Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-09-2014 Ran by Gerard at 2014-09-21 16:42:19 Run:2 Running from C:\Users\Gerard\Desktop\sdf Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: HKLM-x32\...\Run: [Freecorder FLV Service] => "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-264646996-2161709609-1433315882-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Gerard\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.) HKU\S-1-5-21-264646996-2161709609-1433315882-1000\...\Run: [dbcffdcdddgfdgfdgdfg] => "Ů" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\D-Link AirPlus.lnk Startup: C:\Users\Gerard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk S2 NMSAccessU; C:\Users\Gerard\AppData\Local\Temp\{D4C92CC8-9456-43FA-8CD1-12B016614C5D}\NMSAccessU.exe [X] S1 cfcktyca; \??\C:\Windows\system32\drivers\cfcktyca.sys [X] U4 eabfiltr; No ImagePath S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X] URLSearchHook: HKCU - (No Name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - No File SearchScopes: HKLM - {CE478A33-2406-4F47-9F8C-73DD77C7A8CC} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcnnbie7-pl-pl SearchScopes: HKLM-x32 - {CE478A33-2406-4F47-9F8C-73DD77C7A8CC} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcnnbie7-pl-pl SearchScopes: HKCU - {CE478A33-2406-4F47-9F8C-73DD77C7A8CC} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcnnbie7-pl-pl BHO-x32: AOL Toolbar BHO -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\Pasek narzędzi AOL 5.0\aoltb.dll (AOL LLC) Toolbar: HKCU - No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - No Name - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No File CHR HKLM-x32\...\Chrome\Extension: [dpgkoeinjnkgcieloaioiohencfcjjjc] - C:\ProgramData\Codecv\dpgkoeinjnkgcieloaioiohencfcjjjc.crx [] C:\Program Files (x86)\Mozilla Firefox C:\Program Files (x86)\Opera C:\Users\Gerard\AppData\Local\Opera Software C:\Users\Gerard\AppData\Roaming\Opera Software C:\Users\Gerard\AppData\Roaming\Mozilla C:\Windows\SysWOW64\sqlite3.dll Reg: reg delete HKCU\Software\Mozilla /f Reg: reg delete HKCU\Software\MozillaPlugins /f Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\mozilla.org /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f CMD: netsh advfirewall reset ***************** Processes closed successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Freecorder FLV Service => value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully. HKU\S-1-5-21-264646996-2161709609-1433315882-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value deleted successfully. HKU\S-1-5-21-264646996-2161709609-1433315882-1000\Software\Microsoft\Windows\CurrentVersion\Run\\dbcffdcdddgfdgfdgdfg => value deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\D-Link AirPlus.lnk => Moved successfully. C:\Users\Gerard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk => Moved successfully. NMSAccessU => Service deleted successfully. cfcktyca => Service deleted successfully. eabfiltr => Service deleted successfully. RtsUIR => Service deleted successfully. USBCCID => Service deleted successfully. HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7} => value deleted successfully. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CE478A33-2406-4F47-9F8C-73DD77C7A8CC}" => Key deleted successfully. "HKCR\CLSID\{CE478A33-2406-4F47-9F8C-73DD77C7A8CC}" => Key not found. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{CE478A33-2406-4F47-9F8C-73DD77C7A8CC}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{CE478A33-2406-4F47-9F8C-73DD77C7A8CC}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CE478A33-2406-4F47-9F8C-73DD77C7A8CC}" => Key deleted successfully. "HKCR\CLSID\{CE478A33-2406-4F47-9F8C-73DD77C7A8CC}" => Key not found. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}" => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{DE9C389F-3316-41A7-809B-AA305ED9D922} => value deleted successfully. "HKCR\Wow6432Node\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}" => Key deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} => value deleted successfully. "HKCR\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}" => Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully. "HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7} => value deleted successfully. "HKCR\CLSID\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}" => Key not found. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dpgkoeinjnkgcieloaioiohencfcjjjc" => Key deleted successfully. "C:\ProgramData\Codecv\dpgkoeinjnkgcieloaioiohencfcjjjc.crx" => File/Directory not found. C:\Program Files (x86)\Mozilla Firefox => Moved successfully. C:\Program Files (x86)\Opera => Moved successfully. C:\Users\Gerard\AppData\Local\Opera Software => Moved successfully. C:\Users\Gerard\AppData\Roaming\Opera Software => Moved successfully. C:\Users\Gerard\AppData\Roaming\Mozilla => Moved successfully. C:\Windows\SysWOW64\sqlite3.dll => Moved successfully. ========= reg delete HKCU\Software\Mozilla /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKCU\Software\MozillaPlugins /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\MozillaPlugins /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\mozilla.org /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= netsh advfirewall reset ========= Ok. ========= End of CMD: ========= The system needed a reboot. ==== End of Fixlog ====