Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-12-2014 01 Ran by Jola at 2014-12-08 18:38:29 Run:2 Running from C:\Documents and Settings\Jola\Pulpit Loaded Profiles: Jola & Administrator (Available profiles: Jola & Administrator) Boot Mode: Safe Mode (with Networking) ============================================== Content of fixlist: ***************** CloseProcesses: Task: C:\WINDOWS\Tasks\ef9eb1df-f680-4256-a623-cf0a11590988-1.job => C:\Program Files\Apps Hat\Apps Hat-codedownloader.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\ef9eb1df-f680-4256-a623-cf0a11590988-11.job => C:\Program Files\Apps Hat\ef9eb1df-f680-4256-a623-cf0a11590988-11.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\ef9eb1df-f680-4256-a623-cf0a11590988-2.job => C:\Program Files\Apps Hat\ef9eb1df-f680-4256-a623-cf0a11590988-2.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\ef9eb1df-f680-4256-a623-cf0a11590988-4.job => C:\Program Files\Apps Hat\ef9eb1df-f680-4256-a623-cf0a11590988-4.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\ef9eb1df-f680-4256-a623-cf0a11590988-5.job => C:\Program Files\Apps Hat\ef9eb1df-f680-4256-a623-cf0a11590988-5.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Math Problem Solver CPU.job => C:\Documents and Settings\Jola\Ustawienia lokalne\Dane aplikacji\Math Problem Solver\cpu\Solve.exe S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-08] (globalUpdate) [File not signed] S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-08] (globalUpdate) [File not signed] S2 IePluginServices; C:\Documents and Settings\All Users\Dane aplikacji\IePluginServices\PluginService.exe -service [X] S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X] S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X] S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [X] S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [X] S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X] CustomCLSID: HKU\S-1-5-21-1123561945-688789844-1177238915-1003_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Documents and Settings\Jola\Dane aplikacji\GG\ggdrive\ggdrive-menu.dll No File HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1407519251&from=smt&uid=ST9120822AS_5LZ73PF1XXXX5LZ73PF1&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1407519251&from=smt&uid=ST9120822AS_5LZ73PF1XXXX5LZ73PF1&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1407519251&from=smt&uid=ST9120822AS_5LZ73PF1XXXX5LZ73PF1 SearchScopes: HKU\S-1-5-21-1123561945-688789844-1177238915-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={0A7F35EA-6833-46D8-AE55-8C008304445C}&mid=Unknown&lang=pl&ds=gm011&coid=avgtbdisgm&cmpid=&pr=sa&d=2014-02-10 11:18:03&v=18.1.9.799&pid=safeguard&sg=&sap=dsp&q={searchTerms} Toolbar: HKU\S-1-5-21-1123561945-688789844-1177238915-1003 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\Documents and Settings\All Users\Dane aplikacji\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799 FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml C:\Documents and Settings\All Users\Dane aplikacji\AVG SafeGuard toolbar C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search C:\Documents and Settings\All Users\Dane aplikacji\Avg_Update_0814tb C:\Documents and Settings\All Users\Dane aplikacji\Avg_Update_1114tb C:\Documents and Settings\All Users\Dane aplikacji\IePluginServices C:\Documents and Settings\All Users\Dane aplikacji\WindowsMangerProtect C:\Documents and Settings\Jola\Dane aplikacji\AVG SafeGuard toolbar C:\Documents and Settings\Jola\Dane aplikacji\istartsurf C:\Documents and Settings\Jola\Ustawienia lokalne\Dane aplikacji\Math Problem Solver C:\Program Files\AVG Security Toolbar C:\Program Files\globalUpdate Reg: reg delete HKLM\SOFTWARE\Google /f Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webget /f Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect /f CMD: dir /a "C:\Documents and Settings\Jola\Ustawienia lokalne\Dane aplikacji" EmptyTemp: ***************** Processes closed successfully. C:\WINDOWS\Tasks\ef9eb1df-f680-4256-a623-cf0a11590988-1.job not found. C:\WINDOWS\Tasks\ef9eb1df-f680-4256-a623-cf0a11590988-11.job not found. C:\WINDOWS\Tasks\ef9eb1df-f680-4256-a623-cf0a11590988-2.job not found. C:\WINDOWS\Tasks\ef9eb1df-f680-4256-a623-cf0a11590988-4.job not found. C:\WINDOWS\Tasks\ef9eb1df-f680-4256-a623-cf0a11590988-5.job not found. C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job not found. C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job not found. C:\WINDOWS\Tasks\Math Problem Solver CPU.job not found. globalUpdate => Service not found. globalUpdatem => Service not found. IePluginServices => Service not found. AndNetDiag => Service not found. ANDNetModem => Service not found. andnetndis => Service not found. EagleXNt => Service not found. UIUSys => Service not found. "HKU\S-1-5-21-1123561945-688789844-1177238915-1003_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}" => Key deleted successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. "HKU\S-1-5-21-1123561945-688789844-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found. "HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found. HKU\S-1-5-21-1123561945-688789844-1177238915-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value not found. "HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => Key not found. HKLM\Software\Mozilla\Firefox\Extensions\\avg@toolbar => Value not found. "HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin" => Key not found. "HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10" => Key not found. C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll not found. "HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4" => Key not found. C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll not found. "C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml" => not found. "C:\Documents and Settings\All Users\Dane aplikacji\AVG SafeGuard toolbar" => File/Directory not found. "C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search" => File/Directory not found. "C:\Documents and Settings\All Users\Dane aplikacji\Avg_Update_0814tb" => File/Directory not found. "C:\Documents and Settings\All Users\Dane aplikacji\Avg_Update_1114tb" => File/Directory not found. "C:\Documents and Settings\All Users\Dane aplikacji\IePluginServices" => File/Directory not found. "C:\Documents and Settings\All Users\Dane aplikacji\WindowsMangerProtect" => File/Directory not found. "C:\Documents and Settings\Jola\Dane aplikacji\AVG SafeGuard toolbar" => File/Directory not found. "C:\Documents and Settings\Jola\Dane aplikacji\istartsurf" => File/Directory not found. "C:\Documents and Settings\Jola\Ustawienia lokalne\Dane aplikacji\Math Problem Solver" => File/Directory not found. "C:\Program Files\AVG Security Toolbar" => File/Directory not found. "C:\Program Files\globalUpdate" => File/Directory not found. ========= reg delete HKLM\SOFTWARE\Google /f ========= BÅ‚Ä…d: system nie może odnaleźć okreÅ›lonego klucza rejestru lub wartoÅ›ci. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webget /f ========= BÅ‚Ä…d: system nie może odnaleźć okreÅ›lonego klucza rejestru lub wartoÅ›ci. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect /f ========= BÅ‚Ä…d: system nie może odnaleźć okreÅ›lonego klucza rejestru lub wartoÅ›ci. ========= End of Reg: ========= ========= dir /a "C:\Documents and Settings\Jola\Ustawienia lokalne\Dane aplikacji" ========= Wolumin w stacji C nie ma etykiety. Numer seryjny woluminu: 08A8-ABDE Katalog: C:\Documents and Settings\Jola\Ustawienia lokalne\Dane aplikacji 2014-12-08 18:21 . 2014-12-08 18:21 .. 2014-11-07 10:38 Adobe 2014-08-03 00:37 Arora 2013-12-11 18:22 cache 2014-11-18 19:07 30ÿ208 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-11-20 18:00 ESET 2014-11-07 12:21 Gameforge4d 2014-09-24 23:41 68ÿ456 GDIPFONTCACHEV1.DAT 2014-07-07 14:09 GG 2014-08-08 18:32 globalUpdate 2014-10-31 18:11 Google 2014-05-11 14:28 5ÿ859ÿ564 IconCache.db 2014-11-08 14:17 LG Electronics 2014-10-08 18:34 Microsoft 2013-11-19 23:54 Microsoft Help 2013-12-11 18:22 Mobogenie 2013-11-19 00:59 Mozilla 2014-07-07 14:04 OpenFM 2013-11-21 07:35 Opera Software 2014-09-24 14:00 Skype 2014-11-08 17:57 Sony 2013-11-19 19:54 Sun 3 plik(¢w) 5ÿ958ÿ228 bajt¢w 20 katalog(¢w) 28ÿ398ÿ026ÿ752 bajt¢w wolnych ========= End of CMD: ========= EmptyTemp: => Removed 371.6 MB temporary data. The system needed a reboot. ==== End of Fixlog ====