Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-10-2013 Ran by admin at 2013-10-21 12:04:52 Run:1 Running from C:\Users\admin\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** HKCU\...\Run: [AdobeBridge] - [x] S3 DAUpdaterSvc; D:\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [x] S4 FLEXnet Licensing Service; "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [x] S1 NetPeeker; C:\Windows\SysWow64\Drivers\NetPeeker.sys [246864 2011-12-02] (Ming Jin) S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.) Task: {063EE7B3-AA45-423B-B0DE-2A9835566412} - \ParetoLogic Update Version3 No Task File Task: {694123EB-A383-401B-8843-CB2864ED1755} - System32\Tasks\{DAB243FF-8732-42DA-BBDC-85AC4F5696D7} => D:\Magicka\Magicka.exe Task: {7EB07ECB-047E-405D-88A3-4A7D31E1E168} - System32\Tasks\{A7A7286F-F5AC-45C9-978A-4BC0D256947C} => D:\Magicka\Magicka.exe Task: {BAB5DCEC-10D9-4C8C-9707-3433DA71B0FA} - \ParetoLogic Registration3 No Task File Task: {ECB8F49A-C36E-4077-94C3-AD2CF51810B1} - System32\Tasks\RegCure Pro => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe Task: {F966443B-A103-4588-84A9-C7C69ED5FCD9} - System32\Tasks\{F296B5A7-F5D8-4375-816F-9B32CC302613} => D:\Magicka\Magicka.exe Task: C:\Windows\Tasks\RegCure Pro.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe AlternateDataStreams: C:\ProgramData:gs5sys AlternateDataStreams: C:\Users\admin:gs5sys AlternateDataStreams: C:\Users\All Users:gs5sys AlternateDataStreams: C:\Users\admin\Cookies:gs5sys AlternateDataStreams: C:\Users\admin\Dane aplikacji:gs5sys AlternateDataStreams: C:\Users\admin\Szablony:gs5sys AlternateDataStreams: C:\Users\admin\Ustawienia lokalne:gs5sys AlternateDataStreams: C:\Users\admin\AppData\Local:gs5sys AlternateDataStreams: C:\Users\admin\AppData\Roaming:gs5sys AlternateDataStreams: C:\Users\admin\AppData\Local\Dane aplikacji:gs5sys AlternateDataStreams: C:\Users\admin\AppData\Local\Historia:gs5sys AlternateDataStreams: C:\Users\admin\Documents\desktop.ini:gs5sys AlternateDataStreams: C:\ProgramData\Application Data:gs5sys AlternateDataStreams: C:\ProgramData\Dane aplikacji:gs5sys AlternateDataStreams: C:\ProgramData\Szablony:gs5sys AlternateDataStreams: C:\ProgramData\Templates:gs5sys AlternateDataStreams: C:\ProgramData\Documents\desktop.ini:gs5sys AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys C:\Windows\SysWow64\Drivers\NetPeeker.sys C:\Windows\SysWow64\npptNT2.sys C:\Users\admin\AppData\Roaming\mozilla Reg: reg delete HKCU\Software\Mozilla /f Reg: reg delete HKCU\Software\MozillaPlugins /f Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\mozilla.org /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f Reg: reg add "HKCU\Software\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ***************** HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Value deleted successfully. DAUpdaterSvc => Service deleted successfully. FLEXnet Licensing Service => Service deleted successfully. NetPeeker => Service deleted successfully. NPPTNT2 => Service deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{063EE7B3-AA45-423B-B0DE-2A9835566412} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{063EE7B3-AA45-423B-B0DE-2A9835566412} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ParetoLogic Update Version3 => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{694123EB-A383-401B-8843-CB2864ED1755} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{694123EB-A383-401B-8843-CB2864ED1755} => Key deleted successfully. C:\Windows\System32\Tasks\{DAB243FF-8732-42DA-BBDC-85AC4F5696D7} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DAB243FF-8732-42DA-BBDC-85AC4F5696D7} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EB07ECB-047E-405D-88A3-4A7D31E1E168} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EB07ECB-047E-405D-88A3-4A7D31E1E168} => Key deleted successfully. C:\Windows\System32\Tasks\{A7A7286F-F5AC-45C9-978A-4BC0D256947C} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A7A7286F-F5AC-45C9-978A-4BC0D256947C} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BAB5DCEC-10D9-4C8C-9707-3433DA71B0FA} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAB5DCEC-10D9-4C8C-9707-3433DA71B0FA} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ParetoLogic Registration3 => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ECB8F49A-C36E-4077-94C3-AD2CF51810B1} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ECB8F49A-C36E-4077-94C3-AD2CF51810B1} => Key deleted successfully. C:\Windows\System32\Tasks\RegCure Pro => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegCure Pro => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F966443B-A103-4588-84A9-C7C69ED5FCD9} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F966443B-A103-4588-84A9-C7C69ED5FCD9} => Key deleted successfully. C:\Windows\System32\Tasks\{F296B5A7-F5D8-4375-816F-9B32CC302613} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F296B5A7-F5D8-4375-816F-9B32CC302613} => Key deleted successfully. C:\Windows\Tasks\RegCure Pro.job => Moved successfully. C:\ProgramData => ":gs5sys" ADS removed successfully. C:\Users\admin => ":gs5sys" ADS removed successfully. "C:\Users\All Users" => ":gs5sys" ADS not found. "C:\Users\admin\Cookies" => ":gs5sys" ADS not found. "C:\Users\admin\Dane aplikacji" => ":gs5sys" ADS not found. "C:\Users\admin\Szablony" => ":gs5sys" ADS not found. "C:\Users\admin\Ustawienia lokalne" => ":gs5sys" ADS not found. C:\Users\admin\AppData\Local => ":gs5sys" ADS removed successfully. C:\Users\admin\AppData\Roaming => ":gs5sys" ADS removed successfully. "C:\Users\admin\AppData\Local\Dane aplikacji" => ":gs5sys" ADS not found. "C:\Users\admin\AppData\Local\Historia" => ":gs5sys" ADS not found. C:\Users\admin\Documents\desktop.ini => ":gs5sys" ADS removed successfully. "C:\ProgramData\Application Data" => ":gs5sys" ADS not found. "C:\ProgramData\Dane aplikacji" => ":gs5sys" ADS not found. "C:\ProgramData\Szablony" => ":gs5sys" ADS not found. "C:\ProgramData\Templates" => ":gs5sys" ADS not found. C:\ProgramData\Documents\desktop.ini => ":gs5sys" ADS removed successfully. "C:\Users\Public\Documents\desktop.ini" => ":gs5sys" ADS not found. C:\Windows\SysWow64\Drivers\NetPeeker.sys => Moved successfully. C:\Windows\SysWow64\npptNT2.sys => Moved successfully. C:\Users\admin\AppData\Roaming\mozilla => Moved successfully. ========= reg delete HKCU\Software\Mozilla /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete HKCU\Software\MozillaPlugins /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\MozillaPlugins /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\mozilla.org /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKCU\Software\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ==== End of Fixlog ====