Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 01-02-2014 03 Ran by Damian at 2014-02-04 17:02:27 Run:1 Running from C:\Users\Damian\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** Task: {D64769F2-8FE8-43AE-9096-03083A1F7B21} - \Program aktualizacji online firmy InstallShield Software. No Task File HKU\S-1-5-21-3814756808-2815619750-2659763186-1000\...\Run: [minerd] - C:\Users\Damian\AppData\Roaming\minerd\nircmd.exe [44032 2013-08-11] (NirSoft) SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {043C5167-00BB-4324-AF7E-62013FAEDACF} URL = http://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://startsear.ch/?aff=1&src=sp&cf=56202236-f75e-11e0-ba8f-00242cc7b1bc&q={searchTerms} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=4EAF000000000007&affID=121564&tsp=4963 SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=PV&apn_dtid=YYYYYYYYPL&apn_uid=1F678C85-2F83-4151-A73B-BD3A0E65147B&apn_sauid=D10F27C5-7124-4EEC-9F66-56E571CAA75C BHO: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No File FF user.js: detected! => C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\zq7o3gyl.default\user.js FF DefaultSearchEngine: Search the web FF SearchEngineOrder.1: Search the web FF SelectedSearchEngine: Search the web FF Keyword.URL: hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q= FF SearchPlugin: C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\zq7o3gyl.default\searchplugins\babylon.xml FF SearchPlugin: C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\zq7o3gyl.default\searchplugins\startsear.xml FF SearchPlugin: C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\zq7o3gyl.default\searchplugins\web-search.xml CHR HKLM\...\Chrome\Extension: [bildoibdboopgomcbiplincneeicgipj] - C:\Program Files\StartSearch plugin\startsplg.crx [2013-06-15] CHR HKLM\...\Chrome\Extension: [edcbaedcbaedcbaedcbaedcbaedcbajk] - C:\Program Files\vShare.tv plugin\vshareplg.crx [2011-08-31] CHR HKLM\...\Chrome\Extension: [kpionmjnkbpcdpcflammlgllecmejgjj] - C:\Program Files\vShare.tv plugin\vshareplg.crx [2011-08-31] CHR HKLM\...\Chrome\Extension: [pbiamblgmkgbcgbcgejjgebalncpmhnp] - C:\Program Files\StartSearch plugin\vshareplg.crx [2011-08-31] S3 catchme; \??\C:\Users\Damian\AppData\Local\Temp\catchme.sys [x] S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [x] S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x] S3 emusba10; system32\DRIVERS\emusba10.sys [x] C:\Qoobox CMD: netsh winsock reset ***************** HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D64769F2-8FE8-43AE-9096-03083A1F7B21} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D64769F2-8FE8-43AE-9096-03083A1F7B21} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Program aktualizacji online firmy InstallShield Software. => Key deleted successfully. HKU\S-1-5-21-3814756808-2815619750-2659763186-1000\Software\Microsoft\Windows\CurrentVersion\Run\\minerd => Value not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => Key not found. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} => Key deleted successfully. HKCR\CLSID\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} => Key deleted successfully. C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\zq7o3gyl.default\user.js => Moved successfully. Firefox DefaultSearchEngine deleted successfully. Firefox SearchEngineOrder.1 deleted successfully. Firefox SelectedSearchEngine deleted successfully. Firefox Keyword.URL deleted successfully. C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\zq7o3gyl.default\searchplugins\babylon.xml => Moved successfully. C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\zq7o3gyl.default\searchplugins\startsear.xml => Moved successfully. C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\zq7o3gyl.default\searchplugins\web-search.xml => Moved successfully. HKLM\SOFTWARE\Google\Chrome\Extensions\bildoibdboopgomcbiplincneeicgipj => Key deleted successfully. "C:\Program Files\StartSearch plugin\startsplg.crx" => File/Directory not found. HKLM\SOFTWARE\Google\Chrome\Extensions\edcbaedcbaedcbaedcbaedcbaedcbajk => Key deleted successfully. "C:\Program Files\vShare.tv plugin\vshareplg.crx" => File/Directory not found. HKLM\SOFTWARE\Google\Chrome\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj => Key not found. "C:\Program Files\vShare.tv plugin\vshareplg.crx" => File/Directory not found. HKLM\SOFTWARE\Google\Chrome\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp => Key deleted successfully. "C:\Program Files\StartSearch plugin\vshareplg.crx" => File/Directory not found. catchme => Service deleted successfully. pccsmcfd => Service deleted successfully. RtsUIR => Service deleted successfully. USBCCID => Service deleted successfully. emusba10 => Service deleted successfully. C:\Qoobox => Moved successfully. ========= netsh winsock reset ========= Pomy�lnie zresetowano Winsock Catalog. Musisz ponownie uruchomi� komputer, aby uko�czy� resetowanie. ========= End of CMD: ========= ==== End of Fixlog ====