Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-04-2014 Ran by seb at 2014-04-14 17:59:49 Run:1 Running from C:\Users\seb\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** () C:\Program Files\LPT\srpts.exe () C:\Program Files\LPT\srptm.exe (Somoto) C:\Users\seb\AppData\Local\FilesFrog Update Checker\update_checker.exe R2 LPTSystemUpdater; C:\Program Files\LPT\srpts.exe [37408 2014-03-24] () S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] Task: {D532CB51-0C5C-49E5-B3D4-AB809BC73753} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\seb\AppData\Local\FilesFrog Update Checker\update_checker.exe [2013-10-17] (Somoto) <==== ATTENTION HKU\S-1-5-21-2410551141-814857211-113848530-1000\...\Run: [Komunikator] => C:\Program Files\Tlen.pl\tlen.exe HKU\S-1-5-21-2410551141-814857211-113848530-1000\...\Run: [ChomikBox] => C:\Program Files\ChomikBox\chomikbox.exe HKU\S-1-5-21-2410551141-814857211-113848530-1000\...\Run: [LiveSupport] => "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrlKmIMMmL36uP71ylMOLLFSRijAADIFooWZGvDFWAYiDsOvKHqZ0ShTzMRD3RAJ03e_AntzwEgXsh2PUlDT_f_LFA0luYlMpRw,,&q={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrlKmIMMmL36uP71ylMOLLFSRijAADIFooWZGvDFWAYiDsOvKHqZ0ShTzMRD3RAJ03e_AntzwEgXsh2PUlDT_f_LFA0luYlMpRw,,&q={searchTerms} SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrlKmIMMmL36uP71ylMOLLFSRijAADIFooWZGvDFWAYiDsOvKHqZ0ShTzMRD3RAJ03e_AntzwEgXsh2PUlDT_f_LFA0luYlMpRw,,&q={searchTerms} SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrlKmIMMmL36uP71ylMOLLFSRijAADIFooWZGvDFWAYiDsOvKHqZ0ShTzMRD3RAJ03e_AntzwEgXsh2PUlDT_f_LFA0luYlMpRw,,&q={searchTerms} SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrlKmIMMmL36uP71ylMOLLFSRijAADIFooWZGvDFWAYiDsOvKHqZ0ShTzMRD3RAJ03e_AntzwEgXsh2PUlDT_f_LFA0luYlMpRw,,&q={searchTerms} SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRaxo67ounJhqib0rXFhtLLIHmXcfrN_YrlKmIMMmL36uP71ylMOLLFSRijAADIFooWZGvDFWAYiDsOvKHqZ0ShTzMRD3RAJ03e_AntzwEgXsh2PUlDT_f_LFA0luYlMpRw,,&q={searchTerms} Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File C:\Program Files\Mozilla Firefox\extensions C:\Program Files\Enigma Software Group C:\Program Files\iSafe C:\Users\seb\AppData\Roaming\Babylon C:\Users\seb\AppData\Roaming\iSafe C:\Users\seb\Downloads\Adobe_Flash_Player-11_8_800_175_downloader-3LRiBEbS.exe C:\Users\seb\Downloads\SpyHunter-Installer.exe C:\Windows\455F074C814E4520B69B5584BD90400C.TMP CMD: rd /s /q "C:\Users\seb\Desktop\Stare dane programu Firefox" Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\AboutURLs" /f Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\Search" /f Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchURI" /f Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchUrl" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchURI" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl" /f Reg: reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\AboutURLs" /f Reg: reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main" /f Reg: reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search" /f Reg: reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchURI" /f Reg: reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchUrl" /f Reboot: ***************** [3012] C:\Program Files\LPT\srpts.exe => Process closed successfully. [3812] C:\Program Files\LPT\srptm.exe => Process closed successfully. C:\Users\seb\AppData\Local\FilesFrog Update Checker\update_checker.exe => No running process found LPTSystemUpdater => Service stopped successfully. LPTSystemUpdater => Service deleted successfully. esgiguard => Service deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D532CB51-0C5C-49E5-B3D4-AB809BC73753} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D532CB51-0C5C-49E5-B3D4-AB809BC73753} => Key deleted successfully. C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SomotoUpdateCheckerAutoStart => Key deleted successfully. HKU\S-1-5-21-2410551141-814857211-113848530-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Komunikator => Value deleted successfully. HKU\S-1-5-21-2410551141-814857211-113848530-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ChomikBox => Value deleted successfully. HKU\S-1-5-21-2410551141-814857211-113848530-1000\Software\Microsoft\Windows\CurrentVersion\Run\\LiveSupport => Value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => Value deleted successfully. HKCR\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} => Key deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully. HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully. HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found. C:\Program Files\Mozilla Firefox\extensions => Moved successfully. C:\Program Files\Enigma Software Group => Moved successfully. C:\Program Files\iSafe => Moved successfully. C:\Users\seb\AppData\Roaming\Babylon => Moved successfully. C:\Users\seb\AppData\Roaming\iSafe => Moved successfully. C:\Users\seb\Downloads\Adobe_Flash_Player-11_8_800_175_downloader-3LRiBEbS.exe => Moved successfully. C:\Users\seb\Downloads\SpyHunter-Installer.exe => Moved successfully. C:\Windows\455F074C814E4520B69B5584BD90400C.TMP => Moved successfully. ========= rd /s /q "C:\Users\seb\Desktop\Stare dane programu Firefox" ========= ========= End of CMD: ========= ========= reg delete "HKCU\Software\Microsoft\Internet Explorer\AboutURLs" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKCU\Software\Microsoft\Internet Explorer\Search" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchURI" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchUrl" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchURI" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\AboutURLs" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchURI" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchUrl" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= The system needed a reboot. ==== End of Fixlog ====