Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-12-2013 01 Ran by sony at 2013-12-14 11:01:47 Run:1 Running from C:\Users\sony\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** (Somoto) C:\Users\sony\AppData\Local\FilesFrog Update Checker\update_checker.exe () C:\Users\sony\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe HKCU\...\Run: [Mobile Partner] - C:\Program Files (x86)\MobileWiFi\MobileWiFi HKCU\...\Run: [SDP] - C:\Users\sony\AppData\Local\FilesFrog Update Checker\update_checker.exe [201808 2013-01-31] (Somoto) HKCU\...\Run: [AppsHat] - C:\Users\sony\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [202752 2012-10-26] () HKCU\...\Run: [SpeedUpMyComputer] - C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe [2054776 2013-07-22] () HKLM-x32\...\Run: [SweetIM] - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [115032 2012-10-04] (SweetIM Technologies Ltd.) HKLM-x32\...\Run: [Sweetpacks Communicator] - C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.) BootExecute: autocheck autochk * bootdelete HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www2.delta-search.com/?babsrc=HP_ss&mntrId=0AF54A0F6EDD5E91&affID=119357&tsp=5003 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10014&barid={4FA1B0AE-5CFC-11E2-8EAE-544249EC04F7} URLSearchHook: HKLM-x32 - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871} URLSearchHook: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\SimilarSites.dll (SimilarGroup) URLSearchHook: HKCU - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871} URLSearchHook: HKCU - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\SimilarSites.dll (SimilarGroup) URLSearchHook: HKCU - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10014&barid={4FA1B0AE-5CFC-11E2-8EAE-544249EC04F7} SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.mocaflix.com/?l=1&q={searchTerms} SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10014&barid={4FA1B0AE-5CFC-11E2-8EAE-544249EC04F7} SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=0AF54A0F6EDD5E91&affID=119357&tsp=5003 SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.mocaflix.com/?l=1&q={searchTerms} SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10014&barid={4FA1B0AE-5CFC-11E2-8EAE-544249EC04F7} BHO-x32: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files (x86)\Minibar\Minibar.dll (KangoExtensions) BHO-x32: Shopping Suggestion. - {e7e8ed77-2fba-4ec6-bc07-65de4de6709f} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation) BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) Toolbar: HKLM-x32 - SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\SimilarSites.dll (SimilarGroup) FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird CHR HKLM\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\sony\AppData\Local\newhb2.crx CHR HKLM-x32\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\sony\AppData\Local\newhb2.crx CHR HKLM-x32\...\Chrome\Extension: [hidjnkeodmholilgafgdlgmgggbhnigl] - C:\Users\sony\AppData\Roaming\SimilarSites\similarsites.crx CHR HKLM-x32\...\Chrome\Extension: [mpgdenjkmdgijbjkcdkkejpkkpdigigi] - C:\ProgramData\Download and Sa\mpgdenjkmdgijbjkcdkkejpkkpdigigi.crx CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\sony\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION Task: {574FE336-B363-41C9-8B79-22446E81C73E} - System32\Tasks\{FD094B8F-481C-48A2-80E4-DE61025336D0} => Chrome.exe http://ui.skype.com/ui/0/6.0.0.126/pl/abandoninstall?page=tsProgressBar Task: {6B589A7D-1894-4EC3-AE95-4F38650BD571} - System32\Tasks\{271AF73A-D39B-4D4F-BA04-761BA316F3FC} => Chrome.exe http://ui.skype.com/ui/0/5.9.0.115.259/pl/abandoninstall?page=tsMain Task: {6F7BAA96-3FFD-4F44-89FE-B47EE573FB1E} - System32\Tasks\{33AEF247-36F1-42EC-A120-37F3BD183076} => Chrome.exe http://ui.skype.com/ui/0/5.9.0.115/pl/abandoninstall?page=tsMain Task: {8AD25E1D-7DC1-452F-B2B1-508436E1EDC4} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] () Task: {98A1E1D7-3A77-40BB-AF0D-D17E3B546761} - System32\Tasks\AmiUpdXp => C:\Users\sony\AppData\Local\SwvUpdater\Updater.exe [2013-12-13] (Amonetizé Ltd) Task: {9BDF8187-F697-4D2A-9FC1-38DA13C97A86} - System32\Tasks\{A543F058-8469-4882-BA4B-37A7F3C9ACC0} => Chrome.exe http://ui.skype.com/ui/0/5.10.0.116/pl/abandoninstall?page=tsProgressBar Task: {A40685C0-838D-433F-B626-181168C3D464} - System32\Tasks\{C2720EA8-C838-4018-8668-008B1E4DA547} => Chrome.exe http://ui.skype.com/ui/0/5.8.0.158/pl/abandoninstall?page=tsMain Task: {F4BEF1A9-6DFE-41F1-9BD7-DE15736AFF8B} - System32\Tasks\{ED564165-CA11-4BA7-9F3A-F5283097A277} => Chrome.exe http://ui.skype.com/ui/0/5.10.0.116/pl/abandoninstall?page=tsMain Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\sony\AppData\Local\SwvUpdater\Updater.exe Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe S2 0282271352730771mcinstcleanup; C:\Users\Rick\AppData\Local\Temp\028227~1.EXE -cleanup -nolog [x] S2 ekrn; "C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe" [x] S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 cpuz130; \??\C:\Users\sony\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x] U4 WMCoreService; HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" C:\Windows\SysWow64\temp.* C:\Program Files (x86)\Minibar C:\Program Files (x86)\Shopping Suggestion C:\Users\sony\AppData\Roaming\AVG C:\Users\sony\AppData\Roaming\BabSolution C:\Users\sony\AppData\Roaming\Babylon C:\Users\sony\AppData\Roaming\SendSpace C:\Users\sony\AppData\Roaming\systweak C:\Users\sony\AppData\Roaming\Thinstall C:\Users\sony\Downloads\ComboFix__2594_il9695364.exe Reg: reg delete HKCU\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1} /f CMD: md C:\Users\sony\Desktop\Upload CMD: copy C:\Users\sony\AppData\Roaming\Mozilla\Firefox\Profiles\nvftkoyj.default\Extensions\{D394D188-BAC7-4e03-8FAF-389A4D7EC6F4}.xpi C:\Users\sony\Desktop\Upload ***************** [6032] C:\Users\sony\AppData\Local\FilesFrog Update Checker\update_checker.exe => Process closed successfully. [6040] C:\Users\sony\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe => Process closed successfully. [1832] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe => Process closed successfully. [5360] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe => Process closed successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Mobile Partner => Value deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\SDP => Value deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\AppsHat => Value deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\SpeedUpMyComputer => Value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SweetIM => Value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Sweetpacks Communicator => Value deleted successfully. HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\bProtector Start Page => Value deleted successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{FE69C007-C452-4d3e-86D2-1730DF8BC871} => Value deleted successfully. HKCR\Wow6432Node\CLSID\{FE69C007-C452-4d3e-86D2-1730DF8BC871} => Key deleted successfully. HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{FE69C007-C452-4d3e-86D2-1730DF8BC871} => Value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} => Value deleted successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope => Value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully. HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully. HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key deleted successfully. HKCR\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key deleted successfully. HKCR\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e7e8ed77-2fba-4ec6-bc07-65de4de6709f} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{e7e8ed77-2fba-4ec6-bc07-65de4de6709f} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} => Value deleted successfully. HKCR\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{FE69C007-C452-4d3e-86D2-1730DF8BC871} => Value deleted successfully. HKCR\Wow6432Node\CLSID\{FE69C007-C452-4d3e-86D2-1730DF8BC871} => Key not found. HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => Value deleted successfully. HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => Value deleted successfully. HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd => Key deleted successfully. C:\Users\sony\AppData\Local\newhb2.crx => Moved successfully. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd => Key deleted successfully. "C:\Users\sony\AppData\Local\newhb2.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl => Key deleted successfully. C:\Users\sony\AppData\Roaming\SimilarSites\similarsites.crx => Moved successfully. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpgdenjkmdgijbjkcdkkejpkkpdigigi => Key deleted successfully. C:\ProgramData\Download and Sa\mpgdenjkmdgijbjkcdkkejpkkpdigigi.crx => Moved successfully. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj => Key deleted successfully. C:\Users\sony\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx => Moved successfully. HKLM\SOFTWARE\Policies\Google => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{574FE336-B363-41C9-8B79-22446E81C73E} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{574FE336-B363-41C9-8B79-22446E81C73E} => Key deleted successfully. C:\Windows\System32\Tasks\{FD094B8F-481C-48A2-80E4-DE61025336D0} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FD094B8F-481C-48A2-80E4-DE61025336D0} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B589A7D-1894-4EC3-AE95-4F38650BD571} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B589A7D-1894-4EC3-AE95-4F38650BD571} => Key deleted successfully. C:\Windows\System32\Tasks\{271AF73A-D39B-4D4F-BA04-761BA316F3FC} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{271AF73A-D39B-4D4F-BA04-761BA316F3FC} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F7BAA96-3FFD-4F44-89FE-B47EE573FB1E} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F7BAA96-3FFD-4F44-89FE-B47EE573FB1E} => Key deleted successfully. C:\Windows\System32\Tasks\{33AEF247-36F1-42EC-A120-37F3BD183076} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{33AEF247-36F1-42EC-A120-37F3BD183076} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8AD25E1D-7DC1-452F-B2B1-508436E1EDC4} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AD25E1D-7DC1-452F-B2B1-508436E1EDC4} => Key deleted successfully. C:\Windows\System32\Tasks\ROC_REG_JAN_DELETE => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ROC_REG_JAN_DELETE => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{98A1E1D7-3A77-40BB-AF0D-D17E3B546761} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98A1E1D7-3A77-40BB-AF0D-D17E3B546761} => Key deleted successfully. C:\Windows\System32\Tasks\AmiUpdXp => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9BDF8187-F697-4D2A-9FC1-38DA13C97A86} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BDF8187-F697-4D2A-9FC1-38DA13C97A86} => Key deleted successfully. C:\Windows\System32\Tasks\{A543F058-8469-4882-BA4B-37A7F3C9ACC0} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A543F058-8469-4882-BA4B-37A7F3C9ACC0} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A40685C0-838D-433F-B626-181168C3D464} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A40685C0-838D-433F-B626-181168C3D464} => Key deleted successfully. C:\Windows\System32\Tasks\{C2720EA8-C838-4018-8668-008B1E4DA547} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C2720EA8-C838-4018-8668-008B1E4DA547} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4BEF1A9-6DFE-41F1-9BD7-DE15736AFF8B} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4BEF1A9-6DFE-41F1-9BD7-DE15736AFF8B} => Key deleted successfully. C:\Windows\System32\Tasks\{ED564165-CA11-4BA7-9F3A-F5283097A277} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ED564165-CA11-4BA7-9F3A-F5283097A277} => Key deleted successfully. C:\Windows\Tasks\AmiUpdXp.job => Moved successfully. C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => Moved successfully. 0282271352730771mcinstcleanup => Service deleted successfully. ekrn => Service deleted successfully. catchme => Service deleted successfully. cpuz130 => Service deleted successfully. WMCoreService => Service deleted successfully. HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => Key deleted successfully. C:\Windows\SysWow64\temp.* => Moved successfully. C:\Program Files (x86)\Minibar => Moved successfully. C:\Program Files (x86)\Shopping Suggestion => Moved successfully. C:\Users\sony\AppData\Roaming\AVG => Moved successfully. C:\Users\sony\AppData\Roaming\BabSolution => Moved successfully. C:\Users\sony\AppData\Roaming\Babylon => Moved successfully. C:\Users\sony\AppData\Roaming\SendSpace => Moved successfully. C:\Users\sony\AppData\Roaming\systweak => Moved successfully. C:\Users\sony\AppData\Roaming\Thinstall => Moved successfully. C:\Users\sony\Downloads\ComboFix__2594_il9695364.exe => Moved successfully. ========= reg delete HKCU\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1} /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= md C:\Users\sony\Desktop\Upload ========= ========= End of CMD: ========= ========= copy C:\Users\sony\AppData\Roaming\Mozilla\Firefox\Profiles\nvftkoyj.default\Extensions\{D394D188-BAC7-4e03-8FAF-389A4D7EC6F4}.xpi C:\Users\sony\Desktop\Upload ========= Liczba skopiowanych plik¢w: 1. ========= End of CMD: ========= ==== End of Fixlog ====