Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-08-2014 03 Ran by Preak at 2014-08-24 22:07:12 Run:1 Running from C:\Users\Preak\Desktop\logi Boot Mode: Normal ============================================== Content of fixlist: ***************** Task: {2CEEE7D4-F74D-419B-8736-7444B72F7956} - System32\Tasks\XonarSwitch\XonarSwitch => D:\Tmp\Rar$EXa0.559\XonarSwitch.exe Task: {45F45596-8F3B-4A40-888D-A4FCCB6E61AD} - \DealPlyLiveUpdateTaskMachineCore No Task File <==== ATTENTION Task: {4D490485-A8C1-4A79-85AB-632B19E028C3} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION Task: {58512C0A-9067-4DFA-95AC-E9A0E7D0337A} - System32\Tasks\temp_FreeHDSport TV V7.0-enabler => D:\Tmp\nsg2B28.tmp\FreeHDSport TV V7.0-enabler.exe <==== ATTENTION Task: {74C4F01F-21AF-4492-B9DE-5427B1255B0B} - \DealPlyUpdate No Task File <==== ATTENTION Task: {AC6FFA9D-B041-4EE7-95F0-C6FD5B03A9AD} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION Task: {C4B74DA0-1379-4512-8970-FD52F24C12F0} - \DealPlyLiveUpdateTaskMachineUA No Task File <==== ATTENTION Task: {D045E619-D269-4DAE-B83E-1C5D338EAE22} - \TubeSaver Update No Task File <==== ATTENTION Task: {EB767E61-1295-4038-9DA5-DE56127BCA99} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION AlternateDataStreams: C:\ProgramData\TEMP:05E9FFE5 AlternateDataStreams: C:\ProgramData\TEMP:58A5270D StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe Handler: WSIEChrome - {6D02ED5F-FD0D-4C4C - No File Handler-x32: WSIEChrome - {6D02ED5F-FD0D-4C4C - No File FF Plugin-x32: smpmozplug -> C:\Users\Preak\AppData\Local\SigmaPlayer\Sigma\npvlc.dll No File FF HKLM-x32\...\Firefox\Extensions: [Player@Wondershare.com] - C:\ProgramData\Wondershare\Player\Player@Wondershare.com FF HKCU\...\Firefox\Extensions: [{841531c9-338a-47e8-9724-864b3be7f84e}] - C:\Program Files (x86)\TubeSaver\131.xpi CHR HKLM-x32\...\Chrome\Extension: [aaaajccikcnncidhbokfncpooceanool] - C:\ProgramData\AskPartnerNetwork\Toolbar\SPCV7\CRX\ToolbarCR.crx [2013-04-01] CHR HKLM-x32\...\Chrome\Extension: [bkdegagmpemadclljncealhmmkojfoam] - C:\ProgramData\Wondershare\Player\Player@Wondershare.com.crx [2013-04-01] HKU\S-1-5-21-2973642986-523059004-888739316-1000\...\Run: [ASRockXTU] => [X] S3 ALSysIO; \??\D:\Temp\ALSysIO64.sys [X] S3 AsrCDDrv; \??\C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys [X] S3 Btcsrusb; System32\Drivers\btcusb.sys [X] S3 GPU-Z; \??\D:\Tmp\GPU-Z.sys [X] S2 s7sn2srtx; system32\DRIVERS\s7sn2srtx.sys [X] S2 SNTIE; system32\DRIVERS\sntie.sys [X] S3 VComm; system32\DRIVERS\VComm.sys [X] S3 VcommMgr; System32\Drivers\VcommMgr.sys [X] S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X] CMD: del /q C:\Windows\SysWOW64\sqlite3.dll RemoveDirectory: C:\ProgramData\TEMP RemoveDirectory: C:\AdwCleaner CMD: SET EmptyTemp: ***************** "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2CEEE7D4-F74D-419B-8736-7444B72F7956}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CEEE7D4-F74D-419B-8736-7444B72F7956}" => Key deleted successfully. C:\Windows\System32\Tasks\XonarSwitch\XonarSwitch => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\XonarSwitch\XonarSwitch" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{45F45596-8F3B-4A40-888D-A4FCCB6E61AD}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45F45596-8F3B-4A40-888D-A4FCCB6E61AD}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyLiveUpdateTaskMachineCore" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D490485-A8C1-4A79-85AB-632B19E028C3}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D490485-A8C1-4A79-85AB-632B19E028C3}" => Key deleted successfully. C:\Windows\System32\Tasks\Desk 365 RunAsStdUser => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58512C0A-9067-4DFA-95AC-E9A0E7D0337A}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58512C0A-9067-4DFA-95AC-E9A0E7D0337A}" => Key deleted successfully. C:\Windows\System32\Tasks\temp_FreeHDSport TV V7.0-enabler => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\temp_FreeHDSport TV V7.0-enabler" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74C4F01F-21AF-4492-B9DE-5427B1255B0B}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74C4F01F-21AF-4492-B9DE-5427B1255B0B}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{AC6FFA9D-B041-4EE7-95F0-C6FD5B03A9AD}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC6FFA9D-B041-4EE7-95F0-C6FD5B03A9AD}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4B74DA0-1379-4512-8970-FD52F24C12F0}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4B74DA0-1379-4512-8970-FD52F24C12F0}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyLiveUpdateTaskMachineUA" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D045E619-D269-4DAE-B83E-1C5D338EAE22}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D045E619-D269-4DAE-B83E-1C5D338EAE22}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TubeSaver Update" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB767E61-1295-4038-9DA5-DE56127BCA99}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB767E61-1295-4038-9DA5-DE56127BCA99}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline" => Key deleted successfully. C:\ProgramData\TEMP => ":05E9FFE5" ADS removed successfully. C:\ProgramData\TEMP => ":58A5270D" ADS removed successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. "HKCR\PROTOCOLS\Handler\WSIEChrome" => Key deleted successfully. "HKCR\Wow6432Node\PROTOCOLS\Handler\WSIEChrome" => Key not found. "HKLM\Software\Wow6432Node\MozillaPlugins\smpmozplug" => Key deleted successfully. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\Player@Wondershare.com => value deleted successfully. HKCU\Software\Mozilla\Firefox\Extensions\\{841531c9-338a-47e8-9724-864b3be7f84e} => value deleted successfully. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaajccikcnncidhbokfncpooceanool" => Key deleted successfully. "C:\ProgramData\AskPartnerNetwork\Toolbar\SPCV7\CRX\ToolbarCR.crx" => File/Directory not found. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bkdegagmpemadclljncealhmmkojfoam" => Key deleted successfully. "C:\ProgramData\Wondershare\Player\Player@Wondershare.com.crx" => File/Directory not found. HKU\S-1-5-21-2973642986-523059004-888739316-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ASRockXTU => value deleted successfully. ALSysIO => Service deleted successfully. AsrCDDrv => Service deleted successfully. Btcsrusb => Service deleted successfully. GPU-Z => Service deleted successfully. s7sn2srtx => Service deleted successfully. SNTIE => Service deleted successfully. VComm => Service deleted successfully. VcommMgr => Service deleted successfully. XFDriver64 => Service deleted successfully. ========= del /q C:\Windows\SysWOW64\sqlite3.dll ========= ========= End of CMD: ========= "C:\ProgramData\TEMP" => removed successfully. "C:\AdwCleaner" => removed successfully. ========= SET ========= ALLUSERSPROFILE=C:\ProgramData AMDAPPSDKROOT=C:\Program Files (x86)\AMD APP SDK\2.9\ APPDATA=C:\Users\Preak\AppData\Roaming CommonProgramFiles=C:\Program Files\Common Files CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files CommonProgramW6432=C:\Program Files\Common Files COMPUTERNAME=PREAK-PC ComSpec=C:\Windows\system32\cmd.exe CYGWIN=nodosfilewarning ESET_OPTIONS= FP_NO_HOST_CHECK=NO GPU_MAX_ALLOC_PERCENT=75 HOMEDRIVE=C: HOMEPATH=\Users\Preak LOCALAPPDATA=C:\Users\Preak\AppData\Local LOGONSERVER=\\PREAK-PC MOZ_PLUGIN_PATH=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ NUMBER_OF_PROCESSORS=4 OS=Windows_NT path=C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Windows Live\Shared PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROCESSOR_ARCHITECTURE=AMD64 PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=3a09 ProgramData=C:\ProgramData ProgramFiles=C:\Program Files ProgramFiles(x86)=C:\Program Files (x86) ProgramW6432=C:\Program Files PROMPT=$P$G PSModulePath=C:\Windows\system32\WindowsPowerShell\v1.0\Modules\ PUBLIC=C:\Users\Public RGSC=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\1_0_0_0 RGSCLauncher=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club SEE_MASK_NOZONECHECKS=1 SESSIONNAME=Console Simatic_OAM=C:\Program Files\Common Files\Siemens\Automation\Simatic OAM Simatic_OAM_DATA=C:\ProgramData\Siemens\Automation\Simatic OAM SystemDrive=C: SystemRoot=C:\Windows TEMP=C:\USERS\PREAK\APPDATA\LOCAL\TEMP TMP=C:\USERS\PREAK\APPDATA\LOCAL\TEMP USERDOMAIN=Preak-PC USERNAME=Preak USERPROFILE=C:\Users\Preak VS110COMNTOOLS=F:\Microsoft Visual Studio 11.0\Common7\Tools\ windir=C:\Windows windows_tracing_flags=3 windows_tracing_logfile=C:\BVTBin\Tests\installpackage\csilogfile.log ========= End of CMD: ========= EmptyTemp: => Removed 391.5 MB temporary data. The system needed a reboot. ==== End of Fixlog ====