Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-05-2014 Ran by oem at 2014-05-18 14:50:36 Run:1 Running from D:\Pobierane\naprawa Boot Mode: Normal ============================================== Content of fixlist: ***************** HKU\S-1-5-21-178726868-3365838391-836067975-1000\...0c966feabec1\InprocServer32: [Default-shell32] C:\Users\oem\AppData\Local\{6ac2c385-67cc-1eac-dbda-09cfdcfa762c}\n. ATTENTION! ====> ZeroAccess/Alureon? C:\Users\oem\AppData\Local\{6ac2c385-67cc-1eac-dbda-09cfdcfa762c} AppInit_DLLs: D:\PROGRA~1\KASPER~1\x64\sbhook64.dll => D:\PROGRA~1\KASPER~1\x64\sbhook64.dll File Not Found AppInit_DLLs: ,D:\PROGRA~1\KASPER~1\x64\kloehk.dll => D:\PROGRA~1\KASPER~1\x64\kloehk.dll File Not Found Winlogon\Notify\klogon: %SystemRoot%\System32\klogon.dll [X] FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File Task: {154599B6-6AF4-4BDB-942E-7166BBF538BA} - System32\Tasks\{E6F38033-62B2-4BCE-8754-01B455421EEB} => Firefox.exe Task: {399A65CD-EA43-409E-9594-37FF95714E78} - System32\Tasks\{6D29904B-7D0D-4A0F-93EC-8D5A7FAE889A} => D:\Gry\Heroes of Might and Magic III - Zlota Edycja\Heroes3.exe Task: {998F1DBE-8A31-4429-9167-72C21C907563} - System32\Tasks\{7791A1B6-F87F-489F-9A71-120692C8368B} => Firefox.exe Task: {A3C14CAC-C485-4E9A-8685-4CCE8B8B47D2} - System32\Tasks\{E197745C-E78C-4FBF-BA22-AA5FE2EE5B2B} => D:\Gry\Heroes of Might and Magic III - Zlota Edycja\Heroes3.exe Task: {D303FCC7-217F-4B4F-B4CD-7D1B888944DD} - System32\Tasks\{44DDAF17-F788-4FF8-B8AB-9859DEB3096B} => D:\Instalki\instalki gier\FIFA 13\Game\fifa13.exe Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f Reboot: ***************** HKU\S-1-5-21-178726868-3365838391-836067975-1000\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} => Key deleted successfully. C:\Users\oem\AppData\Local\{6ac2c385-67cc-1eac-dbda-09cfdcfa762c} => Moved successfully. "D:\PROGRA~1\KASPER~1\x64\sbhook64.dll" => Value Data removed successfully. ",D:\PROGRA~1\KASPER~1\x64\kloehk.dll" => Value Data removed successfully. HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon => Key deleted successfully. HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc => Key deleted successfully. C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{154599B6-6AF4-4BDB-942E-7166BBF538BA} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{154599B6-6AF4-4BDB-942E-7166BBF538BA} => Key deleted successfully. C:\Windows\System32\Tasks\{E6F38033-62B2-4BCE-8754-01B455421EEB} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E6F38033-62B2-4BCE-8754-01B455421EEB} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{399A65CD-EA43-409E-9594-37FF95714E78} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{399A65CD-EA43-409E-9594-37FF95714E78} => Key deleted successfully. C:\Windows\System32\Tasks\{6D29904B-7D0D-4A0F-93EC-8D5A7FAE889A} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6D29904B-7D0D-4A0F-93EC-8D5A7FAE889A} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{998F1DBE-8A31-4429-9167-72C21C907563} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{998F1DBE-8A31-4429-9167-72C21C907563} => Key deleted successfully. C:\Windows\System32\Tasks\{7791A1B6-F87F-489F-9A71-120692C8368B} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7791A1B6-F87F-489F-9A71-120692C8368B} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3C14CAC-C485-4E9A-8685-4CCE8B8B47D2} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3C14CAC-C485-4E9A-8685-4CCE8B8B47D2} => Key deleted successfully. C:\Windows\System32\Tasks\{E197745C-E78C-4FBF-BA22-AA5FE2EE5B2B} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E197745C-E78C-4FBF-BA22-AA5FE2EE5B2B} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D303FCC7-217F-4B4F-B4CD-7D1B888944DD} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D303FCC7-217F-4B4F-B4CD-7D1B888944DD} => Key deleted successfully. C:\Windows\System32\Tasks\{44DDAF17-F788-4FF8-B8AB-9859DEB3096B} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{44DDAF17-F788-4FF8-B8AB-9859DEB3096B} => Key deleted successfully. ========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= The system needed a reboot. ==== End of Fixlog ====