Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-10-2014 01 Ran by Łukasz at 2014-10-13 22:45:44 Run:1 Running from C:\Users\Łukasz\Desktop\Nowy folder Loaded Profile: Łukasz (Available profiles: Łukasz) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: S2 SecureUpdateSvc; C:\Program Files\Secure Speed Dial\IE\SecureUpdate.exe [2470736 2013-09-29] () <==== ATTENTION S1 prodrv06; C:\Windows\System32\drivers\prodrv06.sys [80768 2006-12-23] (Protection Technology) [File not signed] S0 prohlp02; C:\Windows\System32\drivers\prohlp02.sys [77120 2006-12-23] (Protection Technology) [File not signed] S0 prosync1; C:\Windows\System32\drivers\prosync1.sys [7136 2005-12-21] (Protection Technology) [File not signed] S0 sfhlp01; C:\Windows\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed] S3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [X] S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X] S3 gdrv; \??\C:\Windows\gdrv.sys [X] HKLM\...\Run: [] => [X] HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKLM\...\Policies\Explorer: [NoCDBurning] 0 HKLM\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-21-72358669-1429459929-3882325455-1001\...\Policies\Explorer\DisallowRun: [1] firefox.ex HKU\S-1-5-21-72358669-1429459929-3882325455-1001\...\Policies\Explorer: [DisallowRun] 1 Task: {0D7AC3C3-9895-476B-A622-278B6D07FAC7} - System32\Tasks\{9AE375D3-794A-439F-AA89-BBDA9C4ADE7C} => D:\Program Files\Aliens vs. Predator\AvP_Launcher.exe Task: {2211AD28-33DE-4FAE-BFD7-546CF6CFAE45} - System32\Tasks\{2D758E3B-B57C-4EA0-B558-95F623E74093} => D:\Program Files\Aliens vs. Predator\AvP_Launcher.exe Task: {2C59ECAF-3A27-4640-9F4B-519B05BDD70F} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION Task: {40568230-5FE2-4DF9-AF05-C56AA2751117} - System32\Tasks\Funmoods => C:\Users\UKASZ~1\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: {4F1A0845-824B-4A45-B5C7-AF4A0C8A47B2} - System32\Tasks\{C72E291E-944D-4245-B095-5716F9B51539} => C:\Program Files\ToonCar\ToonCar.exe Task: {9AC7795A-92BC-4EA0-ADAC-5A3004169408} - System32\Tasks\{07400950-FB0D-4C98-A46A-45854E653EA8} => C:\Users\Łukasz\Downloads\aresregular217_installer.exe Task: {E4F8177C-0F44-443A-A95F-5BC1A81B9D19} - System32\Tasks\{D9150BAC-2F13-4840-B0C2-F2CEFFBD5249} => C:\Program Files\ToonCar\ToonCar.exe URLSearchHook: HKLM - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} URLSearchHook: HKCU - (No Name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No File SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1382784589&from=cor&uid=ST3500418AS_9VM69DS1XXXX9VM69DS1&q={searchTerms} SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1382784589&from=cor&uid=ST3500418AS_9VM69DS1XXXX9VM69DS1&q={searchTerms} SearchScopes: HKCU - DefaultScope {A66D5352-6C24-4E3C-92FA-F212AE0C70D4} URL = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms} SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} SearchScopes: HKCU - {A66D5352-6C24-4E3C-92FA-F212AE0C70D4} URL = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms} SearchScopes: HKCU - {C28EF502-1C50-4B59-AD71-685788661ED1} URL = http://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^PL&apn_uid=80c83e2e-d9a9-40f8-a6bf-f535cb77d9e6&apn_sauid=30958367-7E38-477E-8820-86F0E561ACCE FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File CHR HKLM\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files\Common Files\Spigot\GC\saebay_1.0.crx [] CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx [] CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files\Common Files\Spigot\GC\coupons_2.3.crx [] CHR HKLM\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx [] C:\Program Files\Common Files\Spigot C:\Program Files\Mozilla Firefox\extensions C:\Program Files\Mozilla Firefox\plugins C:\Program Files\Secure Speed Dial C:\Users\Łukasz\AppData\Local\Google\Chrome C:\Windows\system32\%TMP% C:\Windows\System32\drivers\prodrv06.sys C:\Windows\System32\drivers\prohlp02.sys C:\Windows\System32\drivers\prosync1.sys C:\Windows\System32\drivers\sfhlp01.sys DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4ED7341F-1942-4623-A27C-9C4F3838172F} CMD: netsh winsock reset EmptyTemp: ***************** Processes closed successfully. SecureUpdateSvc => Service deleted successfully. prodrv06 => Service deleted successfully. prohlp02 => Service deleted successfully. prosync1 => Service deleted successfully. sfhlp01 => Service deleted successfully. NMIndexingService => Service deleted successfully. EagleNT => Service deleted successfully. gdrv => Service deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoCDBurning => value deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewContextMenu => value deleted successfully. HKU\S-1-5-21-72358669-1429459929-3882325455-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\\1 => value deleted successfully. HKU\S-1-5-21-72358669-1429459929-3882325455-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisallowRun => value deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D7AC3C3-9895-476B-A622-278B6D07FAC7}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D7AC3C3-9895-476B-A622-278B6D07FAC7}" => Key deleted successfully. C:\Windows\System32\Tasks\{9AE375D3-794A-439F-AA89-BBDA9C4ADE7C} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9AE375D3-794A-439F-AA89-BBDA9C4ADE7C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2211AD28-33DE-4FAE-BFD7-546CF6CFAE45}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2211AD28-33DE-4FAE-BFD7-546CF6CFAE45}" => Key deleted successfully. C:\Windows\System32\Tasks\{2D758E3B-B57C-4EA0-B558-95F623E74093} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2D758E3B-B57C-4EA0-B558-95F623E74093}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2C59ECAF-3A27-4640-9F4B-519B05BDD70F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C59ECAF-3A27-4640-9F4B-519B05BDD70F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40568230-5FE2-4DF9-AF05-C56AA2751117}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40568230-5FE2-4DF9-AF05-C56AA2751117}" => Key deleted successfully. C:\Windows\System32\Tasks\Funmoods => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Funmoods" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F1A0845-824B-4A45-B5C7-AF4A0C8A47B2}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F1A0845-824B-4A45-B5C7-AF4A0C8A47B2}" => Key deleted successfully. C:\Windows\System32\Tasks\{C72E291E-944D-4245-B095-5716F9B51539} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C72E291E-944D-4245-B095-5716F9B51539}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9AC7795A-92BC-4EA0-ADAC-5A3004169408}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AC7795A-92BC-4EA0-ADAC-5A3004169408}" => Key deleted successfully. C:\Windows\System32\Tasks\{07400950-FB0D-4C98-A46A-45854E653EA8} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{07400950-FB0D-4C98-A46A-45854E653EA8}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4F8177C-0F44-443A-A95F-5BC1A81B9D19}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4F8177C-0F44-443A-A95F-5BC1A81B9D19}" => Key deleted successfully. C:\Windows\System32\Tasks\{D9150BAC-2F13-4840-B0C2-F2CEFFBD5249} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D9150BAC-2F13-4840-B0C2-F2CEFFBD5249}" => Key deleted successfully. HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} => value deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully. "HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\ToolbarSearchProviderProgress => value deleted successfully. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A66D5352-6C24-4E3C-92FA-F212AE0C70D4}" => Key deleted successfully. "HKCR\CLSID\{A66D5352-6C24-4E3C-92FA-F212AE0C70D4}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C28EF502-1C50-4B59-AD71-685788661ED1}" => Key deleted successfully. "HKCR\CLSID\{C28EF502-1C50-4B59-AD71-685788661ED1}" => Key not found. "HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc" => Key deleted successfully. C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll not found. "HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj" => Key deleted successfully. "C:\Program Files\Common Files\Spigot\GC\saebay_1.0.crx" => File/Directory not found. "HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj" => Key deleted successfully. "C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx" => File/Directory not found. "HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk" => Key deleted successfully. "C:\Program Files\Common Files\Spigot\GC\coupons_2.3.crx" => File/Directory not found. "HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp" => Key deleted successfully. "C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx" => File/Directory not found. "C:\Program Files\Common Files\Spigot" => File/Directory not found. C:\Program Files\Mozilla Firefox\extensions => Moved successfully. C:\Program Files\Mozilla Firefox\plugins => Moved successfully. C:\Program Files\Secure Speed Dial => Moved successfully. C:\Users\Łukasz\AppData\Local\Google\Chrome => Moved successfully. C:\Windows\system32\%TMP% => Moved successfully. C:\Windows\System32\drivers\prodrv06.sys => Moved successfully. C:\Windows\System32\drivers\prohlp02.sys => Moved successfully. C:\Windows\System32\drivers\prosync1.sys => Moved successfully. C:\Windows\System32\drivers\sfhlp01.sys => Moved successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 => Failed to delete key at first attempt (Error: C0000121), see next line. HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 => Key Deleted Successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4ED7341F-1942-4623-A27C-9C4F3838172F} => Key Deleted successfully. ========= netsh winsock reset ========= Pomylnie zresetowano Winsock Catalog. Musisz ponownie uruchomi komputer, aby ukoczy resetowanie. ========= End of CMD: ========= EmptyTemp: => Removed 129 MB temporary data. The system needed a reboot. ==== End of Fixlog ====