Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-10-2014 02 Ran by Browar at 2014-10-14 19:59:37 Run:1 Running from C:\Users\Browar\Desktop Loaded Profiles: Browar & UpdatusUser (Available profiles: Browar & UpdatusUser) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: Task: {1AEE119F-760A-4150-990F-A75A1A404E28} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: {1DFA156A-4915-4A0A-8BB1-7C3AC1A72D75} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: {D380FB98-5EC8-4B43-BD4E-8A021DA271B1} - System32\Tasks\PenWes => C:\Program Files (x86)\PenWes\penwes.exe [2013-10-19] () <==== ATTENTION R2 PenWesController; C:\Program Files (x86)\Penwes\PenwesService.exe [1515008 2013-10-19] () [File not signed] S2 cmdAgent; No ImagePath S2 atksgt; No ImagePath S3 DCamUSBSTK03N; No ImagePath GroupPolicyUsers\S-1-5-21-2675937309-2342803569-238252381-1001\User: Group Policy restriction detected <======= ATTENTION SearchScopes: HKLM - {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://www.sweet-page.com/web/?type=ds&ts=1403785389&from=cor&uid=HitachiXHTS547550A9E384_J2150050CV0DUCCV0DUCX&q={searchTerms} SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKCU - {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://www.sweet-page.com/web/?type=ds&ts=1403785389&from=cor&uid=HitachiXHTS547550A9E384_J2150050CV0DUCCV0DUCX&q={searchTerms} SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://fr.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo C:\Program Files (x86)\Mozilla Firefox\extensions C:\Program Files (x86)\Mozilla Firefox\plugins C:\Program Files (x86)\PenWes C:\Program Files (x86)\StartSearch plugin C:\ProgramData\Penwes C:\Windows\System32\Tasks\COMODO DeleteKey: HKLM\SOFTWARE\Wow6432Node\Google\Chrome DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LiveVDO plugin EmptyTemp: ***************** Processes closed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{1AEE119F-760A-4150-990F-A75A1A404E28}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AEE119F-760A-4150-990F-A75A1A404E28}" => Key deleted successfully. C:\Windows\System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1DFA156A-4915-4A0A-8BB1-7C3AC1A72D75}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DFA156A-4915-4A0A-8BB1-7C3AC1A72D75}" => Key deleted successfully. C:\Windows\System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D380FB98-5EC8-4B43-BD4E-8A021DA271B1}" => Key not found. C:\Windows\System32\Tasks\PenWes not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PenWes" => Key not found. PenWesController => Service not found. cmdAgent => Error deleting Service atksgt => Service deleted successfully. DCamUSBSTK03N => Service deleted successfully. C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2675937309-2342803569-238252381-1001\User => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}" => Key deleted successfully. "HKCR\CLSID\{31090377-0740-419E-BEFC-A56E50500D5B}" => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}" => Key deleted successfully. "HKCR\CLSID\{31090377-0740-419E-BEFC-A56E50500D5B}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}" => Key deleted successfully. "HKCR\CLSID\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}" => Key not found. C:\Program Files (x86)\Mozilla Firefox\extensions => Moved successfully. C:\Program Files (x86)\Mozilla Firefox\plugins => Moved successfully. "C:\Program Files (x86)\PenWes" => File/Directory not found. C:\Program Files (x86)\StartSearch plugin => Moved successfully. "C:\ProgramData\Penwes" => File/Directory not found. C:\Windows\System32\Tasks\COMODO => Moved successfully. HKLM\SOFTWARE\Wow6432Node\Google\Chrome => Failed to delete key at first attempt (Error: C0000121), see next line. HKLM\SOFTWARE\Wow6432Node\Google\Chrome => Key Deleted Successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LiveVDO plugin => Key Deleted successfully. EmptyTemp: => Removed 384.4 MB temporary data. The system needed a reboot. ==== End of Fixlog ====