Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 10-11-2014 Ran by oem at 2014-11-11 15:18:06 Run:2 Running from C:\Users\oem\Desktop\dezynfekcja Loaded Profile: oem (Available profiles: oem & UpdatusUser) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: ShortcutWithArgument: C:\Users\oem\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.mystartsearch.com/?type=sc&ts=1413742161&from=smt&uid=ST3320613AS_9SZ0AY34XXXX9SZ0AY34 ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.mystartsearch.com/?type=sc&ts=1413742161&from=smt&uid=ST3320613AS_9SZ0AY34XXXX9SZ0AY34 ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.mystartsearch.com/?type=sc&ts=1413742161&from=smt&uid=ST3320613AS_9SZ0AY34XXXX9SZ0AY34 ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.mystartsearch.com/?type=sc&ts=1413742161&from=smt&uid=ST3320613AS_9SZ0AY34XXXX9SZ0AY34 ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.mystartsearch.com/?type=sc&ts=1413742161&from=smt&uid=ST3320613AS_9SZ0AY34XXXX9SZ0AY34 FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mystartsearch.xml FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1401465415&from=wpc&uid=ST3320613AS_9SZ0AY34XXXX9SZ0AY34&q={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1401465415&from=wpc&uid=ST3320613AS_9SZ0AY34XXXX9SZ0AY34&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - Backup.Old.DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} SearchScopes: HKLM - {768D0F96-8B0E-7DFF-8E53-5B93D52C3275} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091 SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} URL = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms} SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzutDtDtBtBtCyDtCyB0B0C0B0BtA0BtDyCtN0D0Tzu0CtBtAyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1675312693 SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms} SearchScopes: HKLM - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7 SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKCU - Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} SearchScopes: HKCU - 35EF8322F42D4BCD99DC083745EEFE15 URL = http://isearch.avg.com/search?cid={AF6C28BE-BD48-47D1-AE4E-3DFFA628C2C8}&mid=780cad32e5dfd6bfdeebcc3df246f663-34e985a55237710ff26fa09697eaaa4fc353a451&lang=pl&ds=AVG&pr=fr&d=2012-06-10 08:17:52&v=11.1.0.7&sap=dsp&q={searchTerms} SearchScopes: HKCU - {1F096B29-E9DA-4D64-8D63-936BE7762CC5} URL = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=b80f3b0600000000000000221517bcbb&tlver=1.4.19.19&ss=1&affID=17981 SearchScopes: HKCU - {28DC2F23-8DD3-4332-A7CE-BCDA9CBEC507} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms} SearchScopes: HKCU - {768D0F96-8B0E-7DFF-8E53-5B93D52C3275} URL = SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} URL = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms} SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9} URL = http://www.daemon-search.com/search/web?q={searchTerms} SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = SearchScopes: HKCU - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7 BHO: No Name -> {7E853D72-626A-48EC-A868-BA8D5E23E045} -> No File Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File Toolbar: HKLM - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No File Toolbar: HKCU - No Name - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No File Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File Task: {380A623B-0272-4DD9-B87A-116A35AC290C} - System32\Tasks\Opera D5 => C:\Program Files\Opera\launcher.exe Task: {4176E6CD-46C2-47E3-882C-D801122242E4} - System32\Tasks\Opera D4 => C:\Program Files\Opera\launcher.exe Task: {652CED9F-ABA2-4258-B80D-2C9D10A0157A} - System32\Tasks\e-pity2012_styczen => H:\Ja\e-pity2012\signxml.exe Task: {ACA175B9-B474-45C2-9B92-1FAEE73906BD} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{F42D1834-37B1-4680-93C9-C5B2374EFB8A}.exe Task: {B6A8A52C-CAE7-4177-9EA3-B9F3B91EDF7B} - System32\Tasks\e-pity2012_kwiecien => H:\Ja\e-pity2012\signxml.exe Task: {C62496AA-7462-40FF-B43E-991E5C4EE519} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{BFC43E12-E489-4B2B-B41E-D8AE6693F88F}.exe Task: {E1E3955D-6403-4CEA-9FFB-1668EE6BE0E4} - \Funmoods No Task File <==== ATTENTION Task: {E694FDBE-70BD-4AF5-A065-EF49E5B44553} - System32\Tasks\Opera D2 => C:\Program Files\Opera\launcher.exe Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{BFC43E12-E489-4B2B-B41E-D8AE6693F88F}.exe Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{F42D1834-37B1-4680-93C9-C5B2374EFB8A}.exe S2 AVTasks2; C:\PROGRA~1\ArcaBit\Common\ARCATA~1.EXE [X] C:\Program Files\Mozilla Firefox\extensions C:\Program Files\Mozilla Firefox\plugins C:\ProgramData\pswi_preloaded.exe C:\Users\Default\AppData\Roaming\TuneUp Software C:\Users\oem\AppData\Local\prvlcl.dat C:\Users\oem\AppData\Local\Google C:\Users\oem\AppData\Roaming\*.exe C:\Users\oem\AppData\Roaming\AutoUpdate C:\Users\oem\AppData\Roaming\AVG2014 C:\Users\oem\AppData\Roaming\Babylon C:\Users\oem\AppData\Roaming\DAEMON Tools C:\Users\oem\AppData\Roaming\DAEMON Tools Lite C:\Users\oem\AppData\Roaming\Desktopicon C:\Users\oem\AppData\Roaming\eMule C:\Users\oem\AppData\Roaming\F-Secure C:\Users\oem\AppData\Roaming\Funmoods C:\Users\oem\AppData\Roaming\LimeWire C:\Users\oem\AppData\Roaming\Listonosz C:\Users\oem\AppData\Roaming\maxup C:\Users\oem\AppData\Roaming\mystartsearch C:\Users\oem\AppData\Roaming\Onet C:\Users\oem\AppData\Roaming\OpenFM C:\Users\oem\AppData\Roaming\Opera Software C:\Users\oem\AppData\Roaming\pl.com.bebiko.widgetbebiko.35EA91C6F98F4F5A01FBE12E388378AD6D359940.1 C:\Users\oem\AppData\Roaming\Systweak C:\Users\oem\AppData\Roaming\temp C:\Users\oem\AppData\Roaming\TuneUp Software C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup C:\Windows\System32\roboot.exe C:\Windows\system32\sqlite3.dll Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f Reg: reg delete HKLM\SOFTWARE\Google /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Search" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AlcoholAutomount" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BabylonToolbar" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CafeNews" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Onet.pl AutoUpdate" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched" /f CMD: netsh advfirewall reset EmptyTemp: ***************** Processes closed successfully. C:\Users\oem\Desktop\Mozilla Firefox.lnk => Shortcut argument was removed successfully. C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Shortcut argument was removed successfully. C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => Shortcut argument was restored successfully. C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Shortcut argument was removed successfully. C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk => Shortcut argument was removed successfully. "C:\Program Files\mozilla firefox\browser\searchplugins\mystartsearch.xml" => not found. HKLM\Software\Mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} => Value not found. HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value not found. HKCU\Software\Microsoft\Internet Explorer\Main\\Backup.Old.Start Page => Value not found. HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => Value not found. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{768D0F96-8B0E-7DFF-8E53-5B93D52C3275}" => Key not found. "HKCR\CLSID\{768D0F96-8B0E-7DFF-8E53-5B93D52C3275}" => Key not found. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}" => Key not found. "HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}" => Key not found. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key not found. "HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key not found. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" => Key not found. "HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" => Key not found. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}" => Key not found. "HKCR\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}" => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => Value not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\35EF8322F42D4BCD99DC083745EEFE15" => Key not found. "HKCR\CLSID\35EF8322F42D4BCD99DC083745EEFE15" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}" => Key not found. "HKCR\CLSID\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{28DC2F23-8DD3-4332-A7CE-BCDA9CBEC507}" => Key not found. "HKCR\CLSID\{28DC2F23-8DD3-4332-A7CE-BCDA9CBEC507}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{768D0F96-8B0E-7DFF-8E53-5B93D52C3275}" => Key not found. "HKCR\CLSID\{768D0F96-8B0E-7DFF-8E53-5B93D52C3275}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}" => Key not found. "HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}" => Key not found. "HKCR\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}" => Key not found. "HKCR\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}" => Key not found. "HKCR\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}" => Key not found. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}" => Key not found. "HKCR\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}" => Key not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Value not found. "HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" => Key not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{98889811-442D-49dd-99D7-DC866BE87DBC} => Value not found. "HKCR\CLSID\!{98889811-442D-49dd-99D7-DC866BE87DBC}" => Key not found.