Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-10-2013
Ran by pawel at 2013-10-18 16:15:11 Run:1
Running from C:\Documents and Settings\pawel\Pulpit\Nowy folder (2)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Task: C:\WINDOWS\Tasks\Express FilesUpdate.job => C:\Program Files\ExpressFiles\EFUpdater.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - URL ${SEARCH_URL}{searchTerms}
SearchScopes: HKCU - URL http://startsear.ch/?src=sp&aff=51&cf=9b0f3952-17c4-11e2-9a7a-0016e665e7d5&q={searchTerms}
BHO: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Documents and Settings\pawel\Ustawienia lokalne\Dane aplikacji\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll No File
BHO: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\pawel\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll No File
HKLM\...\Run: [Onet.pl AutoUpdate] - C:\Program Files\Common Files\Onet.pl\AutoUpdate.exe [260096 2005-07-27] (Onet.pl)
HKCU\...\Run: [DAEMON Tools] - "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
HKCU\...\Run: [AVG-Secure-Search-Update_0913b] - C:\Documents and Settings\pawel\Dane aplikacji\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 04678a1ccd9d47d3b864d15fa0810e26-06ce4fc639803a2e3563922518183d8e94088cb9 --CMPID 0913b
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\13954475.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\13954475.sys => ""="Driver"
Unlock: HKLM\SYSTEM\CurrentControlSet\Services\sptd
S3 PCANDIS5; \??\C:\WINDOWS\system32\PCANDIS5.SYS [x]
S3 RkPavproc1; \??\C:\WINDOWS\system32\drivers\RkPavproc1.sys [x]
S3 SliceDisk5; \??\C:\DOCUME~1\pawel\USTAWI~1\Temp\HBCD\PartitionFindAndMount\slicedisk.sys [x]
S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [x]
U3 TlntSvr;
S3 ZDCndis5; \??\C:\WINDOWS\system32\ZDCndis5.SYS [x]
S3 ZDPSp50; System32\Drivers\ZDPSp50.sys [x]
C:\Documents and Settings\All Users\SPL326.tmp
C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
C:\Documents and Settings\All Users\Dane aplikacji\AVG2013
C:\Documents and Settings\pawel\Dane aplikacji\AutoUpdate
C:\Program Files\mozilla firefox\plugins\npfflivevdoplg.dll
C:\Program Files\Common Files\Onet.pl
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}" /f
Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}" /f
Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
*****************

C:\WINDOWS\Tasks\Express FilesUpdate.job => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} => Key deleted successfully.
HKCR\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} => Key deleted successfully.
HKCR\CLSID\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} => Key deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Onet.pl AutoUpdate => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\AVG-Secure-Search-Update_0913b => Value deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\13954475.sys => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\13954475.sys => Key deleted successfully.
"HKLM\SYSTEM\CurrentControlSet\Services\sptd" => Key unlocked successfully.
PCANDIS5 => Service deleted successfully.
RkPavproc1 => Service deleted successfully.
SliceDisk5 => Service deleted successfully.
sptd => Service deleted successfully.
TlntSvr => Service deleted successfully.
ZDCndis5 => Service deleted successfully.
ZDPSp50 => Service deleted successfully.
C:\Documents and Settings\All Users\SPL326.tmp => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\AVG2013 => Moved successfully.
C:\Documents and Settings\pawel\Dane aplikacji\AutoUpdate => Moved successfully.
C:\Program Files\mozilla firefox\plugins\npfflivevdoplg.dll => Moved successfully.

"C:\Program Files\Common Files\Onet.pl" directory move:

Could not move "C:\Program Files\Common Files\Onet.pl\_download.log" => Scheduled to move on reboot.
C:\Program Files\Common Files\Onet.pl\Packs\SelfUpdate\ExeUpdate.in => Moved successfully.
Could not move "C:\Program Files\Common Files\Onet.pl" directory. => Scheduled to move on reboot.


========= reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}" /f =========


Błąd: system nie może odnaleźć określonego klucza rejestru lub wartości.


========= End of Reg: =========


========= reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


=========== Result of Scheduled Files to move ===========

C:\Program Files\Common Files\Onet.pl\_download.log => Moved successfully.
C:\Program Files\Common Files\Onet.pl => Moved successfully.

==== End of Fixlog ====