Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-01-2014 01 Ran by xxx at 2014-01-16 15:31:42 Run:1 Running from C:\Users\xxx\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** Task: {0937DDC0-D8DE-456C-A16F-19E0E38CE550} - \QtraxPlayer No Task File Task: {0B17990D-D70F-4A64-BC59-82B287FCAD6F} - \EPUpdater No Task File Task: {14E3047B-9387-4B5D-82EE-08BF034B0324} - \DealPlyUpdate No Task File Task: {31B10909-F931-4CE9-869B-FDC6F66B0EBF} - \DSite No Task File Task: {3D34D6BA-92D2-4300-A1CC-92408D657B08} - \DealPly No Task File Task: {578A257E-EB47-45A4-8479-3B4914698D36} - \Desk 365 RunAsStdUser No Task File Task: {B47A8E7E-609B-4E9B-8A33-7FEAEA4FB64B} - \Omiga Plus RunAsStdUser No Task File Task: {C61FA1D6-3D4D-460B-8AEC-AD3397120F0A} - System32\Tasks\{553F07D0-224D-448C-9F92-97BE9FAAEF69} => C:\Users\xxx\Desktop\Mazurski 8.6\loader\tibialoader.exe Task: {F1BF0EF1-84BC-4C8E-954F-4911F07A0EEC} - System32\Tasks\{18E3EC70-C610-4B09-9277-43BA3C17C723} => Firefox.exe http://ui.skype.com/ui/0/6.0.0.126/pl/abandoninstall?source=lightinstaller&page=tsBing AppInit_DLLs-x32: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll [ ] () SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF} URL = http://www.basicserve.com/?prt=bscsrvlink1&sp=&keywords={searchTerms} SearchScopes: HKCU - {69ABAE4C-47BC-4EAD-A2B3-ED08ED617830} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=ct3135048 Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File CHR HKCU\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\xxx\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2013-12-20] CHR HKLM-x32\...\Chrome\Extension: [cgbegiielglenofblbeiaohlbadmkcal] - C:\ProgramData\wxDownload\cgbegiielglenofblbeiaohlbadmkcal.crx [2013-12-20] CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\xxx\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2013-05-06] FF Extension: BasicServe - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{740B3FD5-4483-469D-BE7F-8555B153BD04} [2013-05-23] FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll No File FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll No File FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\xxx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [x] S3 SNP2UVC; system32\DRIVERS\snp2uvc.sys [x] S3 usbbus; system32\DRIVERS\lgx64bus.sys [x] S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [x] S3 USBModem; system32\DRIVERS\lgx64modem.sys [x] S3 vproiah; system32\DRIVERS\vproiah.sys [x] S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x] C:\ProgramData\wxDownload C:\Users\xxx\AppData\Local\CRE C:\Users\xxx\AppData\Local\Temp\ICReinstall_Setup.exe C:\Users\xxx\AppData\Roaming\0D1F1S1C1P0P1C1F1N1C1T1H2UtF1E1I C:\Users\xxx\Desktop\Continue VuuPC Installation.lnk C:\Users\xxx\Downloads\Setup.exe Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f CMD: type D:\autorun.inf ***************** HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0937DDC0-D8DE-456C-A16F-19E0E38CE550} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0937DDC0-D8DE-456C-A16F-19E0E38CE550} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\QtraxPlayer => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B17990D-D70F-4A64-BC59-82B287FCAD6F} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B17990D-D70F-4A64-BC59-82B287FCAD6F} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14E3047B-9387-4B5D-82EE-08BF034B0324} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14E3047B-9387-4B5D-82EE-08BF034B0324} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31B10909-F931-4CE9-869B-FDC6F66B0EBF} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31B10909-F931-4CE9-869B-FDC6F66B0EBF} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D34D6BA-92D2-4300-A1CC-92408D657B08} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D34D6BA-92D2-4300-A1CC-92408D657B08} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPly => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{578A257E-EB47-45A4-8479-3B4914698D36} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{578A257E-EB47-45A4-8479-3B4914698D36} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B47A8E7E-609B-4E9B-8A33-7FEAEA4FB64B} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B47A8E7E-609B-4E9B-8A33-7FEAEA4FB64B} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Omiga Plus RunAsStdUser => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C61FA1D6-3D4D-460B-8AEC-AD3397120F0A} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C61FA1D6-3D4D-460B-8AEC-AD3397120F0A} => Key deleted successfully. C:\Windows\System32\Tasks\{553F07D0-224D-448C-9F92-97BE9FAAEF69} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{553F07D0-224D-448C-9F92-97BE9FAAEF69} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F1BF0EF1-84BC-4C8E-954F-4911F07A0EEC} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1BF0EF1-84BC-4C8E-954F-4911F07A0EEC} => Key deleted successfully. C:\Windows\System32\Tasks\{18E3EC70-C610-4B09-9277-43BA3C17C723} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{18E3EC70-C610-4B09-9277-43BA3C17C723} => Key deleted successfully. HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF} => Key deleted successfully. HKCR\CLSID\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{69ABAE4C-47BC-4EAD-A2B3-ED08ED617830} => Key deleted successfully. HKCR\CLSID\{69ABAE4C-47BC-4EAD-A2B3-ED08ED617830} => Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Value deleted successfully. HKCR\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Key not found. HKCU\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc => Key deleted successfully. "C:\Users\xxx\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cgbegiielglenofblbeiaohlbadmkcal => Key deleted successfully. "C:\ProgramData\wxDownload\cgbegiielglenofblbeiaohlbadmkcal.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc => Key deleted successfully. "C:\Users\xxx\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx" => File/Directory not found. C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{740B3FD5-4483-469D-BE7F-8555B153BD04} => Moved successfully. HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0 => Key deleted successfully. "C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll" => not found. HKLM\Software\Wow6432Node\MozillaPlugins\@nexon.net/NxGame => Key deleted successfully. C:\ProgramData\NexonUS\NGM\npNxGameUS.dll not found. HKLM\Software\Wow6432Node\MozillaPlugins\@ngm.nexoneu.com/NxGame => Key deleted successfully. C:\ProgramData\NexonEU\NGM\npNxGameeu.dll not found. HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0 => Key deleted successfully. C:\Users\xxx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll not found. EagleX64 => Service deleted successfully. pccsmcfd => Service deleted successfully. SNP2UVC => Service deleted successfully. usbbus => Service deleted successfully. UsbDiag => Service deleted successfully. USBModem => Service deleted successfully. vproiah => Service deleted successfully. X6va011 => Service deleted successfully. "C:\ProgramData\wxDownload" => File/Directory not found. "C:\Users\xxx\AppData\Local\CRE" => File/Directory not found. "C:\Users\xxx\AppData\Local\Temp\ICReinstall_Setup.exe" => File/Directory not found. C:\Users\xxx\AppData\Roaming\0D1F1S1C1P0P1C1F1N1C1T1H2UtF1E1I => Moved successfully. "C:\Users\xxx\Desktop\Continue VuuPC Installation.lnk" => File/Directory not found. C:\Users\xxx\Downloads\Setup.exe => Moved successfully. ========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= type D:\autorun.inf ========= [AutoRun] ;wiijA ;xLvqmeyIYcOAuhmw mMIBWgnXfNT FtgrRjqnJfQ opEn= bvux.exe ;mldmER Shell\oPen\defAult=1 ;locmae VdKO adOCQLwrmd Mrebem bsMWjkGHne shell\Explore\CommAnd=bvux.exe sHEll\OPEn\cOMmanD = bvux.exe ;nGBaFd sHell\AutOplay\coMMAnd= bvux.exe ========= End of CMD: ========= ==== End of Fixlog ====