Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:11-05-2014 01
Ran by Radek at 2014-05-14 00:50:12 Run:1
Running from F:\
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15425&l=dis
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - E:\Program Files\Ask.com\GenericAskToolbar.dll No File
BHO: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - E:\Program Files\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKLM - Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - E:\Program Files\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
HKLM\...\Run: [TimeSink Ad Client] => E:\Program Files\TimeSink\AdGateway\TsAdBot.exe [95744 1999-10-15] (Conducent Technologies, Inc.)
HKU\S-1-5-21-1957994488-73586283-682003330-1003\...\Run: [cbvcs] => E:\WINDOWS\System32\urretnd.exe
HKU\S-1-5-21-1957994488-73586283-682003330-1003\...\Run: [cdoosoft] => E:\DOCUME~1\RADEK~1.LZT\USTAWI~1\Temp\herss.exe <===== ATTENTION
S2 ADILOADER; System32\Drivers\adildr.sys [X]
S3 adiusbaw; System32\DRIVERS\adiusbaw.sys [X]
S4 hpt3xx; No ImagePath
S2 mvqpbaptc; E:\WINDOWS\system32\mamfpuyt.dll [164746 2004-08-04] ()
NETSVC: mvqpbaptc -> E:\WINDOWS\system32\mamfpuyt.dll ()
ListPermissions: E:\WINDOWS\system32\mamfpuyt.dll
E:\WINDOWS\system32\mamfpuyt.dll
E:\Program Files\TimeSink
E:\Documents and Settings\Radek.LZTU9NUP1182PY8\Ustawienia lokalne\Temp*.html
C:\autorun.VIR
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reboot:
*****************

HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} => Value deleted successfully.
HKCR\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} => Value deleted successfully.
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} => Value deleted successfully.
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\TimeSink Ad Client => Value deleted successfully.
HKU\S-1-5-21-1957994488-73586283-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run\\cbvcs => Value deleted successfully.
HKU\S-1-5-21-1957994488-73586283-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run\\cdoosoft => Value deleted successfully.
ADILOADER => Service deleted successfully.
adiusbaw => Service deleted successfully.
hpt3xx => Service deleted successfully.
mvqpbaptc => Service deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs mvqpbaptc => Value deleted successfully.
===================================
Permissions for "E:\WINDOWS\system32\mamfpuyt.dll":

Owner: BUILTIN\Administrators

DACL(P):

EVERYONE	ALLOW	0x100020	(NI)

===================================
Could not move "E:\WINDOWS\system32\mamfpuyt.dll" => Scheduled to move on reboot.
E:\Program Files\TimeSink => Moved successfully.
E:\Documents and Settings\Radek.LZTU9NUP1182PY8\Ustawienia lokalne\Temp*.html => Moved successfully.
C:\autorun.VIR => Moved successfully.

========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchScopes" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-05-14 00:54:39)<=

E:\WINDOWS\system32\mamfpuyt.dll => Is moved successfully.

==== End of Fixlog ====