Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-10-2014 Ran by mclol27 at 2014-10-23 15:37:58 Run:1 Running from C:\Users\mclol27\Desktop\Nowy folder Loaded Profile: mclol27 (Available profiles: mclol27) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /svc [X] S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /medsvc [X] S2 Update PodoWeb; "C:\Program Files (x86)\PodoWeb\updatePodoWeb.exe" [X] Task: {0301A080-224C-41ED-B6C6-B6D42B962156} - \9adf53e4-212c-4d9d-8c1c-3e2937367e09-4 No Task File <==== ATTENTION Task: {28CD87E1-D9FB-4B07-9F1C-A4F4D1AC4E0A} - \IXASRQ No Task File <==== ATTENTION Task: {58E46540-4509-40AA-8A85-52FF61D4F1ED} - System32\Tasks\{8B91C7C8-9555-4AB5-8D5C-C2C6E9E5A885} => D:\Games\The Evil Within\EvilWithin.exe Task: {667F6C59-441C-4051-A625-C9E557A98B7D} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION Task: {6F659E98-B769-4BAB-AEB9-82A739A06002} - \9adf53e4-212c-4d9d-8c1c-3e2937367e09-3 No Task File <==== ATTENTION Task: {79EF09E3-92C7-4CE6-9E47-D6128D329CCA} - \9adf53e4-212c-4d9d-8c1c-3e2937367e09-5 No Task File <==== ATTENTION Task: {7B7B2FE7-5A25-4F7B-BC05-C8E1AEA3442D} - \9adf53e4-212c-4d9d-8c1c-3e2937367e09-5_user No Task File <==== ATTENTION Task: {873962E1-63C0-4D52-9706-74E91000DEAD} - System32\Tasks\{5D5E6802-BE62-42B1-82B3-53780465D7E0} => D:\Games\The Evil Within\EvilWithin.exe Task: {8FEE4830-58BC-468B-BBA9-27A30B5A3539} - \9adf53e4-212c-4d9d-8c1c-3e2937367e09-6 No Task File <==== ATTENTION Task: {9A6CC848-03D5-4FB2-B24D-15E950D80ECC} - \9adf53e4-212c-4d9d-8c1c-3e2937367e09-1 No Task File <==== ATTENTION Task: {BD128E70-0B02-4229-B0FC-7D6649C70B63} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION Task: {DD14498C-3F43-4A20-9E8B-64C433DD220F} - \9adf53e4-212c-4d9d-8c1c-3e2937367e09-7 No Task File <==== ATTENTION Task: {DFF81067-660F-4417-BD73-B51F44F984C0} - \QFCXJ No Task File <==== ATTENTION Task: {EA0C2484-215B-48CD-9DEE-72E5E842423B} - \9adf53e4-212c-4d9d-8c1c-3e2937367e09-2 No Task File <==== ATTENTION Task: {FCF7B3AB-C8AA-4797-BA57-357B6A6E33D7} - \9adf53e4-212c-4d9d-8c1c-3e2937367e09-11 No Task File <==== ATTENTION Task: C:\Windows\Tasks\9adf53e4-212c-4d9d-8c1c-3e2937367e09-1.job => C:\Program Files (x86)\Senses\Senses-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\9adf53e4-212c-4d9d-8c1c-3e2937367e09-11.job => C:\Program Files (x86)\Senses\9adf53e4-212c-4d9d-8c1c-3e2937367e09-11.exe <==== ATTENTION Task: C:\Windows\Tasks\9adf53e4-212c-4d9d-8c1c-3e2937367e09-2.job => C:\Program Files (x86)\Senses\9adf53e4-212c-4d9d-8c1c-3e2937367e09-2.exe <==== ATTENTION Task: C:\Windows\Tasks\9adf53e4-212c-4d9d-8c1c-3e2937367e09-3.job => C:\Program Files (x86)\Senses\9adf53e4-212c-4d9d-8c1c-3e2937367e09-3.exe <==== ATTENTION Task: C:\Windows\Tasks\9adf53e4-212c-4d9d-8c1c-3e2937367e09-4.job => C:\Program Files (x86)\Senses\9adf53e4-212c-4d9d-8c1c-3e2937367e09-4.exe <==== ATTENTION Task: C:\Windows\Tasks\9adf53e4-212c-4d9d-8c1c-3e2937367e09-5.job => C:\Program Files (x86)\Senses\9adf53e4-212c-4d9d-8c1c-3e2937367e09-5.exe <==== ATTENTION Task: C:\Windows\Tasks\9adf53e4-212c-4d9d-8c1c-3e2937367e09-5_user.job => C:\Program Files (x86)\Senses\9adf53e4-212c-4d9d-8c1c-3e2937367e09-5.exe <==== ATTENTION Task: C:\Windows\Tasks\9adf53e4-212c-4d9d-8c1c-3e2937367e09-6.job => C:\Program Files (x86)\Senses\9adf53e4-212c-4d9d-8c1c-3e2937367e09-6.exe <==== ATTENTION Task: C:\Windows\Tasks\9adf53e4-212c-4d9d-8c1c-3e2937367e09-7.job => C:\Program Files (x86)\Senses\9adf53e4-212c-4d9d-8c1c-3e2937367e09-7.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\IXASRQ.job => C:\Users\mclol27\AppData\Roaming\IXASRQ.exe <==== ATTENTION Task: C:\Windows\Tasks\QFCXJ.job => C:\Users\mclol27\AppData\Roaming\QFCXJ.exe <==== ATTENTION HKU\S-1-5-21-1596528824-3837721319-3267223105-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: No Name -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> No File C:\Program Files (x86)\globalUpdate C:\Program Files (x86)\Temp C:\ProgramData\APN C:\ProgramData\TEMP C:\Users\mclol27\AppData\Local\globalUpdate C:\Users\mclol27\AppData\Local\Google\Chrome\User Data\Default\Preferences C:\Users\mclol27\AppData\Roaming\IXASRQ C:\Users\mclol27\AppData\Roaming\QFCXJ CMD: sc config "PLAY ONLINE. RunOuc" start= demand EmptyTemp: ***************** Processes closed successfully. globalUpdate => Service deleted successfully. globalUpdatem => Service deleted successfully. Update PodoWeb => Service deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0301A080-224C-41ED-B6C6-B6D42B962156}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0301A080-224C-41ED-B6C6-B6D42B962156}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9adf53e4-212c-4d9d-8c1c-3e2937367e09-4" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{28CD87E1-D9FB-4B07-9F1C-A4F4D1AC4E0A}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28CD87E1-D9FB-4B07-9F1C-A4F4D1AC4E0A}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IXASRQ" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58E46540-4509-40AA-8A85-52FF61D4F1ED}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58E46540-4509-40AA-8A85-52FF61D4F1ED}" => Key deleted successfully. C:\Windows\System32\Tasks\{8B91C7C8-9555-4AB5-8D5C-C2C6E9E5A885} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8B91C7C8-9555-4AB5-8D5C-C2C6E9E5A885}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{667F6C59-441C-4051-A625-C9E557A98B7D}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{667F6C59-441C-4051-A625-C9E557A98B7D}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6F659E98-B769-4BAB-AEB9-82A739A06002}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F659E98-B769-4BAB-AEB9-82A739A06002}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9adf53e4-212c-4d9d-8c1c-3e2937367e09-3" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{79EF09E3-92C7-4CE6-9E47-D6128D329CCA}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79EF09E3-92C7-4CE6-9E47-D6128D329CCA}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9adf53e4-212c-4d9d-8c1c-3e2937367e09-5" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7B7B2FE7-5A25-4F7B-BC05-C8E1AEA3442D}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B7B2FE7-5A25-4F7B-BC05-C8E1AEA3442D}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9adf53e4-212c-4d9d-8c1c-3e2937367e09-5_user" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{873962E1-63C0-4D52-9706-74E91000DEAD}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{873962E1-63C0-4D52-9706-74E91000DEAD}" => Key deleted successfully. C:\Windows\System32\Tasks\{5D5E6802-BE62-42B1-82B3-53780465D7E0} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5D5E6802-BE62-42B1-82B3-53780465D7E0}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8FEE4830-58BC-468B-BBA9-27A30B5A3539}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FEE4830-58BC-468B-BBA9-27A30B5A3539}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9adf53e4-212c-4d9d-8c1c-3e2937367e09-6" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9A6CC848-03D5-4FB2-B24D-15E950D80ECC}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A6CC848-03D5-4FB2-B24D-15E950D80ECC}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9adf53e4-212c-4d9d-8c1c-3e2937367e09-1" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD128E70-0B02-4229-B0FC-7D6649C70B63}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD128E70-0B02-4229-B0FC-7D6649C70B63}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DD14498C-3F43-4A20-9E8B-64C433DD220F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD14498C-3F43-4A20-9E8B-64C433DD220F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9adf53e4-212c-4d9d-8c1c-3e2937367e09-7" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DFF81067-660F-4417-BD73-B51F44F984C0}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFF81067-660F-4417-BD73-B51F44F984C0}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\QFCXJ" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EA0C2484-215B-48CD-9DEE-72E5E842423B}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA0C2484-215B-48CD-9DEE-72E5E842423B}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9adf53e4-212c-4d9d-8c1c-3e2937367e09-2" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FCF7B3AB-C8AA-4797-BA57-357B6A6E33D7}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCF7B3AB-C8AA-4797-BA57-357B6A6E33D7}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9adf53e4-212c-4d9d-8c1c-3e2937367e09-11" => Key deleted successfully. C:\Windows\Tasks\9adf53e4-212c-4d9d-8c1c-3e2937367e09-1.job => Moved successfully. C:\Windows\Tasks\9adf53e4-212c-4d9d-8c1c-3e2937367e09-11.job => Moved successfully. C:\Windows\Tasks\9adf53e4-212c-4d9d-8c1c-3e2937367e09-2.job => Moved successfully. C:\Windows\Tasks\9adf53e4-212c-4d9d-8c1c-3e2937367e09-3.job => Moved successfully. C:\Windows\Tasks\9adf53e4-212c-4d9d-8c1c-3e2937367e09-4.job => Moved successfully. C:\Windows\Tasks\9adf53e4-212c-4d9d-8c1c-3e2937367e09-5.job => Moved successfully. C:\Windows\Tasks\9adf53e4-212c-4d9d-8c1c-3e2937367e09-5_user.job => Moved successfully. C:\Windows\Tasks\9adf53e4-212c-4d9d-8c1c-3e2937367e09-6.job => Moved successfully. C:\Windows\Tasks\9adf53e4-212c-4d9d-8c1c-3e2937367e09-7.job => Moved successfully. C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => Moved successfully. C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => Moved successfully. C:\Windows\Tasks\IXASRQ.job => Moved successfully. C:\Windows\Tasks\QFCXJ.job => Moved successfully. HKU\S-1-5-21-1596528824-3837721319-3267223105-1000\Software\Microsoft\Windows\CurrentVersion\Run\\LiveSupport => value deleted successfully. "HKLM\Software\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10" => Key deleted successfully. "HKLM\Software\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4" => Key deleted successfully. "HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc" => Key deleted successfully. C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll not found. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}" => Key deleted successfully. "HKCR\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}" => Key not found. C:\Program Files (x86)\globalUpdate => Moved successfully. C:\Program Files (x86)\Temp => Moved successfully. C:\ProgramData\APN => Moved successfully. C:\ProgramData\TEMP => Moved successfully. C:\Users\mclol27\AppData\Local\globalUpdate => Moved successfully. C:\Users\mclol27\AppData\Local\Google\Chrome\User Data\Default\Preferences => Moved successfully. C:\Users\mclol27\AppData\Roaming\IXASRQ => Moved successfully. C:\Users\mclol27\AppData\Roaming\QFCXJ => Moved successfully. ========= sc config "PLAY ONLINE. RunOuc" start= demand ========= [SC] ChangeServiceConfig SUKCES ========= End of CMD: ========= EmptyTemp: => Removed 2.2 GB temporary data. The system needed a reboot. ==== End of Fixlog ====