Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-02-2015
Ran by Kacper at 2015-02-09 19:12:26 Run:1
Running from C:\Users\Kacper\Desktop
Loaded Profiles: Kacper (Available profiles: Kacper)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
CloseProcesses:
CreateRestorePoint:
CustomCLSID: HKU\S-1-5-21-200585039-1766280871-1148817938-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Kacper\AppData\Local\Temp\1B8f64d\temp\Eset Nod32 Keygen.exe No File
Task: {7B208C9C-4AB4-457C-B671-C5FFD6732E53} - System32\Tasks\SYSTEM => C:\ProgramData\wmc.exe <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=1420378772&from=wpc&uid=ST340014A_5JV0KKEN
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=1420378772&from=wpc&uid=ST340014A_5JV0KKEN"
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1420378772&from=wpc&uid=ST340014A_5JV0KKEN
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1420378772&from=wpc&uid=ST340014A_5JV0KKEN&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1420378772&from=wpc&uid=ST340014A_5JV0KKEN
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1420378772&from=wpc&uid=ST340014A_5JV0KKEN&q={searchTerms}
HKU\S-1-5-21-200585039-1766280871-1148817938-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1420378772&from=wpc&uid=ST340014A_5JV0KKEN
HKU\S-1-5-21-200585039-1766280871-1148817938-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1420378772&from=wpc&uid=ST340014A_5JV0KKEN
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1420378772&from=wpc&uid=ST340014A_5JV0KKEN&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1420378772&from=wpc&uid=ST340014A_5JV0KKEN&q={searchTerms}
SearchScopes: HKU\S-1-5-21-200585039-1766280871-1148817938-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1420378772&from=wpc&uid=ST340014A_5JV0KKEN&q={searchTerms}
S3 athur; system32\DRIVERS\athur.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]
S3 vtany; \??\C:\Windows\vtany.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
C:\Program Files\Mozilla Firefox
C:\ProgramData\.windows.sys
C:\ProgramData\pcondnjfghffncdllpenghlcceoflpab
C:\Users\Kacper\AppData\Local\Chromium
C:\Users\Kacper\AppData\Local\CrashRpt
C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Preferences
C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Local Storage\*localstorage*
C:\Users\Kacper\AppData\Roaming\SoftwareUpdater
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage /f
Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f
CMD: sc config WinDefend start= demand
EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
"HKU\S-1-5-21-200585039-1766280871-1148817938-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7B208C9C-4AB4-457C-B671-C5FFD6732E53}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B208C9C-4AB4-457C-B671-C5FFD6732E53}" => Key deleted successfully.
C:\Windows\System32\Tasks\SYSTEM => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SYSTEM" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-200585039-1766280871-1148817938-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-200585039-1766280871-1148817938-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. 
"HKU\S-1-5-21-200585039-1766280871-1148817938-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. 
athur => Service deleted successfully.
EagleXNt => Service deleted successfully.
FairplayKD => Service deleted successfully.
GMSIPCI => Service deleted successfully.
nvvad_WaveExtensible => Service deleted successfully.
vtany => Service deleted successfully.
xhunter1 => Service deleted successfully.
C:\Program Files\Mozilla Firefox => Moved successfully.
C:\ProgramData\.windows.sys => Moved successfully.
C:\ProgramData\pcondnjfghffncdllpenghlcceoflpab => Moved successfully.
C:\Users\Kacper\AppData\Local\Chromium => Moved successfully.
C:\Users\Kacper\AppData\Local\CrashRpt => Moved successfully.
C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Preferences => Moved successfully.
C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Local Storage\*localstorage* => Moved successfully.
C:\Users\Kacper\AppData\Roaming\SoftwareUpdater => Moved successfully.

========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\MozillaPlugins /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


=========  sc config WinDefend start= demand =========

[SC] ChangeServiceConfig SUKCES

========= End of CMD: =========

EmptyTemp: => Removed 314.8 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 19:14:24 ====