Fix result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Kuba at 2015-07-09 22:01:28 Run:1
Running from C:\Users\Kuba\Desktop\Nowy folder
Loaded Profiles: Kuba (Available Profiles: Kuba & Gość)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
CustomCLSID: HKU\S-1-5-21-4210197690-3277502692-2936419266-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4210197690-3277502692-2936419266-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4210197690-3277502692-2936419266-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4210197690-3277502692-2936419266-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4210197690-3277502692-2936419266-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4210197690-3277502692-2936419266-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Task: {0EB45812-50FB-4FFC-8854-1CB507722678} - System32\Tasks\{342D25EC-1B49-42FD-B7E9-7145692D888D} => pcalua.exe -a "C:\Users\Kuba\Desktop\​‌\HAC\Advanced RAR Password Recovery.exe" -d C:\Users\Kuba\Desktop\​‌\HAC
Task: {1D9B0FD1-BBA3-4994-950F-9E0766DA6A3E} - System32\Tasks\{60938517-7198-4632-B31E-627AFFB697CF} => pcalua.exe -a "C:\Users\Kuba\AppData\Roaming\.minecraft\mods\Millienarie\Millenaire Installer\Millenaire Installer\Millenaire Installer.exe" -d "C:\Users\Kuba\AppData\Roaming\.minecraft\mods\Millienarie\Millenaire Installer\Millenaire Installer"
Task: {30082EF5-A046-469C-BE97-47E3B72950FA} - System32\Tasks\Z9e8sf5IR => C:\Users\Kuba\AppData\Roaming\Z9e8sf5IR.exe [2015-04-20] () <==== ATTENTION
Task: {7D2CD53F-E29D-4DA3-B6ED-CFBE3A304B54} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-07-08] (AnyProtect.com) <==== ATTENTION
Task: {84CDA21A-FC4D-4D67-BD6E-9FB819A12ECE} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{8ED5B068-5C53-4271-BEAA-65F32721B994}.exe
Task: {97E3A1E2-848B-4157-9FB3-AE1E3FE0AAD5} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-07-08] (AnyProtect.com) <==== ATTENTION
Task: {B6C853E8-B6AE-4AB9-BAE4-47F39EBA84B5} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-07-08] (AnyProtect.com) <==== ATTENTION
Task: {CFD06470-0D42-4E4E-B747-6796C31C59F9} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{0B4E20CD-8DA2-4539-AED8-16094F3580DE}.exe
Task: {E79B7989-60E0-46CA-9C28-B17F2801289C} - System32\Tasks\veVNOUyn6maUmgP => C:\Users\Kuba\AppData\Roaming\veVNOUyn6maUmgP.exe [2015-04-20] () <==== ATTENTION
Task: {F63B190E-97D4-40AA-83C1-B28C10BFE297} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Kuba\AppData\Local\SmartWeb\SmartWebHelper.exe [2015-02-17] (SoftBrain Technologies Ltd.) <==== ATTENTION
Task: {FD4D1BEE-24EA-48DA-9D6B-3A7B7CE13F07} - System32\Tasks\{C299A6C4-78B5-442E-BEF8-B6456F21055D} => pcalua.exe -a C:\Users\Kuba\Desktop\Ikony\Gry\Minecraft\Minecraft_Beta_Cracked_v1.7.3.exe -d C:\Users\Kuba\Desktop\Ikony\Gry\Minecraft
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{8ED5B068-5C53-4271-BEAA-65F32721B994}.exe <==== ATTENTION
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{0B4E20CD-8DA2-4539-AED8-16094F3580DE}.exe <==== ATTENTION
Task: C:\Windows\Tasks\veVNOUyn6maUmgP.job => C:\Users\Kuba\AppData\Roaming\veVNOUyn6maUmgP.exe <==== ATTENTION
Task: C:\Windows\Tasks\Z9e8sf5IR.job => C:\Users\Kuba\AppData\Roaming\Z9e8sf5IR.exe <==== ATTENTION
C:\Users\Kuba\AppData\Roaming\veVNOUyn6maUmgP.exe
C:\Users\Kuba\AppData\Roaming\Z9e8sf5IR.exe
C:\Program Files (x86)\AnyProtectEx
C:\Users\Kuba\AppData\Local\SmartWeb
2015-07-06 16:05 - 2015-07-06 16:05 - 00591360 _____ () C:\Users\Kuba\AppData\Roaming\B661E556-1436193973-E011-AB32-B870F48BF876\knsr67D0.tmpfs
2015-07-06 16:46 - 2015-07-06 16:46 - 00165376 _____ () C:\Users\Kuba\AppData\Roaming\B661E556-1436193973-E011-AB32-B870F48BF876\hnsr9E62.tmp
2015-07-08 21:42 - 2015-07-08 11:03 - 03287696 _____ () C:\Users\Kuba\AppData\Local\gmsd_pl_005010025\upgmsd_pl_005010025.exe
C:\Users\Kuba\AppData\Roaming\B661E556-1436193973-E011-AB32-B870F48BF876
C:\Program Files (x86)\gmsd_pl_005010025
C:\Program Files (x86)\MiuiTab
HKLM-x32\...\Run: [mbot_pl_11] => [X]
HKLM-x32\...\Run: [gmsd_pl_005010023] => [X]
HKLM-x32\...\Run: [SmartWeb] => C:\Users\Kuba\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.)
HKLM-x32\...\Run: [gmsd_pl_005010025] => C:\Program Files (x86)\gmsd_pl_005010025\gmsd_pl_005010025.exe [3988112 2015-07-08] ()
HKLM-x32\...\RunOnce: [upgmsd_pl_005010025.exe] => C:\Users\Kuba\AppData\Local\gmsd_pl_005010025\upgmsd_pl_005010025.exe [3287696 2015-07-08] ()
Startup: C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-07-08]
ShortcutTarget: SmartWeb.lnk -> C:\Users\Kuba\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsur...U1C607352173521
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsur...U1C607352173521
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsur...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsur...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsur...U1C607352173521
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsur...U1C607352173521
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsur...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsur...q={searchTerms}
HKU\S-1-5-21-4210197690-3277502692-2936419266-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsur...q={searchTerms}
HKU\S-1-5-21-4210197690-3277502692-2936419266-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsur...U1C607352173521
HKU\S-1-5-21-4210197690-3277502692-2936419266-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsur...U1C607352173521
HKU\S-1-5-21-4210197690-3277502692-2936419266-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-4210197690-3277502692-2936419266-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-4210197690-3277502692-2936419266-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-4210197690-3277502692-2936419266-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-4210197690-3277502692-2936419266-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsur...q={searchTerms}
SearchScopes: HKU\S-1-5-21-4210197690-3277502692-2936419266-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.istartsur...q={searchTerms}
BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} ->  No File
BHO-x32: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} ->  No File
BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\MiuiTab\SupTab.dll [2015-06-24] (Thinknice Co. Limited)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.istartsur...U1C607352173521
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1436384516&z=49c4f797b72c67a1666d18bg9z3c6q1c3b6z2w7gcg&from=face&uid=WDCXWD6400BPVT-22HXZT1_WD-WXU1C607352173521
FF DefaultSearchEngine: istartsurf
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hppp&ts=1436384551&z=d5c18b9c6a24772fde55f76g1z5c8q5c3bez8w2z3q&from=face&uid=WDCXWD6400BPVT-22HXZT1_WD-WXU1C607352173521
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml [2015-07-08]
FF Extension: QuickSearch - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\8veoe5rg.default\Extensions\searchffv2@gmail.com [2015-07-08]
FF HKLM-x32\...\Firefox\Extensions: [searchffv2@gmail.com] - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\8veoe5rg.default\extensions\searchffv2@gmail.com
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.istartsur...U1C607352173521
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.istartsur...U1C607352173521
R2 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-06-24] (XTab system)
R2 vicoqudu; C:\Users\Kuba\AppData\Roaming\B661E556-1436193973-E011-AB32-B870F48BF876\hnsr9E62.tmp [165376 2015-07-06] () [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [707240 2015-07-08] (DTools LIMITED) <==== ATTENTION
R2 tohohyko; C:\Users\Kuba\AppData\Roaming\B661E556-1436193973-E011-AB32-B870F48BF876\knsr67D0.tmpfs [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S1 innfd_1_10_0_14; system32\drivers\innfd_1_10_0_14.sys [X]
2015-07-08 21:44 - 2015-07-08 22:16 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-07-08 21:44 - 2015-07-08 22:16 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-07-08 21:44 - 2015-07-08 22:05 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-07-08 21:44 - 2015-07-08 21:45 - 00002826 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-07-08 21:44 - 2015-07-08 21:45 - 00002824 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-07-08 21:44 - 2015-07-08 21:45 - 00002824 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-07-08 21:44 - 2015-07-08 21:44 - 00001013 _____ C:\Users\Kuba\Desktop\AnyProtect.lnk
2015-07-08 21:44 - 2015-07-08 21:44 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-07-08 21:43 - 2015-07-08 21:44 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-07-08 21:43 - 2015-07-08 21:43 - 00613255 _____ (CMI Limited) C:\Users\Kuba\AppData\Local\nsnCDB.tmp
2015-07-08 21:43 - 2015-07-08 21:43 - 00000000 __SHD C:\Users\Kuba\AppData\Roaming\AnyProtectEx
2015-07-08 21:42 - 2015-07-08 22:20 - 00000000 ____D C:\Users\Kuba\AppData\Local\gmsd_pl_005010025
2015-07-08 21:42 - 2015-07-08 21:42 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\istartsurf
2015-07-08 21:42 - 2015-07-08 21:42 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-07-08 21:42 - 2015-07-08 21:42 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-07-08 21:42 - 2015-07-08 21:42 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-08 21:42 - 2015-07-08 21:42 - 00000000 ____D C:\Program Files (x86)\gmsd_pl_005010025
2015-07-08 21:41 - 2015-07-08 21:41 - 00004040 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-07-08 21:41 - 2015-07-08 21:41 - 00000000 ____D C:\Users\Kuba\AppData\Local\SmartWeb
2015-07-07 17:44 - 2015-07-07 17:44 - 00613255 _____ (CMI Limited) C:\Users\Kuba\AppData\Local\nsc814E.tmp
2015-07-07 16:52 - 2015-07-07 16:52 - 00613255 _____ (CMI Limited) C:\Users\Kuba\AppData\Local\nss99FF.tmp
2015-07-07 16:50 - 2015-07-07 16:50 - 00000000 _____ C:\Windows\prleth.sys
2015-07-07 16:50 - 2015-07-07 16:50 - 00000000 _____ C:\Windows\hgfs.sys
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
C:\ProgramData\boost_interprocess
EmptyTemp:
*****************


========= reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomy˜lnie.



========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomy˜lnie.



========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomy˜lnie.



========= End of Reg: =========

"HKU\S-1-5-21-4210197690-3277502692-2936419266-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => key removed successfully
"HKU\S-1-5-21-4210197690-3277502692-2936419266-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => key removed successfully
"HKU\S-1-5-21-4210197690-3277502692-2936419266-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => key removed successfully
"HKU\S-1-5-21-4210197690-3277502692-2936419266-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}" => key removed successfully
"HKU\S-1-5-21-4210197690-3277502692-2936419266-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => key removed successfully
"HKU\S-1-5-21-4210197690-3277502692-2936419266-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0EB45812-50FB-4FFC-8854-1CB507722678}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EB45812-50FB-4FFC-8854-1CB507722678}" => key removed successfully
C:\Windows\System32\Tasks\{342D25EC-1B49-42FD-B7E9-7145692D888D} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{342D25EC-1B49-42FD-B7E9-7145692D888D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D9B0FD1-BBA3-4994-950F-9E0766DA6A3E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D9B0FD1-BBA3-4994-950F-9E0766DA6A3E}" => key removed successfully
C:\Windows\System32\Tasks\{60938517-7198-4632-B31E-627AFFB697CF} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{60938517-7198-4632-B31E-627AFFB697CF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{30082EF5-A046-469C-BE97-47E3B72950FA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30082EF5-A046-469C-BE97-47E3B72950FA}" => key removed successfully
C:\Windows\System32\Tasks\Z9e8sf5IR => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Z9e8sf5IR" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D2CD53F-E29D-4DA3-B6ED-CFBE3A304B54}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D2CD53F-E29D-4DA3-B6ED-CFBE3A304B54}" => key removed successfully
C:\Windows\System32\Tasks\APSnotifierPP1 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{84CDA21A-FC4D-4D67-BD6E-9FB819A12ECE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84CDA21A-FC4D-4D67-BD6E-9FB819A12ECE}" => key removed successfully
C:\Windows\System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-Secure-Search-Update_JUNE2013_HP_rmv" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97E3A1E2-848B-4157-9FB3-AE1E3FE0AAD5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97E3A1E2-848B-4157-9FB3-AE1E3FE0AAD5}" => key removed successfully
C:\Windows\System32\Tasks\APSnotifierPP2 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6C853E8-B6AE-4AB9-BAE4-47F39EBA84B5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6C853E8-B6AE-4AB9-BAE4-47F39EBA84B5}" => key removed successfully
C:\Windows\System32\Tasks\APSnotifierPP3 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CFD06470-0D42-4E4E-B747-6796C31C59F9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFD06470-0D42-4E4E-B747-6796C31C59F9}" => key removed successfully
C:\Windows\System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-Secure-Search-Update_JUNE2013_TB_rmv" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E79B7989-60E0-46CA-9C28-B17F2801289C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E79B7989-60E0-46CA-9C28-B17F2801289C}" => key removed successfully
C:\Windows\System32\Tasks\veVNOUyn6maUmgP => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\veVNOUyn6maUmgP" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F63B190E-97D4-40AA-83C1-B28C10BFE297}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F63B190E-97D4-40AA-83C1-B28C10BFE297}" => key removed successfully
C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD4D1BEE-24EA-48DA-9D6B-3A7B7CE13F07}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD4D1BEE-24EA-48DA-9D6B-3A7B7CE13F07}" => key removed successfully
C:\Windows\System32\Tasks\{C299A6C4-78B5-442E-BEF8-B6456F21055D} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C299A6C4-78B5-442E-BEF8-B6456F21055D}" => key removed successfully
C:\Windows\Tasks\APSnotifierPP1.job => moved successfully.
C:\Windows\Tasks\APSnotifierPP2.job => moved successfully.
C:\Windows\Tasks\APSnotifierPP3.job => moved successfully.
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => moved successfully.
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => moved successfully.
C:\Windows\Tasks\veVNOUyn6maUmgP.job => moved successfully.
C:\Windows\Tasks\Z9e8sf5IR.job => moved successfully.
C:\Users\Kuba\AppData\Roaming\veVNOUyn6maUmgP.exe => moved successfully.
C:\Users\Kuba\AppData\Roaming\Z9e8sf5IR.exe => moved successfully.
"C:\Program Files (x86)\AnyProtectEx" => File/Folder not found.

"C:\Users\Kuba\AppData\Local\SmartWeb" folder move:

Could not move "C:\Users\Kuba\AppData\Local\SmartWeb" folder => Scheduled to move on reboot.

C:\Users\Kuba\AppData\Roaming\B661E556-1436193973-E011-AB32-B870F48BF876\knsr67D0.tmpfs => moved successfully.
C:\Users\Kuba\AppData\Roaming\B661E556-1436193973-E011-AB32-B870F48BF876\hnsr9E62.tmp => moved successfully.
C:\Users\Kuba\AppData\Local\gmsd_pl_005010025\upgmsd_pl_005010025.exe => moved successfully.
C:\Users\Kuba\AppData\Roaming\B661E556-1436193973-E011-AB32-B870F48BF876 => moved successfully.
C:\Program Files (x86)\gmsd_pl_005010025 => moved successfully.
C:\Program Files (x86)\MiuiTab => moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mbot_pl_11 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_pl_005010023 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SmartWeb => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_pl_005010025 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\upgmsd_pl_005010025.exe => value removed successfully
C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk => moved successfully.
C:\Users\Kuba\AppData\Local\SmartWeb\SmartWebHelper.exe => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-4210197690-3277502692-2936419266-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-4210197690-3277502692-2936419266-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-4210197690-3277502692-2936419266-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-4210197690-3277502692-2936419266-1001\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-4210197690-3277502692-2936419266-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-4210197690-3277502692-2936419266-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. 
"HKU\S-1-5-21-4210197690-3277502692-2936419266-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}" => key removed successfully
HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => key not found. 
"HKU\S-1-5-21-4210197690-3277502692-2936419266-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found. 
"HKU\S-1-5-21-4210197690-3277502692-2936419266-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}" => key removed successfully
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}" => key removed successfully
HKCR\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}" => key removed successfully
HKCR\Wow6432Node\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => key removed successfully
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
Firefox newtab removed successfully
Firefox DefaultSearchEngine removed successfully
Firefox SelectedSearchEngine removed successfully
Firefox homepage removed successfully
C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml => moved successfully.
C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\8veoe5rg.default\Extensions\searchffv2@gmail.com => moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\searchffv2@gmail.com => value removed successfully
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => value restored successfully
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => value restored successfully
IHProtect Service => Service stopped successfully.
IHProtect Service => Service removed successfully
vicoqudu => Service stopped successfully.
vicoqudu => Service removed successfully
WindowsMangerProtect => Service stopped successfully.
WindowsMangerProtect => Service removed successfully
tohohyko => Service stopped successfully.
tohohyko => Service removed successfully
EagleX64 => Service removed successfully
ewusbmbb => Service removed successfully
ewusbnet => Service removed successfully
ew_hwusbdev => Service removed successfully
ew_usbenumfilter => Service removed successfully
huawei_cdcacm => Service removed successfully
huawei_enumerator => Service removed successfully
huawei_ext_ctrl => Service removed successfully
huawei_wwanecm => Service removed successfully
hwdatacard => Service removed successfully
hwusbdev => Service removed successfully
innfd_1_10_0_14 => Service removed successfully
"C:\Windows\Tasks\APSnotifierPP3.job" => File/Folder not found.
"C:\Windows\Tasks\APSnotifierPP2.job" => File/Folder not found.
"C:\Windows\Tasks\APSnotifierPP1.job" => File/Folder not found.
"C:\Windows\System32\Tasks\APSnotifierPP1" => File/Folder not found.
"C:\Windows\System32\Tasks\APSnotifierPP3" => File/Folder not found.
"C:\Windows\System32\Tasks\APSnotifierPP2" => File/Folder not found.
"C:\Users\Kuba\Desktop\AnyProtect.lnk" => File/Folder not found.
"C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup" => File/Folder not found.
"C:\Program Files (x86)\AnyProtectEx" => File/Folder not found.
C:\Users\Kuba\AppData\Local\nsnCDB.tmp => moved successfully.
C:\Users\Kuba\AppData\Roaming\AnyProtectEx => moved successfully.

"C:\Users\Kuba\AppData\Local\gmsd_pl_005010025" folder move:

Could not move "C:\Users\Kuba\AppData\Local\gmsd_pl_005010025" folder => Scheduled to move on reboot.

"C:\Users\Kuba\AppData\Roaming\istartsurf" => File/Folder not found.
C:\ProgramData\WindowsMangerProtect => moved successfully.
C:\ProgramData\IHProtectUpDate => moved successfully.
"C:\Program Files (x86)\MiuiTab" => File/Folder not found.
"C:\Program Files (x86)\gmsd_pl_005010025" => File/Folder not found.
"C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task" => File/Folder not found.

"C:\Users\Kuba\AppData\Local\SmartWeb" folder move:

Could not move "C:\Users\Kuba\AppData\Local\SmartWeb" folder => Scheduled to move on reboot.

C:\Users\Kuba\AppData\Local\nsc814E.tmp => moved successfully.
C:\Users\Kuba\AppData\Local\nss99FF.tmp => moved successfully.
C:\Windows\prleth.sys => moved successfully.
C:\Windows\hgfs.sys => moved successfully.
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => moved successfully.

"C:\ProgramData\boost_interprocess" folder move:

Could not move "C:\ProgramData\boost_interprocess" folder => Scheduled to move on reboot.

EmptyTemp: => 385.2 MB temporary data Removed.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-07-09 22:03:54)<=

C:\Users\Kuba\AppData\Local\SmartWeb => moved successfully
C:\Users\Kuba\AppData\Local\gmsd_pl_005010025 => moved successfully
C:\Users\Kuba\AppData\Local\SmartWeb => Is moved successfully
C:\ProgramData\boost_interprocess => Is moved successfully

==== End of Fixlog 22:04:05 ====