM\...\Run: [zLoader.exe] - "C:\Program Files (x86)\Cyfrowy Polsat\MF821\Bin\zLoader.exe" HKLM\...\Run: [CancelAutoPlay.exe] - "C:\Program Files (x86)\Cyfrowy Polsat\MF821\Bin\CancelAutoPlay.exe" HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ SearchScopes: HKCU - DefaultScope {42168F92-DA71-42E6-BC7F-132EAC1F1899} URL = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F <===== ATTENTION SearchScopes: HKCU - {42168F92-DA71-42E6-BC7F-132EAC1F1899} URL = http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q={searchTerms}&sa=Search&siteurl=qooqlle.com%2F <===== ATTENTION BHO-x32: searchgol Helper Object - {8F547BDD-FCD4-48F8-A06F-573D6F404A3C} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\bh\searchgol.dll (Montera Technologeis LTD) Toolbar: HKLM-x32 - searchgol Toolbar - {00078E95-3A4A-4137-8DE7-2824908D1C17} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolTlbr.dll (Montera Technologeis LTD) CHR HKLM-x32\...\Chrome\Extension: [aipfmkinhleccnodemkoofnnofpbbpac] - C:\Users\Olga Wiesio\AppData\Roaming\BabSolution\CR\searchgol.crx Task: {441FDF25-A510-4A82-B35B-7596818147A2} - System32\Tasks\EPUpdater => C:\Users\Olga Wiesio\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-09-01] () HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [x] S3 massfilter_lte; \??\C:\windows\system32\drivers\massfilter_lte.sys [x] S3 RSUSBVSTOR; \SystemRoot\System32\Drivers\RtsUVStor.sys [x] U2 wuaserv; S3 zgdcat; \SystemRoot\system32\DRIVERS\zgdcat.sys [x] S3 zgdcdiag; \SystemRoot\system32\DRIVERS\zgdcdiag.sys [x] S3 zgdcmdm; \SystemRoot\system32\DRIVERS\zgdcmdm.sys [x] S3 zgdcnet; \SystemRoot\system32\DRIVERS\zgdcnet.sys [x] S3 zgdcnmea; \SystemRoot\system32\DRIVERS\zgdcnmea.sys [x] C:\ProgramData\GProton.exe C:\ProgramData\Babylon C:\Users\Olga Wiesio\AppData\Local\searchplugins C:\Users\Olga Wiesio\AppData\Roaming\BabSolution C:\Users\Olga Wiesio\AppData\Roaming\WebApp C:\Users\Olga Wiesio\Downloads\Adobe-Reader(12627).exe ***************** HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GProton => Value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\zLoader.exe => Value deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\CancelAutoPlay.exe => Value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{42168F92-DA71-42E6-BC7F-132EAC1F1899} => Key deleted successfully. HKCR\CLSID\{42168F92-DA71-42E6-BC7F-132EAC1F1899} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8F547BDD-FCD4-48F8-A06F-573D6F404A3C} => Key not found. HKCR\Wow6432Node\CLSID\{8F547BDD-FCD4-48F8-A06F-573D6F404A3C} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{00078E95-3A4A-4137-8DE7-2824908D1C17} => Value not found. HKCR\Wow6432Node\CLSID\{00078E95-3A4A-4137-8DE7-2824908D1C17} => Key not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aipfmkinhleccnodemkoofnnofpbbpac => Key not found. "C:\Users\Olga Wiesio\AppData\Roaming\BabSolution\CR\searchgol.crx" => File/Directory not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{441FDF25-A510-4A82-B35B-7596818147A2} => Key not found. C:\Windows\System32\Tasks\EPUpdater not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater => Key not found. HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => Key deleted successfully. HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => Key deleted successfully. HKLM\System\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => Key deleted successfully. HKLM\System\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => Key deleted successfully. IntcAzAudAddService => Service deleted successfully. massfilter_lte => Service deleted successfully. RSUSBVSTOR => Service deleted successfully. wuaserv => Service deleted successfully. zgdcat => Service deleted successfully. zgdcdiag => Service deleted successfully. zgdcmdm => Service deleted successfully. zgdcnet => Service deleted successfully. zgdcnmea => Service deleted successfully. C:\ProgramData\GProton.exe => Moved successfully. "C:\ProgramData\Babylon" => File/Directory not found. C:\Users\Olga Wiesio\AppData\Local\searchplugins => Moved successfully. "C:\Users\Olga Wiesio\AppData\Roaming\BabSolution" => File/Directory not found. C:\Users\Olga Wiesio\AppData\Roaming\WebApp => Moved successfully. C:\Users\Olga Wiesio\Downloads\Adobe-Reader(12627).exe => Moved successfully. ==== End of Fixlog ====