Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 04-01-2015
Ran by STANISŁAW SKRZYPCZAK at 2015-01-06 17:01:03 Run:2
Running from C:\Documents and Settings\STANISŁAW SKRZYPCZAK\Pulpit\logi
Loaded Profile: STANISŁAW SKRZYPCZAK (Available profiles: STANISŁAW SKRZYPCZAK & GRAŻKA)
Boot Mode: Safe Mode (minimal)

==============================================

Content of fixlist:
*****************
Task: C:\WINDOWS.1\Tasks\BlockAndSurf Update.job => C:\Program Files\ver0BlockAndSurf\J6BlockAndSurfR79.exe <==== ATTENTION
Task: C:\WINDOWS.1\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files\RCP\RegCleanPro.exe <==== ATTENTION
Task: C:\WINDOWS.1\Tasks\RegClean Pro_UPDATES.job => C:\Program Files\RCP\RegCleanPro.exe <==== ATTENTION
S2 CouponMonkeyService; C:\Program Files\D51D0083-1C6B-4CB4-8FA1-7CF891242EBD\auhhlzqovx.exe [150528 2014-11-26] () [File not signed]
S2 serverca; C:\Documents and Settings\STANISŁAW SKRZYPCZAK\Ustawienia lokalne\Dane aplikacji\ConvertAd\CASrv.exe [X]
S2 Update DigiHelp; "C:\Program Files\DigiHelp\updateDigiHelp.exe" [X]
S1 ASPI32; No ImagePath
S3 GarenaPEngine; \??\C:\DOCUME~1\TOMASZ\USTAWI~1\Temp\OGHC9.tmp [X]
S3 GGSAFERDriver; \??\C:\Garena\plugins\UI\safedrv.sys [X]
S1 netfilter; system32\drivers\netfilter.sys [X]
S2 npf; system32\drivers\npf.sys [X]
HKLM\...\Run: [adblock pro] => C:\Adblock Pro\abpmain.exe [372736 2010-06-28] (Adblock Pro Team)
HKLM\...\Run: [ADSTOP] => C:\Documents and Settings\STANISAAW SKRZYPCZAK\Pulpit\ADSTOP.exe
HKLM\...\Run: [gmsd_pl_8] => [X]
HKLM\...\Run: [upgmsd_pl_8.exe] => C:\Documents and Settings\STANISAAW SKRZYPCZAK\Ustawienia lokalne\Dane aplikacji\gmsd_pl_8\upgmsd_pl_8.exe -runhelper
HKLM\...\Run: [rec_pl_1] => C:\Program Files\rec_pl_1\rec_pl_1.exe [3977384 2014-12-16] ()
HKLM\...\Run: [rec_pl_2] => C:\Program Files\rec_pl_2\rec_pl_2.exe [3979432 2014-12-24] ()
HKU\S-1-5-21-2052111302-920026266-1177238915-1004\...\Run: [SoftonicAssistant] => "C:\Documents and Settings\STANISAAW SKRZYPCZAK\Ustawienia lokalne\Dane aplikacji\SoftonicAssistant\SoftonicAssistant.exe"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKU\S-1-5-21-2052111302-920026266-1177238915-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Documents and Settings\TOMASZ\Pulpit\Konrad\BitComet\tools\BitCometBHO_1.2.2.28.dll No File
BHO: Max EN Toolbar -> {867dd841-5bf7-44ca-8426-c5a6eda00735} -> C:\Program Files\Max_EN\tbMax_.dll (Conduit Ltd.)
BHO: IEPluginBHO Class -> {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -> C:\Documents and Settings\All Users.WINDOWS.1\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll No File
Toolbar: HKLM - Max EN Toolbar - {867dd841-5bf7-44ca-8426-c5a6eda00735} - C:\Program Files\Max_EN\tbMax_.dll (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-2052111302-920026266-1177238915-1004 -> Max EN Toolbar - {867DD841-5BF7-44CA-8426-C5A6EDA00735} - C:\Program Files\Max_EN\tbMax_.dll (Conduit Ltd.)
DPF: {00000161-0000-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/msaudio.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS.1\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
c:\Documents and Settings\All Users.WINDOWS.1\Dane aplikacji\TEMP
C:\Documents and Settings\All Users.WINDOWS.1\Menu Start\Programy\Picasa 3
C:\Documents and Settings\STANISŁAW SKRZYPCZAK\Dane aplikacji\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
C:\Documents and Settings\STANISŁAW SKRZYPCZAK\Dane aplikacji\Opera Software
C:\Documents and Settings\STANISŁAW SKRZYPCZAK\Ustawienia lokalne\Dane aplikacji\Opera Software
C:\Program Files\CouponMonkey
C:\Program Files\D51D0083-1C6B-4CB4-8FA1-7CF891242EBD
C:\Program Files\DigiHelp
C:\WINDOWS.1\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
Folder: C:\WINDOWS.1\system32\dwjobs
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /f
Reboot:
*****************

C:\WINDOWS.1\Tasks\BlockAndSurf Update.job => Moved successfully.
C:\WINDOWS.1\Tasks\RegClean Pro_DEFAULT.job => Moved successfully.
C:\WINDOWS.1\Tasks\RegClean Pro_UPDATES.job => Moved successfully.
CouponMonkeyService => Service deleted successfully.
serverca => Service deleted successfully.
Update DigiHelp => Service deleted successfully.
ASPI32 => Service deleted successfully.
GarenaPEngine => Service deleted successfully.
GGSAFERDriver => Service deleted successfully.
netfilter => Service deleted successfully.
npf => Service deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\adblock pro => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ADSTOP => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_pl_8 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\upgmsd_pl_8.exe => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\rec_pl_1 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\rec_pl_2 => value deleted successfully.
HKU\S-1-5-21-2052111302-920026266-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Run\\SoftonicAssistant => value deleted successfully.
C:\WINDOWS.1\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS.1\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-2052111302-920026266-1177238915-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}" => Key deleted successfully.
"HKCR\CLSID\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{867dd841-5bf7-44ca-8426-c5a6eda00735}" => Key deleted successfully.
"HKCR\CLSID\{867dd841-5bf7-44ca-8426-c5a6eda00735}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}" => Key deleted successfully.
"HKCR\CLSID\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{867dd841-5bf7-44ca-8426-c5a6eda00735} => value deleted successfully.
HKCR\CLSID\{867dd841-5bf7-44ca-8426-c5a6eda00735} => Key not found. 
HKU\S-1-5-21-2052111302-920026266-1177238915-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{867DD841-5BF7-44CA-8426-C5A6EDA00735} => value deleted successfully.
HKCR\CLSID\{867DD841-5BF7-44CA-8426-C5A6EDA00735} => Key not found. 
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{00000161-0000-0010-8000-00AA00389B71}" => Key deleted successfully.
HKCR\CLSID\{00000161-0000-0010-8000-00AA00389B71} => Key not found. 
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}" => Key deleted successfully.
HKCR\CLSID\{31435657-9980-0010-8000-00AA00389B71} => Key not found. 
"HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} => value deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\jqs@sun.com => value deleted successfully.
c:\Documents and Settings\All Users.WINDOWS.1\Dane aplikacji\TEMP => Moved successfully.
C:\Documents and Settings\All Users.WINDOWS.1\Menu Start\Programy\Picasa 3 => Moved successfully.
C:\Documents and Settings\STANISŁAW SKRZYPCZAK\Dane aplikacji\Microsoft\Internet Explorer\Quick Launch\Opera.lnk => Moved successfully.
C:\Documents and Settings\STANISŁAW SKRZYPCZAK\Dane aplikacji\Opera Software => Moved successfully.
C:\Documents and Settings\STANISŁAW SKRZYPCZAK\Ustawienia lokalne\Dane aplikacji\Opera Software => Moved successfully.
C:\Program Files\CouponMonkey => Moved successfully.
C:\Program Files\D51D0083-1C6B-4CB4-8FA1-7CF891242EBD => Moved successfully.
C:\Program Files\DigiHelp => Moved successfully.
C:\WINDOWS.1\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension => Moved successfully.

========================= Folder: C:\WINDOWS.1\system32\dwjobs ========================


====== End of Folder: ======


========= reg delete "HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========



The system needed a reboot. 

==== End of Fixlog 17:01:06 ====