Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 21-01-2014 Ran by xp at 2014-01-21 22:28:32 Run:1 Running from C:\Documents and Settings\xp\Moje dokumenty\Pobieranie Boot Mode: Normal ============================================== Content of fixlist: ***************** MountPoints2: {006b2d82-c6e4-11e2-8523-806d6172696f} - C:\jukvds.exe MountPoints2: {006b2d83-c6e4-11e2-8523-806d6172696f} - D:\oeeln.pif MountPoints2: {1a049c80-cd92-11e2-95a3-806d6172696f} - E:\wtjg.exe MountPoints2: {2cf5afa0-2125-11e3-ae5f-00400581d323} - L:\wrcqsh.pif MountPoints2: {2cf5afa1-2125-11e3-ae5f-00400581d323} - M:\uphxbk.pif MountPoints2: {6da122d0-ed4d-11e2-adb3-00400581d323} - K:\lrebs.exe MountPoints2: {aee2d310-cec3-11e2-acf2-00400581d323} - F:\rjwus.pif MountPoints2: {aee2d311-cec3-11e2-acf2-00400581d323} - G:\gfxp.pif MountPoints2: {aee2d312-cec3-11e2-acf2-00400581d323} - H:\loxvh.pif MountPoints2: {aee2d313-cec3-11e2-acf2-00400581d323} - I:\emqqqa.pif S3 amsint32; \??\C:\WINDOWS\system32\drivers\hkukqn.sys [x] HKLM\...\Runonce: [] - [x] () C:\Documents and Settings\All Users\Dane aplikacji\QuickSet\GS-Enabler\GS-Enabler.exe R2 fe885e3d; C:\Program Files\GS-Enabler\BrowsafeSvc.dll [180048 2013-12-27] () Task: C:\WINDOWS\Tasks\PC Performer_UPDATES.job => C:\Program Files\PC Performer\PCPerformer.exe Task: C:\WINDOWS\Tasks\PC Performer_DEFAULT.job => C:\Program Files\PC Performer\PCPerformer.exe Task: C:\WINDOWS\Tasks\GoforFilesUpdate.job => C:\Program Files\GoforFiles\GFFUpdater.exe Task: C:\WINDOWS\Tasks\GS-Enabler-S-401810099.job => c:\documents and settings\all users\dane aplikacji\quickset\gs-enabler\GS-Enabler.exe AppInit_DLLs: c:\progra~1\gs-ena~1\browsafe.dll => C:\Program Files\GS-Enabler\Browsafe.dll [4370944 2013-12-27] () BHO: RAndoumPrIce - {668F4656-CE6E-9062-EA3F-2639A3EE8627} - C:\Documents and Settings\All Users\Dane aplikacji\RAndoumPrIce\P.dll () BHO: BitSaVeir - {F056AC66-184B-0222-C6C0-0B10CCD0FF23} - C:\Documents and Settings\All Users\Dane aplikacji\BitSaVeir\uZ.dll () Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.doko-search.com/?babsrc=HP_ss&mntrId=48EC00400581D323&affID=125839&tsp=5039 HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=66022 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.myplaycity.com/ HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66022 HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66022 CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION C:\Documents and Settings\All Users\Dane aplikacji\Ask C:\Documents and Settings\All Users\Dane aplikacji\Babylon C:\Documents and Settings\All Users\Dane aplikacji\StarApp C:\Documents and Settings\All Users\Dane aplikacji\TEMP C:\Documents and Settings\All Users\Dane aplikacji\pldlpfnpjijmiaechenliodplpgncdlc C:\Documents and Settings\xp\Dane aplikacji\PerformerSoft C:\Documents and Settings\xp\Dane aplikacji\VideoDownloadConverter_4z C:\Documents and Settings\xp\Dane aplikacji\Babylon C:\Documents and Settings\xp\Dane aplikacji\OpenCandy C:\Documents and Settings\xp\Dane aplikacji\GoforFiles C:\Documents and Settings\xp\Dane aplikacji\VideoDrivers C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\Comodo C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\Google C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\Torch C:\Documents and Settings\Administrator C:\Documents and Settings\Gość C:\Documents and Settings\Pomocnik C:\Documents and Settings\SUPPORT_388945a0 C:\autorun.inf C:\jukvds.exe D:\autorun.inf D:\oeeln.pif E:\autorun.inf E:\wtjg.exe F:\autorun.inf F:\rjwus.pif G:\AutoRun.exe G:\autorun.inf G:\gfxp.pif H:\autorun.inf H:\loxvh.pif I:\autorun.inf I:\emqqqa.pif L:\autorun.inf L:\dvtu.pif H:\extensions H:\Conduit H:\searchplugins CMD: netsh firewall reset Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete HKLM\SOFTWARE\Google /f ***************** HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{006b2d82-c6e4-11e2-8523-806d6172696f} => Key deleted successfully. HKCR\CLSID\{006b2d82-c6e4-11e2-8523-806d6172696f} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{006b2d83-c6e4-11e2-8523-806d6172696f} => Key deleted successfully. HKCR\CLSID\{006b2d83-c6e4-11e2-8523-806d6172696f} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1a049c80-cd92-11e2-95a3-806d6172696f} => Key deleted successfully. HKCR\CLSID\{1a049c80-cd92-11e2-95a3-806d6172696f} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2cf5afa0-2125-11e3-ae5f-00400581d323} => Key deleted successfully. HKCR\CLSID\{2cf5afa0-2125-11e3-ae5f-00400581d323} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2cf5afa1-2125-11e3-ae5f-00400581d323} => Key deleted successfully. HKCR\CLSID\{2cf5afa1-2125-11e3-ae5f-00400581d323} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6da122d0-ed4d-11e2-adb3-00400581d323} => Key deleted successfully. HKCR\CLSID\{6da122d0-ed4d-11e2-adb3-00400581d323} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aee2d310-cec3-11e2-acf2-00400581d323} => Key deleted successfully. HKCR\CLSID\{aee2d310-cec3-11e2-acf2-00400581d323} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aee2d311-cec3-11e2-acf2-00400581d323} => Key deleted successfully. HKCR\CLSID\{aee2d311-cec3-11e2-acf2-00400581d323} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aee2d312-cec3-11e2-acf2-00400581d323} => Key deleted successfully. HKCR\CLSID\{aee2d312-cec3-11e2-acf2-00400581d323} => Key not found. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aee2d313-cec3-11e2-acf2-00400581d323} => Key deleted successfully. HKCR\CLSID\{aee2d313-cec3-11e2-acf2-00400581d323} => Key not found. amsint32 => Service deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ => Value not found. [908] C:\Documents and Settings\All Users\Dane aplikacji\QuickSet\GS-Enabler\GS-Enabler.exe => Process closed successfully. fe885e3d => Service deleted successfully. C:\WINDOWS\Tasks\PC Performer_UPDATES.job => Moved successfully. C:\WINDOWS\Tasks\PC Performer_DEFAULT.job => Moved successfully. C:\WINDOWS\Tasks\GoforFilesUpdate.job => Moved successfully. Could not move "C:\WINDOWS\Tasks\GS-Enabler-S-401810099.job" => Scheduled to move on reboot. "c:\\progra~1\\gs-ena~1\\browsafe.dll" => Value Data removed successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{668F4656-CE6E-9062-EA3F-2639A3EE8627} => Key deleted successfully. HKCR\CLSID\{668F4656-CE6E-9062-EA3F-2639A3EE8627} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F056AC66-184B-0222-C6C0-0B10CCD0FF23} => Key deleted successfully. HKCR\CLSID\{F056AC66-184B-0222-C6C0-0B10CCD0FF23} => Key deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully. HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} => Value deleted successfully. HKCR\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} => Key not found. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\SearchAssistant => Value deleted successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\CustomizeSearch => Value deleted successfully. HKLM\SOFTWARE\Policies\Google => Key deleted successfully. C:\Documents and Settings\All Users\Dane aplikacji\Ask => Moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\Babylon => Moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\StarApp => Moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\TEMP => Moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\pldlpfnpjijmiaechenliodplpgncdlc => Moved successfully. C:\Documents and Settings\xp\Dane aplikacji\PerformerSoft => Moved successfully. C:\Documents and Settings\xp\Dane aplikacji\VideoDownloadConverter_4z => Moved successfully. C:\Documents and Settings\xp\Dane aplikacji\Babylon => Moved successfully. C:\Documents and Settings\xp\Dane aplikacji\OpenCandy => Moved successfully. C:\Documents and Settings\xp\Dane aplikacji\GoforFiles => Moved successfully. C:\Documents and Settings\xp\Dane aplikacji\VideoDrivers => Moved successfully. C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\Comodo => Moved successfully. C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\Google => Moved successfully. C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\Torch => Moved successfully. C:\Documents and Settings\Administrator => Moved successfully. C:\Documents and Settings\Gość => Moved successfully. C:\Documents and Settings\Pomocnik => Moved successfully. C:\Documents and Settings\SUPPORT_388945a0 => Moved successfully. C:\autorun.inf => Moved successfully. C:\jukvds.exe => Moved successfully. D:\autorun.inf => Moved successfully. D:\oeeln.pif => Moved successfully. E:\autorun.inf => Moved successfully. E:\wtjg.exe => Moved successfully. F:\autorun.inf => Moved successfully. F:\rjwus.pif => Moved successfully. G:\AutoRun.exe => Moved successfully. G:\autorun.inf => Moved successfully. G:\gfxp.pif => Moved successfully. H:\autorun.inf => Moved successfully. H:\loxvh.pif => Moved successfully. I:\autorun.inf => Moved successfully. I:\emqqqa.pif => Moved successfully. "L:\autorun.inf" => File/Directory not found. "L:\dvtu.pif" => File/Directory not found. H:\extensions => Moved successfully. H:\Conduit => Moved successfully. H:\searchplugins => Moved successfully. ========= netsh firewall reset ========= Ok. ========= End of CMD: ========= ========= reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Google /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= => Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-01-21 22:31:06)<= C:\WINDOWS\Tasks\GS-Enabler-S-401810099.job => Is moved successfully. ==== End of Fixlog ====