Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-08-2013 03
Ran by oem at 2013-08-27 18:33:55 Run:1
Running from C:\Users\oem\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Reg: reg delete HKCU\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1} /f
Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" /f
HKU\Dracula\...\Run: [HEXelon MAX] - "C:\Users\oem\Desktop\HEXelonMAX6\hexelon.exe" /auto [x]
HKU\Dracula\...\Run: [DAEMON Tools Lite] - "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKU\Dracula\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB [x]
HKU\Dracula\...\Winlogon: [Shell] C:\Users\Dracula\AppData\Roaming\hdddoctor.exe <==== ATTENTION
Winlogon\Notify\avldr:
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [301120 2013-08-16] (Wsys Co., Ltd.)
Task: {29CB90EB-AEAF-49AD-8EDF-B564CE7D7889} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2013.3.3.19\SymErr.exe No File
Task: {A402836A-8239-4ED1-B52A-9124A5B60BB9} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2013.3.3.19\SymErr.exe No File
SearchScopes: HKCU - {B6009401-8A01-4AB2-B87D-C7C37A093367} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=867034&p={searchTerms}
DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab
C:\Program Files\Common Files\AVG Secure Search
C:\ProgramData\eSafe
C:\ProgramData\Premium
Folder: C:\Windows\$NtUninstallKB2845142_WM64$

*****************


========= reg delete HKCU\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1} /f =========

Operacja ukończona pomyślnie.



========= End of Reg: =========


========= reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" /f =========

Operacja ukończona pomyślnie.



========= End of Reg: =========

HKU\Dracula\Software\Microsoft\Windows\CurrentVersion\Run\\HEXelon MAX => Value deleted successfully.
HKU\Dracula\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\Dracula\Software\Microsoft\Windows\CurrentVersion\Run\\AVG-Secure-Search-Update_JUNE2013_TB => Value deleted successfully.
HKU\Dracula\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Winlogon\Notify\avldr: => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => Value deleted successfully.
HKCR\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => Key not found.
Winsock: Catalog5 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\system32\NLAapi.dll
Winsock: Catalog5 entry 000000000005\\LibraryPath  was set successfully to %SystemRoot%\System32\mswsock.dll
WsysSvc => Service deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29CB90EB-AEAF-49AD-8EDF-B564CE7D7889} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29CB90EB-AEAF-49AD-8EDF-B564CE7D7889} => Key deleted successfully.
C:\Windows\System32\Tasks\Norton Identity Safe\Norton Error Analyzer => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Identity Safe\Norton Error Analyzer => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A402836A-8239-4ED1-B52A-9124A5B60BB9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A402836A-8239-4ED1-B52A-9124A5B60BB9} => Key deleted successfully.
C:\Windows\System32\Tasks\Norton Identity Safe\Norton Error Processor => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Identity Safe\Norton Error Processor => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B6009401-8A01-4AB2-B87D-C7C37A093367} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{B6009401-8A01-4AB2-B87D-C7C37A093367} => Key not found.
HKCR\CLSID\{68282C51-9459-467B-95BF-3C0E89627E55} => Key deleted successfully.
C:\Program Files\Common Files\AVG Secure Search => Moved successfully.
C:\ProgramData\eSafe => Moved successfully.
"C:\ProgramData\Premium" => File/Directory not found.

========================= Folder: C:\Windows\$NtUninstallKB2845142_WM64$ ========================

2013-08-18 10:57 - 2013-08-18 10:57 - 0000000 ___DC () C:\Windows\$NtUninstallKB2845142_WM64$\spuninst
2013-08-18 10:57 - 2007-01-20 22:26 - 1565480 ____C (Microsoft Corporation) C:\Windows\$NtUninstallKB2845142_WM64$\wmv9vcm.dll
2013-08-18 10:57 - 2007-07-27 08:36 - 0234360 ____C (Microsoft Corporation) C:\Windows\$NtUninstallKB2845142_WM64$\spuninst\spuninst.exe
2013-08-18 10:57 - 2013-08-18 10:57 - 0015606 ___AC () C:\Windows\$NtUninstallKB2845142_WM64$\spuninst\spuninst.inf
2013-08-18 10:57 - 2013-08-18 10:57 - 0000229 ___AC () C:\Windows\$NtUninstallKB2845142_WM64$\spuninst\spuninst.txt
2013-08-18 10:57 - 2007-07-27 10:41 - 0382840 ____C (Microsoft Corporation) C:\Windows\$NtUninstallKB2845142_WM64$\spuninst\updspapi.dll

====== End of Folder: ======



The system needs a manual reboot. 

==== End of Fixlog ====