Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-03-2014 02
Ran by cAst0r at 2014-03-11 00:07:55 Run:1
Running from C:\Users\cAst0r\Desktop\Nowy folder
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!
NETSVC: XBCD -> No ServiceDLL Path.
S4 NIApplicationWebServer64; "C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user [X]
S3 ESEADriver2; \??\C:\Users\cAst0r\AppData\Local\Temp\ESEADriver2.sys [X]
S3 tizekdrv; \??\C:\Users\cAst0r\AppData\Roaming\TZAC\tizek64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
Task: {41084A44-C584-4BD7-AC86-0D7C1D7A7A00} - System32\Tasks\Core Temp Autostart cAst0r => C:\Core Temp\Core Temp.exe
Task: C:\Windows\Tasks\NIUpdateServiceCheckTask.job => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
SearchScopes: HKCU - {88E66704-746B-41a8-BC68-EC8DB8642984} URL = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=pl&q={searchTerms}
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO-x32: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
Toolbar: HKLM-x32 - No Name - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No File
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
C:\Program Files\National Instruments
C:\Program Files (x86)\National Instruments
C:\ProgramData\National Instruments
C:\Users\cAst0r\AppData\Local\National Instruments
C:\Users\cAst0r\AppData\Roaming\DeviceVm
C:\Users\cAst0r\AppData\Roaming\eDownload
C:\Users\cAst0r\AppData\Roaming\newnext.me
C:\Users\cAst0r\AppData\Roaming\Microsoft\Windows\SendTo\Znajomy Xfire.lnk
Reg: reg delete HKCU\Software\Mozilla\SeaMonkey /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla\Thunderbird /f
Reg: reg query "HKCU\Software\Microsoft\Internet Explorer\MenuExt" /s
Reg: reg query "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MenuExt" /s
*****************


Operacja ukoäczona pomy˜lnie.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs XBCD => Deleted successfully.
NIApplicationWebServer64 => Service deleted successfully.
ESEADriver2 => Service deleted successfully.
tizekdrv => Service deleted successfully.
VBoxNetFlt => Service deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{41084A44-C584-4BD7-AC86-0D7C1D7A7A00} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41084A44-C584-4BD7-AC86-0D7C1D7A7A00} => Key deleted successfully.
C:\Windows\System32\Tasks\Core Temp Autostart cAst0r => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Core Temp Autostart cAst0r => Key deleted successfully.
C:\Windows\Tasks\NIUpdateServiceCheckTask.job => Moved successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{88E66704-746B-41a8-BC68-EC8DB8642984} => Key deleted successfully.
HKCR\CLSID\{88E66704-746B-41a8-BC68-EC8DB8642984} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{E0E899AB-F487-11D5-8D29-0050BA6940E3} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{E0E899AB-F487-11D5-8D29-0050BA6940E3} => Key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.102.0 => Key deleted successfully.
C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.110.0 => Key deleted successfully.
C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.122.0 => Key deleted successfully.
C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.138.0 => Key deleted successfully.
C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.140.0 => Key deleted successfully.
C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.3 => Key deleted successfully.
C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll not found.
C:\Program Files\National Instruments => Moved successfully.
C:\Program Files (x86)\National Instruments => Moved successfully.
C:\ProgramData\National Instruments => Moved successfully.
C:\Users\cAst0r\AppData\Local\National Instruments => Moved successfully.
C:\Users\cAst0r\AppData\Roaming\DeviceVm => Moved successfully.
C:\Users\cAst0r\AppData\Roaming\eDownload => Moved successfully.
C:\Users\cAst0r\AppData\Roaming\newnext.me => Moved successfully.
C:\Users\cAst0r\AppData\Roaming\Microsoft\Windows\SendTo\Znajomy Xfire.lnk => Moved successfully.

========= reg delete HKCU\Software\Mozilla\SeaMonkey /f =========

Operacja ukoäczona pomy˜lnie.



========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla\Thunderbird /f =========

Operacja ukoäczona pomy˜lnie.



========= End of Reg: =========


========= reg query "HKCU\Software\Microsoft\Internet Explorer\MenuExt" /s =========


HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\????3??

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\????3??????

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&ksportuj do programu Microsoft Excel
    (domy˜lny)    REG_SZ    res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
    Contexts    REG_DWORD    0x1

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Pobierz  FlashGetem3
    (domy˜lny)    REG_SZ    C:\Users\cAst0r\AppData\Roaming\FlashGetBHO\GetUrl.htm
    contexts    REG_DWORD    0x22

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Pobierz wszystko FlashGetem3
    (domy˜lny)    REG_SZ    C:\Users\cAst0r\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
    contexts    REG_DWORD    0xf3

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\????3??
    (domy˜lny)    REG_SZ    C:\Users\cAst0r\AppData\Roaming\FlashGetBHO\GetUrl.htm
    contexts    REG_DWORD    0x22

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\????3??????
    (domy˜lny)    REG_SZ    C:\Users\cAst0r\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
    contexts    REG_DWORD    0xf3



========= End of Reg: =========


========= reg query "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MenuExt" /s =========

Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci.


========= End of Reg: =========


==== End of Fixlog ====