Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-02-2015 Ran by Konrad at 2015-02-03 13:02:26 Run:2 Running from C:\Users\Konrad\Downloads Loaded Profiles: Konrad (Available profiles: Konrad & Gość) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: CreateRestorePoint: ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1420625977&from=pcs&uid=WDCXWD5000BPKT-75PK4T0_WD-WXL1E61MYRA1MYRA1 ShortcutWithArgument: C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1420625977&from=pcs&uid=WDCXWD5000BPKT-75PK4T0_WD-WXL1E61MYRA1MYRA1 ShortcutWithArgument: C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1420625977&from=pcs&uid=WDCXWD5000BPKT-75PK4T0_WD-WXL1E61MYRA1MYRA1 ShortcutWithArgument: C:\Users\Konrad\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1420625977&from=pcs&uid=WDCXWD5000BPKT-75PK4T0_WD-WXL1E61MYRA1MYRA1 ShortcutWithArgument: C:\Users\Konrad\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1420625977&from=pcs&uid=WDCXWD5000BPKT-75PK4T0_WD-WXL1E61MYRA1MYRA1 ShortcutWithArgument: C:\Users\Konrad\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1420625977&from=pcs&uid=WDCXWD5000BPKT-75PK4T0_WD-WXL1E61MYRA1MYRA1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com SearchScopes: HKU\S-1-5-21-3966912182-3999749155-3079340802-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File Toolbar: HKU\S-1-5-21-3966912182-3999749155-3079340802-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt Task: {33BA39D2-F210-4FBF-AFA4-6508AC243E4F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3966912182-3999749155-3079340802-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {62DE4D38-E5E1-4CDF-8A88-F073F47AACBB} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3966912182-3999749155-3079340802-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {E54DD7E5-1B56-4B87-9400-7CFC806B6221} - System32\Tasks\{17C7AE7B-40E1-4B37-BCD6-86566C2C1A49} => pcalua.exe -a C:\Users\Konrad\Downloads\powersetup.exe -d C:\Users\Konrad\Downloads Task: {E73156C8-B1FB-4448-8F87-878ADEF1008E} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3966912182-3999749155-3079340802-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-3966912182-3999749155-3079340802-1000\...\Run: [] => [X] S2 B4-Service; C:\Users\Konrad\Downloads\B4-Service.exe [X] S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X] S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X] C:\Program Files (x86)\Mozilla Firefox\extensions C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\Uninstall.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Preferences C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\*localstorage* C:\Users\Konrad\Desktop\Priv\Call of Duty® 2 Jeden gracz.lnk C:\Users\Konrad\Desktop\Priv\Hitman - Codename 47.lnk C:\Users\Konrad\Desktop\Priv\Twierdza.lnk C:\Users\Konrad\Documents\Adobe Reader X.lnk C:\Users\Konrad\Documents\Norton Security Scan.lnk C:\Users\Konrad\Documents\TWIST 1.5.lnk C:\Users\Gość\Desktop\Twierdza.lnk Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f Reg: reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Video Converter Packages" /f EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Shortcut argument was removed successfully. C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Shortcut argument was removed successfully. C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => Shortcut argument was restored successfully. C:\Users\Konrad\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Shortcut argument was removed successfully. C:\Users\Konrad\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Shortcut argument was removed successfully. C:\Users\Konrad\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk => Shortcut argument was removed successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKU\S-1-5-21-3966912182-3999749155-3079340802-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found. HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found. HKU\S-1-5-21-3966912182-3999749155-3079340802-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value not found. HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\otis@digitalpersona.com => Value not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33BA39D2-F210-4FBF-AFA4-6508AC243E4F} => Key not found. C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3966912182-3999749155-3079340802-1000 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3966912182-3999749155-3079340802-1000 => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62DE4D38-E5E1-4CDF-8A88-F073F47AACBB} => Key not found. C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3966912182-3999749155-3079340802-1000 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3966912182-3999749155-3079340802-1000 => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E54DD7E5-1B56-4B87-9400-7CFC806B6221} => Key not found. C:\Windows\System32\Tasks\{17C7AE7B-40E1-4B37-BCD6-86566C2C1A49} not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{17C7AE7B-40E1-4B37-BCD6-86566C2C1A49} => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E73156C8-B1FB-4448-8F87-878ADEF1008E} => Key not found. C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3966912182-3999749155-3079340802-1000 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderDownloaderScheduledTaskS-1-5-21-3966912182-3999749155-3079340802-1000 => Key not found. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value not found. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value not found. HKU\S-1-5-21-3966912182-3999749155-3079340802-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value not found. B4-Service => Service not found. DgiVecp => Service not found. hwusbdev => Service not found. "C:\Program Files (x86)\Mozilla Firefox\extensions" => File/Directory not found. "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\Uninstall.lnk" => File/Directory not found. "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake" => File/Directory not found. "C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Preferences" => File/Directory not found. "C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\*localstorage*" => File/Directory not found. "C:\Users\Konrad\Desktop\Priv\Call of Duty® 2 Jeden gracz.lnk" => File/Directory not found. "C:\Users\Konrad\Desktop\Priv\Hitman - Codename 47.lnk" => File/Directory not found. "C:\Users\Konrad\Desktop\Priv\Twierdza.lnk" => File/Directory not found. "C:\Users\Konrad\Documents\Adobe Reader X.lnk" => File/Directory not found. "C:\Users\Konrad\Documents\Norton Security Scan.lnk" => File/Directory not found. "C:\Users\Konrad\Documents\TWIST 1.5.lnk" => File/Directory not found. "C:\Users\Gość\Desktop\Twierdza.lnk" => File/Directory not found. ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Video Converter Packages" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= EmptyTemp: => Removed 170.2 MB temporary data. The system needed a reboot. ==== End of Fixlog 13:03:24 ====