Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-08-2013 02 Ran by lukasz at 2013-08-23 06:20:48 Run:1 Running from C:\Users\lukasz\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** Task: {6D47B343-30D1-4206-8531-51115C7334BE} - System32\Tasks\{4FCEA4D4-7C83-414E-877E-509CDB42FBDE} => C:\Program Files\Trend Micro\Internet Security\UfNavi.exe No File Task: {6D74210A-760F-4EC5-A0E5-41045170AF70} - System32\Tasks\{C10C108E-E06E-46C2-BC39-7EC1ABAAB333} => C:\Users\lukasz\Downloads\XP-Codec-Pack-2.4.6_unidownload.com(1).exe No File Task: {755734D2-3D14-4A0C-9941-4AB0EF4B5470} - System32\Tasks\{5F3E11B9-CA9C-4A02-8A68-67174F1E92A6} => C:\Users\lukasz\Desktop\FC2.exe No File Task: {79A355DD-70DB-4A33-B220-29C5F251B710} - System32\Tasks\{ABEFE51D-9E9C-4E32-8735-16E9BBF616E7} => C:\Users\lukasz\Desktop\FC2.exe No File Task: {8D0ED8D4-48B5-4790-A83D-A25568C60BB1} - System32\Tasks\{D021882A-9E2C-4CA0-B7A5-57798B73BC2A} => C:\Users\lukasz\Downloads\FLVPlayerSetup.exe No File Task: {91ED52A5-0624-4FF6-9E9F-DB2EBC890B0B} - System32\Tasks\{A4FD417C-3DDE-4465-B250-A05C56393892} => C:\Program Files (x86)\Nero\Nero 11\Nero Burning ROM\nero.exe No File Task: {9D6B4CAE-D4E6-43DC-A1A8-30BB111D639A} - System32\Tasks\{AB1F8A5C-99E0-49FF-BA85-A9A715DE73C6} => C:\Users\lukasz\Downloads\FLVPlayerSetup.exe No File Task: {9EA9AD21-25EA-4E0A-B12C-21F718853BD9} - System32\Tasks\{E79D66F8-0AA0-48EB-93BA-643AF404A877} => C:\Program Files\Trend Micro\Internet Security\UfNavi.exe No File Task: {B925E4C3-87B0-47B7-9908-F5272CDD2C1F} - System32\Tasks\{7D797225-AB35-436A-8F9C-8B1D2864B5FE} => C:\Program Files (x86)\Norton AntiVirus\Engine\18.6.0.29\uistub.exe No File Task: {BABEFB61-09A8-45F9-B7B5-CE6841C12941} - \AmiUpdXp No Task File Task: {FDD2A6BA-120E-4560-B6F9-305A89F91FD3} - System32\Tasks\{B92D40CC-F2ED-45D4-B863-F93BC47A6E6B} => C:\Users\lukasz\Downloads\XP-Codec-Pack-2.4.6_unidownload.com(1).exe No File Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File HKLM\...\Run: [ASUS WebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [x] HKLM\...\Run: [Setwallpaper] - c:\programdata\SetWallpaper.cmd [x] HKLM\...\Run: [zLoader.exe] - "C:\Program Files (x86)\Cyfrowy Polsat\MF821\Bin\zLoader.exe" [x] HKLM\...\Run: [CancelAutoPlay.exe] - "C:\Program Files (x86)\Cyfrowy Polsat\MF821\Bin\CancelAutoPlay.exe" [x] HKCU\...\Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [x] AppInit_DLLs-x32: c:\progra~3\browse~1\251005~1.80\{c16c1~1\browse~1.dll [97280 2009-07-14] () Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File S3 ipswuio; System32\DRIVERS\ipswuio.sys [x] S3 massfilter_lte; \??\C:\Windows\system32\drivers\massfilter_lte.sys [x] U3 tmlwf; U3 tmwfp; S3 zgdcat; system32\DRIVERS\zgdcat.sys [x] S3 zgdcdiag; system32\DRIVERS\zgdcdiag.sys [x] S3 zgdcmdm; system32\DRIVERS\zgdcmdm.sys [x] S3 zgdcnet; system32\DRIVERS\zgdcnet.sys [x] S3 zgdcnmea; system32\DRIVERS\zgdcnmea.sys [x] c:\progra~3\browse~1 C:\Windows\¸ó$ ***************** HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D47B343-30D1-4206-8531-51115C7334BE} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D47B343-30D1-4206-8531-51115C7334BE} => Key deleted successfully. C:\Windows\System32\Tasks\{4FCEA4D4-7C83-414E-877E-509CDB42FBDE} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4FCEA4D4-7C83-414E-877E-509CDB42FBDE} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D74210A-760F-4EC5-A0E5-41045170AF70} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D74210A-760F-4EC5-A0E5-41045170AF70} => Key deleted successfully. C:\Windows\System32\Tasks\{C10C108E-E06E-46C2-BC39-7EC1ABAAB333} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C10C108E-E06E-46C2-BC39-7EC1ABAAB333} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{755734D2-3D14-4A0C-9941-4AB0EF4B5470} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{755734D2-3D14-4A0C-9941-4AB0EF4B5470} => Key deleted successfully. C:\Windows\System32\Tasks\{5F3E11B9-CA9C-4A02-8A68-67174F1E92A6} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5F3E11B9-CA9C-4A02-8A68-67174F1E92A6} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79A355DD-70DB-4A33-B220-29C5F251B710} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79A355DD-70DB-4A33-B220-29C5F251B710} => Key deleted successfully. C:\Windows\System32\Tasks\{ABEFE51D-9E9C-4E32-8735-16E9BBF616E7} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ABEFE51D-9E9C-4E32-8735-16E9BBF616E7} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D0ED8D4-48B5-4790-A83D-A25568C60BB1} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D0ED8D4-48B5-4790-A83D-A25568C60BB1} => Key deleted successfully. C:\Windows\System32\Tasks\{D021882A-9E2C-4CA0-B7A5-57798B73BC2A} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D021882A-9E2C-4CA0-B7A5-57798B73BC2A} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91ED52A5-0624-4FF6-9E9F-DB2EBC890B0B} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91ED52A5-0624-4FF6-9E9F-DB2EBC890B0B} => Key deleted successfully. C:\Windows\System32\Tasks\{A4FD417C-3DDE-4465-B250-A05C56393892} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A4FD417C-3DDE-4465-B250-A05C56393892} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D6B4CAE-D4E6-43DC-A1A8-30BB111D639A} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D6B4CAE-D4E6-43DC-A1A8-30BB111D639A} => Key deleted successfully. C:\Windows\System32\Tasks\{AB1F8A5C-99E0-49FF-BA85-A9A715DE73C6} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AB1F8A5C-99E0-49FF-BA85-A9A715DE73C6} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9EA9AD21-25EA-4E0A-B12C-21F718853BD9} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9EA9AD21-25EA-4E0A-B12C-21F718853BD9} => Key deleted successfully. C:\Windows\System32\Tasks\{E79D66F8-0AA0-48EB-93BA-643AF404A877} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E79D66F8-0AA0-48EB-93BA-643AF404A877} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B925E4C3-87B0-47B7-9908-F5272CDD2C1F} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B925E4C3-87B0-47B7-9908-F5272CDD2C1F} => Key deleted successfully. C:\Windows\System32\Tasks\{7D797225-AB35-436A-8F9C-8B1D2864B5FE} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7D797225-AB35-436A-8F9C-8B1D2864B5FE} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BABEFB61-09A8-45F9-B7B5-CE6841C12941} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BABEFB61-09A8-45F9-B7B5-CE6841C12941} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FDD2A6BA-120E-4560-B6F9-305A89F91FD3} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDD2A6BA-120E-4560-B6F9-305A89F91FD3} => Key deleted successfully. C:\Windows\System32\Tasks\{B92D40CC-F2ED-45D4-B863-F93BC47A6E6B} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B92D40CC-F2ED-45D4-B863-F93BC47A6E6B} => Key deleted successfully. ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Key deleted successfully. HKCR\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully. HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ASUS WebStorage => Value deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Setwallpaper => Value deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\zLoader.exe => Value deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\CancelAutoPlay.exe => Value deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\msnmsgr => Value deleted successfully. HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully. HKCR\Wow6432Node\PROTOCOLS\Handler\gopher => Key deleted successfully. HKCR\Wow6432Node\CLSID\{79eac9e4-baf9-11ce-8c82-00aa004ba90b} => Key not found. ipswuio => Service deleted successfully. massfilter_lte => Service deleted successfully. U3 tmlwf; => Service not found. U3 tmwfp; => Service not found. zgdcat => Service deleted successfully. zgdcdiag => Service deleted successfully. zgdcmdm => Service deleted successfully. zgdcnet => Service deleted successfully. zgdcnmea => Service deleted successfully. "c:\progra~3\browse~1" => File/Directory not found. C:\Windows\¸ó$ => Moved successfully. ==== End of Fixlog ====