Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-02-2015 Ran by samuel at 2015-02-13 19:57:46 Run:1 Running from C:\Users\samuel\Desktop Loaded Profiles: samuel (Available profiles: samuel) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: Task: {02342BA8-1F97-4486-B73F-CCCFB6EAB614} - System32\Tasks\{A3ADDE34-A69A-443E-868B-1157B8650D50} => C:\Program Files (x86)\uTorrent\uTorrent.exe Task: {08CA7C71-9203-4DB5-B98F-744DE3664F9F} - System32\Tasks\{49AB9473-0DA4-4438-A335-938FB4E6277D} => pcalua.exe -a F:\Setup.exe -d F:\ Task: {0E647A55-E4D5-4428-A945-48A43E1B6394} - System32\Tasks\{4F99C9D9-7C34-4232-A9D7-7504419865E6} => C:\Program Files (x86)\Ubisoft\Gearbox Software\BrothersInArms\System\bia.exe Task: {11199485-6F04-44C8-9F2F-E78B46F26D3E} - System32\Tasks\{D3CE1147-71A8-4872-8D83-3E4C1F5876E3} => Firefox.exe http://ui.skype.com/ui/0/6.14.0.104/pl/go/help.faq.installer?LastError=1603 Task: {191A5B15-3DCE-4D94-8996-4DFA13C2B2C3} - \Microsoft\a3d90235e1136671ab1195c6078184ff No Task File <==== ATTENTION Task: {1EFE367F-B190-4C82-A94C-CF5637158907} - System32\Tasks\{F1FF7067-69CC-49D9-BEB0-5358CA94C3A1} => pcalua.exe -a C:\Users\samuel\Desktop\WDM_R256.exe -d C:\Users\samuel\Desktop Task: {21D3EF7E-4F67-4C5E-A56F-35CB707134F1} - System32\Tasks\{2D4353D4-60E6-439C-AD19-76A6547FF299} => C:\Program Files (x86)\Activision\Call of Duty 2\cod2mp_s.exe Task: {2457ABC6-EB07-48E9-9EBF-3E0C9260F1CD} - System32\Tasks\{C665546C-DF02-4E92-BEB6-813D16334E3D} => pcalua.exe -a "C:\Users\samuel\Downloads\Foxit PDF Editor(1).exe" -d "C:\Program Files (x86)\Mozilla Firefox" Task: {24E3E8C9-E9FB-4097-9091-4BD30CEB0514} - System32\Tasks\{5B6E5AFA-B9AD-4D55-AFC7-BE56532FF56F} => C:\Program Files (x86)\Activision\Call of Duty 2\cod2mp_s.exe Task: {3D5F7AD1-F88B-4BB7-877B-E3ECF6233414} - System32\Tasks\{313A6ECC-109E-4AE3-B793-A18CCEF0DD85} => C:\Program Files (x86)\Activision\Call of Duty 2\cod2mp_s.exe Task: {5764AD4A-0586-4F21-8EC0-841BC49FEC17} - System32\Tasks\{E7BD2750-ACB0-4066-AC6C-48FBB50F1DC7} => C:\Program Files (x86)\Activision\Call of Duty 2\cod2sp_s.exe Task: {57A75B0B-C7A9-4F11-A5B8-BA54D58A9898} - System32\Tasks\{AF56E460-FF57-4969-8597-8794D4D515E6} => pcalua.exe -a F:\autorun.exe -d F:\ Task: {81BECB83-7570-4718-B024-FBC5071E87AF} - System32\Tasks\{FF881A25-8E88-4169-BFC2-EE27CC6DEB25} => pcalua.exe -a C:\Users\samuel\Downloads\LCVA_PCDrv_US_1_11_02.exe -d "C:\Program Files (x86)\Mozilla Firefox" Task: {8A61FF7C-D949-47FC-9172-A46415DFE2F2} - System32\Tasks\{C22A0D16-2044-40D4-AF92-23EF5EA1BB51} => C:\Program Files (x86)\Team17\Worms Armageddon\WA.exe Task: {976C87CF-DF58-4847-8AA2-7E8173A83929} - System32\Tasks\{28417D02-EBFD-41EA-B0E8-0B5F8F1ADA8D} => pcalua.exe -a C:\Users\samuel\Desktop\xampp-win32-1.7.4-VC6-installer.exe -d C:\Users\samuel\Desktop Task: {A7DC78F7-0BE7-447E-A160-5BFFD1B4AF78} - System32\Tasks\{07D26930-5FD6-4823-A585-C3859560237B} => pcalua.exe -a C:\Users\samuel\Desktop\hookanalyzer.exe -d C:\Users\samuel\Desktop Task: {AB0F3DE5-A4C1-49B5-8F64-95830E4364DC} - System32\Tasks\{B82254B4-0D89-4F34-85B2-0DC1E9C3737A} => pcalua.exe -a C:\Users\samuel\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=amt Task: {B09C147F-D510-4D7E-8A93-619213A2A2BE} - \QtraxPlayer No Task File <==== ATTENTION Task: {BB001966-9469-4BB0-B351-4F2773E57A57} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION Task: {CABC753A-19C2-4EDA-9A57-B18F2C040742} - System32\Tasks\{27C34344-F5D7-4B1C-947A-76C691E7525C} => pcalua.exe -a C:\Users\samuel\Downloads\xampp-win32-1.7.4-VC6-installer.exe -d C:\Users\samuel\Downloads Task: {D71E0FAD-2E0B-4329-B1FE-193666669EB8} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION Task: {D810D586-B7EB-4647-9342-2614B6B70338} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1222532900-2107887203-1818822403-1001 Task: {D93856B1-BDAC-4B9D-B078-75CD068192D7} - System32\Tasks\{5872F498-6809-4661-B77B-EEC5C706781C} => C:\Program Files (x86)\Activision\Call of Duty 2\cod2mp_s.exe Task: {E5903908-6724-42EE-9EE0-FEDF24A7D0ED} - System32\Tasks\{48918098-EC4C-41E7-B2C3-C8452722B4C3} => C:\Program Files (x86)\Activision\Call of Duty 2\cod2mp_s.exe Task: {EA834288-635E-4327-9996-A60CBE2D5546} - System32\Tasks\{B926C8C1-52B1-480A-A448-7612E5C2B4A6} => msiexec.exe /package "C:\Users\samuel\Downloads\eav_nt64_plk.msi" Task: {EB9AAAD2-475F-46BA-BA85-B5DAFAC98A22} - System32\Tasks\{F85E9ECB-762F-48CD-8E26-BF2E147CB6BF} => C:\Program Files (x86)\uTorrent\uTorrent.exe Task: {F59D6180-9127-4189-B324-66E77FD61BE2} - System32\Tasks\{38B14F9A-AD01-400F-ADA8-1B21C4F47B85} => C:\Program Files (x86)\Team17\Worms Armageddon\WA.exe HKU\S-1-5-21-1222532900-2107887203-1818822403-1001\...\Run: [HW_OPENEYE_OUC_PLAY ONLINE] => C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [110592 2009-04-14] (Huawei Technologies Co., Ltd.) BootExecute: autocheck autochk * sdnclean64.exe S3 dgderdrv; System32\drivers\dgderdrv.sys [X] S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\samuel\AppData\Local\Temp\crx8C1D.tmp [Not Found] CHR HKLM-x32\...\Chrome\Extension: [hidjnkeodmholilgafgdlgmgggbhnigl] - C:\Users\samuel\AppData\Roaming\SimilarSites\similarsites.crx [Not Found] C:\Program Files (x86)\Spybot - Search & Destroy 2 C:\ProgramData\APN C:\ProgramData\Spybot - Search & Destroy C:\Users\admin\AppData\Roaming\Elex-tech C:\Users\admin\Desktop\install_flashplayer16x32_mssd_aaa_aih.exe C:\Users\admin\Downloads\jxpiinstall.exe C:\Users\samuel\AppData\Local\{1DD15D88-7754-4AD0-A18C-27393E714A3B} C:\Users\samuel\AppData\Local\Google\Chrome\User Data\Default\Preferences C:\Users\samuel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Pełne czyszczenie śmieci (2).lnk C:\Users\samuel\Downloads\spybot-2.4.exe C:\Windows\pss\fabulous_08150939.lnk.Startup C:\Windows\system32\Drivers\etc\hosts.*.backup Hosts: Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\fabulous_08150939 /f Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\Search" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\AdobeFlashPlayerUpdateSvc" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\FirebirdGuardianDefaultInstance" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\FirebirdServerDefaultInstance" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\OMSI download service" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^samuel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^fabulous_08150939.lnk" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Akamai NetSession Interface" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\fabulous_08150939" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched" /f Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search" /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f CMD: sc config FoxitCloudUpdateService start= demand CMD: sc config WinDefend start= demand EmptyTemp: ***************** Processes closed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02342BA8-1F97-4486-B73F-CCCFB6EAB614}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02342BA8-1F97-4486-B73F-CCCFB6EAB614}" => Key deleted successfully. C:\Windows\System32\Tasks\{A3ADDE34-A69A-443E-868B-1157B8650D50} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A3ADDE34-A69A-443E-868B-1157B8650D50}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08CA7C71-9203-4DB5-B98F-744DE3664F9F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08CA7C71-9203-4DB5-B98F-744DE3664F9F}" => Key deleted successfully. C:\Windows\System32\Tasks\{49AB9473-0DA4-4438-A335-938FB4E6277D} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{49AB9473-0DA4-4438-A335-938FB4E6277D}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E647A55-E4D5-4428-A945-48A43E1B6394}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E647A55-E4D5-4428-A945-48A43E1B6394}" => Key deleted successfully. C:\Windows\System32\Tasks\{4F99C9D9-7C34-4232-A9D7-7504419865E6} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4F99C9D9-7C34-4232-A9D7-7504419865E6}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11199485-6F04-44C8-9F2F-E78B46F26D3E}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11199485-6F04-44C8-9F2F-E78B46F26D3E}" => Key deleted successfully. C:\Windows\System32\Tasks\{D3CE1147-71A8-4872-8D83-3E4C1F5876E3} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D3CE1147-71A8-4872-8D83-3E4C1F5876E3}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{191A5B15-3DCE-4D94-8996-4DFA13C2B2C3}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{191A5B15-3DCE-4D94-8996-4DFA13C2B2C3}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\a3d90235e1136671ab1195c6078184ff" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1EFE367F-B190-4C82-A94C-CF5637158907}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EFE367F-B190-4C82-A94C-CF5637158907}" => Key deleted successfully. C:\Windows\System32\Tasks\{F1FF7067-69CC-49D9-BEB0-5358CA94C3A1} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F1FF7067-69CC-49D9-BEB0-5358CA94C3A1}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21D3EF7E-4F67-4C5E-A56F-35CB707134F1}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21D3EF7E-4F67-4C5E-A56F-35CB707134F1}" => Key deleted successfully. C:\Windows\System32\Tasks\{2D4353D4-60E6-439C-AD19-76A6547FF299} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2D4353D4-60E6-439C-AD19-76A6547FF299}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2457ABC6-EB07-48E9-9EBF-3E0C9260F1CD}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2457ABC6-EB07-48E9-9EBF-3E0C9260F1CD}" => Key deleted successfully. C:\Windows\System32\Tasks\{C665546C-DF02-4E92-BEB6-813D16334E3D} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C665546C-DF02-4E92-BEB6-813D16334E3D}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24E3E8C9-E9FB-4097-9091-4BD30CEB0514}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24E3E8C9-E9FB-4097-9091-4BD30CEB0514}" => Key deleted successfully. C:\Windows\System32\Tasks\{5B6E5AFA-B9AD-4D55-AFC7-BE56532FF56F} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5B6E5AFA-B9AD-4D55-AFC7-BE56532FF56F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D5F7AD1-F88B-4BB7-877B-E3ECF6233414}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D5F7AD1-F88B-4BB7-877B-E3ECF6233414}" => Key deleted successfully. C:\Windows\System32\Tasks\{313A6ECC-109E-4AE3-B793-A18CCEF0DD85} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{313A6ECC-109E-4AE3-B793-A18CCEF0DD85}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5764AD4A-0586-4F21-8EC0-841BC49FEC17}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5764AD4A-0586-4F21-8EC0-841BC49FEC17}" => Key deleted successfully. C:\Windows\System32\Tasks\{E7BD2750-ACB0-4066-AC6C-48FBB50F1DC7} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E7BD2750-ACB0-4066-AC6C-48FBB50F1DC7}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57A75B0B-C7A9-4F11-A5B8-BA54D58A9898}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57A75B0B-C7A9-4F11-A5B8-BA54D58A9898}" => Key deleted successfully. C:\Windows\System32\Tasks\{AF56E460-FF57-4969-8597-8794D4D515E6} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AF56E460-FF57-4969-8597-8794D4D515E6}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{81BECB83-7570-4718-B024-FBC5071E87AF}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81BECB83-7570-4718-B024-FBC5071E87AF}" => Key deleted successfully. C:\Windows\System32\Tasks\{FF881A25-8E88-4169-BFC2-EE27CC6DEB25} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FF881A25-8E88-4169-BFC2-EE27CC6DEB25}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A61FF7C-D949-47FC-9172-A46415DFE2F2}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A61FF7C-D949-47FC-9172-A46415DFE2F2}" => Key deleted successfully. C:\Windows\System32\Tasks\{C22A0D16-2044-40D4-AF92-23EF5EA1BB51} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C22A0D16-2044-40D4-AF92-23EF5EA1BB51}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{976C87CF-DF58-4847-8AA2-7E8173A83929}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{976C87CF-DF58-4847-8AA2-7E8173A83929}" => Key deleted successfully. C:\Windows\System32\Tasks\{28417D02-EBFD-41EA-B0E8-0B5F8F1ADA8D} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{28417D02-EBFD-41EA-B0E8-0B5F8F1ADA8D}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7DC78F7-0BE7-447E-A160-5BFFD1B4AF78}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7DC78F7-0BE7-447E-A160-5BFFD1B4AF78}" => Key deleted successfully. C:\Windows\System32\Tasks\{07D26930-5FD6-4823-A585-C3859560237B} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{07D26930-5FD6-4823-A585-C3859560237B}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB0F3DE5-A4C1-49B5-8F64-95830E4364DC}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB0F3DE5-A4C1-49B5-8F64-95830E4364DC}" => Key deleted successfully. C:\Windows\System32\Tasks\{B82254B4-0D89-4F34-85B2-0DC1E9C3737A} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B82254B4-0D89-4F34-85B2-0DC1E9C3737A}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B09C147F-D510-4D7E-8A93-619213A2A2BE}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B09C147F-D510-4D7E-8A93-619213A2A2BE}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\QtraxPlayer" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{BB001966-9469-4BB0-B351-4F2773E57A57}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB001966-9469-4BB0-B351-4F2773E57A57}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CABC753A-19C2-4EDA-9A57-B18F2C040742}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CABC753A-19C2-4EDA-9A57-B18F2C040742}" => Key deleted successfully. C:\Windows\System32\Tasks\{27C34344-F5D7-4B1C-947A-76C691E7525C} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{27C34344-F5D7-4B1C-947A-76C691E7525C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D71E0FAD-2E0B-4329-B1FE-193666669EB8}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D71E0FAD-2E0B-4329-B1FE-193666669EB8}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D810D586-B7EB-4647-9342-2614B6B70338}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D810D586-B7EB-4647-9342-2614B6B70338}" => Key deleted successfully. C:\Windows\System32\Tasks\Games\UpdateCheck_S-1-5-21-1222532900-2107887203-1818822403-1001 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Games\UpdateCheck_S-1-5-21-1222532900-2107887203-1818822403-1001" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D93856B1-BDAC-4B9D-B078-75CD068192D7}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D93856B1-BDAC-4B9D-B078-75CD068192D7}" => Key deleted successfully. C:\Windows\System32\Tasks\{5872F498-6809-4661-B77B-EEC5C706781C} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5872F498-6809-4661-B77B-EEC5C706781C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5903908-6724-42EE-9EE0-FEDF24A7D0ED}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5903908-6724-42EE-9EE0-FEDF24A7D0ED}" => Key deleted successfully. C:\Windows\System32\Tasks\{48918098-EC4C-41E7-B2C3-C8452722B4C3} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{48918098-EC4C-41E7-B2C3-C8452722B4C3}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA834288-635E-4327-9996-A60CBE2D5546}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA834288-635E-4327-9996-A60CBE2D5546}" => Key deleted successfully. C:\Windows\System32\Tasks\{B926C8C1-52B1-480A-A448-7612E5C2B4A6} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B926C8C1-52B1-480A-A448-7612E5C2B4A6}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB9AAAD2-475F-46BA-BA85-B5DAFAC98A22}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB9AAAD2-475F-46BA-BA85-B5DAFAC98A22}" => Key deleted successfully. C:\Windows\System32\Tasks\{F85E9ECB-762F-48CD-8E26-BF2E147CB6BF} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F85E9ECB-762F-48CD-8E26-BF2E147CB6BF}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F59D6180-9127-4189-B324-66E77FD61BE2}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F59D6180-9127-4189-B324-66E77FD61BE2}" => Key deleted successfully. C:\Windows\System32\Tasks\{38B14F9A-AD01-400F-ADA8-1B21C4F47B85} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{38B14F9A-AD01-400F-ADA8-1B21C4F47B85}" => Key deleted successfully. HKU\S-1-5-21-1222532900-2107887203-1818822403-1001\Software\Microsoft\Windows\CurrentVersion\Run\\HW_OPENEYE_OUC_PLAY ONLINE => Value not found. HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully. dgderdrv => Service deleted successfully. ewusbmbb => Service deleted successfully. VGPU => Service deleted successfully. "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully. HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0 => Key not found. HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj" => Key deleted successfully. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl" => Key deleted successfully. C:\Program Files (x86)\Spybot - Search & Destroy 2 => Moved successfully. C:\ProgramData\APN => Moved successfully. C:\ProgramData\Spybot - Search & Destroy => Moved successfully. "C:\Users\admin\AppData\Roaming\Elex-tech" => File/Directory not found. "C:\Users\admin\Desktop\install_flashplayer16x32_mssd_aaa_aih.exe" => File/Directory not found. "C:\Users\admin\Downloads\jxpiinstall.exe" => File/Directory not found. C:\Users\samuel\AppData\Local\{1DD15D88-7754-4AD0-A18C-27393E714A3B} => Moved successfully. C:\Users\samuel\AppData\Local\Google\Chrome\User Data\Default\Preferences => Moved successfully. "C:\Users\samuel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Pełne czyszczenie śmieci (2).lnk" => File/Directory not found. C:\Users\samuel\Downloads\spybot-2.4.exe => Moved successfully. C:\Windows\pss\fabulous_08150939.lnk.Startup => Moved successfully. C:\Windows\system32\Drivers\etc\hosts.*.backup => Moved successfully. C:\Windows\System32\Drivers\etc\hosts => Moved successfully. Hosts was reset successfully. ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\fabulous_08150939 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKCU\Software\Microsoft\Internet Explorer\Search" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\AdobeFlashPlayerUpdateSvc" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\FirebirdGuardianDefaultInstance" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\FirebirdServerDefaultInstance" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\OMSI download service" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^samuel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^fabulous_08150939.lnk" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Akamai NetSession Interface" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\fabulous_08150939" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= sc config FoxitCloudUpdateService start= demand ========= [SC] ChangeServiceConfig SUKCES ========= End of CMD: ========= ========= sc config WinDefend start= demand ========= [SC] ChangeServiceConfig SUKCES ========= End of CMD: ========= EmptyTemp: => Removed 627.1 MB temporary data. The system needed a reboot. ==== End of Fixlog 19:58:08 ====