Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 06-12-2014 02 Ran by Administrator at 2014-12-08 17:38:27 Run:1 Running from C:\ Loaded Profile: Administrator (Available profiles: OI & Administrator) Boot Mode: Safe Mode (minimal) ============================================== Content of fixlist: ***************** CloseProcesses: Task: C:\WINDOWS\Tasks\SYSTEM.job => C:\Documents and Settings\All Users\Dane aplikacji\wmc.exe <==== ATTENTION R1 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [16877 2002-07-17] (Adaptec) [File not signed] S3 gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [85969 2009-01-23] (GMER) [File not signed] S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X] S3 adiusbaw; system32\DRIVERS\adiusbaw.sys [X] S3 C-Dilla; \??\C:\WINDOWS\system32\drivers\CDANT.SYS [X] S3 cpuz130; \??\d:\Temp\cpuz130\cpuz_x32.sys [X] S3 hamachi; system32\DRIVERS\hamachi.sys [X] S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X] S3 LHidUsbK; System32\Drivers\LHidUsbK.Sys [X] S3 LMouKE; system32\DRIVERS\LMouKE.Sys [X] S3 Ser2pl; system32\DRIVERS\ser2pl.sys [X] S3 sony_ssm.sys; \??\d:\Temp\sony_ssm.sys [X] S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X] HKU\S-1-5-21-823518204-1614895754-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION ProxyServer: [S-1-5-21-823518204-1614895754-839522115-1003] => : HKU\S-1-5-21-823518204-1614895754-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://pl.yahoo.com?fr=fp-comodo HKU\S-1-5-21-823518204-1614895754-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\S-1-5-21-823518204-1614895754-839522115-1003 -> DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://pl.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo SearchScopes: HKU\S-1-5-21-823518204-1614895754-839522115-1003 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://pl.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo BHO: FGCatchUrl -> {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} -> d:\Program Files\FlashGet\jccatch.dll No File FF DefaultSearchEngine: Yahoo FF SelectedSearchEngine: Yahoo FF Keyword.URL: hxxp://pl.search.yahoo.com/search?fr=ytff-comodo&p= FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 -> d:\Program Files\DivX\DivX Content Uploader\npUpload.dll No File FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension CustomCLSID: HKU\S-1-5-21-823518204-1614895754-839522115-1003_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> D:\Program Files\AutoCAD 2007\acad.exe /Automation No File CustomCLSID: HKU\S-1-5-21-823518204-1614895754-839522115-1003_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> D:\Program Files\AutoCAD 2007\acad.exe No File C:\Documents and Settings\All Users\Dane aplikacji\wmc.exe C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension C:\WINDOWS\system32\Drivers\Aspi32.sys C:\WINDOWS\System32\DRIVERS\gmer.sys C:\WINDOWS\system32\drivers\VBoxNetAdp.sys Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main" /f CMD: sc delete VBoxNetAdp Hosts: EmptyTemp: ***************** Processes closed successfully. C:\WINDOWS\Tasks\SYSTEM.job => Moved successfully. Aspi32 => Service deleted successfully. gmer => Service deleted successfully. ACDaemon => Service deleted successfully. adiusbaw => Service deleted successfully. C-Dilla => Service deleted successfully. cpuz130 => Service deleted successfully. hamachi => Service deleted successfully. hwusbfake => Service deleted successfully. LHidUsbK => Service deleted successfully. LMouKE => Service deleted successfully. Ser2pl => Service deleted successfully. sony_ssm.sys => Service deleted successfully. sptd => Service deleted successfully. VBoxNetFlt => Service deleted successfully. "HKU\S-1-5-21-823518204-1614895754-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key not found. HKU\S-1-5-21-823518204-1614895754-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value not found. HKU\S-1-5-21-823518204-1614895754-839522115-1003\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value. HKU\S-1-5-21-823518204-1614895754-839522115-1003\Software\Microsoft\Internet Explorer\Main\\Search Page => Error setting value. HKU\S-1-5-21-823518204-1614895754-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found. "HKU\S-1-5-21-823518204-1614895754-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}" => Key not found. "HKCR\CLSID\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}" => Key not found. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}" => Key deleted successfully. "HKCR\CLSID\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}" => Key deleted successfully. Firefox DefaultSearchEngine deleted successfully. Firefox SelectedSearchEngine deleted successfully. Firefox Keyword.URL deleted successfully. "HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0" => Key deleted successfully. "HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully. HKLM\Software\Mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} => value deleted successfully. "HKU\S-1-5-21-823518204-1614895754-839522115-1003_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}" => Key not found. "HKU\S-1-5-21-823518204-1614895754-839522115-1003_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}" => Key not found. "C:\Documents and Settings\All Users\Dane aplikacji\wmc.exe" => File/Directory not found. C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension => Moved successfully. C:\WINDOWS\system32\Drivers\Aspi32.sys => Moved successfully. C:\WINDOWS\System32\DRIVERS\gmer.sys => Moved successfully. C:\WINDOWS\system32\drivers\VBoxNetAdp.sys => Moved successfully. ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= sc delete VBoxNetAdp ========= [SC] DeleteService SUCCESS ========= End of CMD: ========= C:\Windows\System32\Drivers\etc\hosts => Moved successfully. Hosts was reset successfully. EmptyTemp: => Removed 309.2 MB temporary data. The system needed a reboot. ==== End of Fixlog ====