Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 22-04-2014 Ran by Adam at 2014-04-22 20:24:27 Run:1 Running from I:\Diagnostyka komputera\FRST Boot Mode: Normal ============================================== Content of fixlist: ***************** BHO: DealPly Shopping - {9cf699ca-2174-4ed8-bec1-ba82095edce0} - C:\Program Files\DealPly\DealPlyIE.dll No File BHO: BrowseSmart - {ffbb88a9-c663-4b9b-9170-70fa0a5a2786} - C:\Program Files\BrowseSmart\BrowseSmartbho.dll No File HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Adam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11] C:\Program Files\mozilla firefox\plugins HKLM\...\Run: [Bonus.SSR.FR11] => "H:\FineReader\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun HKU\S-1-5-21-3968398921-3086328574-2360549802-1000\...\Run: [DriverMax_RESTART] => [X] HKU\S-1-5-21-3968398921-3086328574-2360549802-1000\...\Run: [Facebook Update] => "C:\Users\Adam\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver HKU\S-1-5-21-3968398921-3086328574-2360549802-1000\...\Run: [] => [X] S2 dealplylive; C:\Program Files\DealPlyLive\Update\DealPlyLive.exe /svc [X] S3 dealplylivem; C:\Program Files\DealPlyLive\Update\DealPlyLive.exe /medsvc [X] S3 MSICDSetup; \??\D:\CDriver.sys [X] S3 RimUsb; System32\Drivers\RimUsb.sys [X] U2 V2iMount; S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [46192 2009-09-21] (Symantec Corporation) Task: {0098F240-E367-4FCA-A04D-6B0000C5F4E0} - System32\Tasks\{5350F6D4-FD25-4B21-8794-3FD325914C47} => C:\Users\Adam\Desktop\VIAwSetup\chrome3.exe Task: {1259491B-8C96-4636-B17F-319F7D0A7284} - System32\Tasks\{B38D1316-0778-4F86-8E67-B699180365AC} => C:\Users\Adam\Desktop\VIAwSetup\chrome3.exe Task: {1329DB7F-375A-452E-9E47-BF0E6144EB50} - System32\Tasks\ProgramUpdateCheck => C:\Program Files\File Type Assistant\TSAssist.exe [2012-10-06] (Trusted Software ApS) <==== ATTENTION Task: {2633A0DC-644F-4C1B-93B0-CFA2E3F7E20C} - System32\Tasks\DealPlyLiveUpdateTaskMachineCore => C:\Program Files\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION Task: {2E7AB8E3-9B2E-468F-96D1-E8CE2A874575} - System32\Tasks\{BD999017-E6F8-46B9-86BB-4A0F53211D47} => C:\Users\Adam\Desktop\VIAwSetup\chrome3.exe Task: {2F1EAF04-D9BF-43AD-89DB-8AD018E19F06} - System32\Tasks\{E3B72EB8-1EA9-45A5-B622-E420639341E6} => Firefox.exe http://ui.skype.com/ui/0/6.3.0.105/pl/abandoninstall?page=tsProgressBar Task: {3358DA14-FAA1-42F8-9C30-49B16A2570B4} - System32\Tasks\DealPlyLiveUpdateTaskMachineUA => C:\Program Files\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION Task: {351CE44A-5D53-4EB3-8201-98AB7DBED644} - System32\Tasks\{E1D9971C-0102-47FA-8BE4-22205055C5DC} => Firefox.exe http://ui.skype.com/ui/0/6.0.0.126/pl/abandoninstall?page=tsMain Task: {3BFF6E60-C11C-491B-A7B9-3520840465CA} - System32\Tasks\{26A70251-7F45-4821-B206-59A202063FC9} => C:\Users\Adam\Desktop\VIAwSetup\chrome3.exe Task: {3EA20308-7AEA-4094-BA80-BE1555D1F4F1} - System32\Tasks\{EA0BED82-876C-4C44-B9A2-4D7C65050B60} => C:\Users\Adam\Desktop\VIAwSetup\chrome3.exe Task: {4AD3D4AA-EB87-4AD1-8749-F6FC37006E99} - System32\Tasks\DealPlyUpdate => C:\Program <==== ATTENTION Task: {5210045D-EBE9-4BA3-A207-BA5AB52FCF2A} - System32\Tasks\{1A2BADD5-59E7-4974-9B3B-4C57CAAD9ECF} => Firefox.exe http://ui.skype.com/ui/0/5.9.0.115/en/abandoninstall?page=tsMain Task: {724A1624-8453-466D-9B78-42E609D69AE0} - System32\Tasks\{2690C56A-DCB0-41D1-AB89-B4868E092FF5} => C:\Users\Adam\Desktop\VIAwSetup\chrome3.exe Task: {EC644888-3B96-4B52-A4E3-F62D1BDBC634} - System32\Tasks\RegClean Pro => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION Task: {ED11C9E4-D504-4DCE-AA0B-3095ECDC5EB4} - System32\Tasks\{E31C989E-A3FD-4B69-A322-370434C2D8D6} => C:\Users\Adam\Desktop\VIAwSetup\chrome3.exe Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => C:\Program Files\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION C:\Users\Adam\AppData\Roaming\1O1L1I1PtF1F1C1N C:\Users\Adam\AppData\Roaming\Oxy C:\Users\Adam\AppData\Roaming\SimilarSites C:\Users\Adam\AppData\Roaming\systweak C:\Users\Adam\Downloads\FirefoxSetup-17326964-vffsb.exe C:\Users\Adam\Downloads\NASA World Wind 1.4_isdmgr.exe C:\Users\Adam\Downloads\MIO A201 driver provided through paweldrivers.com(1).exe C:\Users\Adam\Desktop\Continue Firefox Free Download Installation.lnk C:\Windows\System32\DRIVERS\GenericMount.sys Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\Search" /f CMD: netsh advfirewall reset CMD: rd /s /q "C:\Users\Adam\Desktop\Stare dane programu Firefox" ***************** HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9cf699ca-2174-4ed8-bec1-ba82095edce0} => Key deleted successfully. HKCR\CLSID\{9cf699ca-2174-4ed8-bec1-ba82095edce0} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ffbb88a9-c663-4b9b-9170-70fa0a5a2786} => Key deleted successfully. HKCR\CLSID\{ffbb88a9-c663-4b9b-9170-70fa0a5a2786} => Key deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin => Key deleted successfully. C:\Users\Adam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll not found. C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => Moved successfully. C:\Program Files\Mozilla Firefox\Plugins => Moved successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Bonus.SSR.FR11 => Value deleted successfully. HKU\S-1-5-21-3968398921-3086328574-2360549802-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DriverMax_RESTART => Value deleted successfully. HKU\S-1-5-21-3968398921-3086328574-2360549802-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully. HKU\S-1-5-21-3968398921-3086328574-2360549802-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully. dealplylive => Service deleted successfully. dealplylivem => Service deleted successfully. MSICDSetup => Service deleted successfully. RimUsb => Service deleted successfully. V2iMount => Service deleted successfully. GenericMount => Service deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0098F240-E367-4FCA-A04D-6B0000C5F4E0} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0098F240-E367-4FCA-A04D-6B0000C5F4E0} => Key deleted successfully. C:\Windows\System32\Tasks\{5350F6D4-FD25-4B21-8794-3FD325914C47} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5350F6D4-FD25-4B21-8794-3FD325914C47} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1259491B-8C96-4636-B17F-319F7D0A7284} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1259491B-8C96-4636-B17F-319F7D0A7284} => Key deleted successfully. C:\Windows\System32\Tasks\{B38D1316-0778-4F86-8E67-B699180365AC} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B38D1316-0778-4F86-8E67-B699180365AC} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1329DB7F-375A-452E-9E47-BF0E6144EB50} => Key deleted successfully. C:\Windows\System32\Tasks\ProgramUpdateCheck not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProgramUpdateCheck => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2633A0DC-644F-4C1B-93B0-CFA2E3F7E20C} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2633A0DC-644F-4C1B-93B0-CFA2E3F7E20C} => Key deleted successfully. C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyLiveUpdateTaskMachineCore => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E7AB8E3-9B2E-468F-96D1-E8CE2A874575} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E7AB8E3-9B2E-468F-96D1-E8CE2A874575} => Key deleted successfully. C:\Windows\System32\Tasks\{BD999017-E6F8-46B9-86BB-4A0F53211D47} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BD999017-E6F8-46B9-86BB-4A0F53211D47} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F1EAF04-D9BF-43AD-89DB-8AD018E19F06} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F1EAF04-D9BF-43AD-89DB-8AD018E19F06} => Key deleted successfully. C:\Windows\System32\Tasks\{E3B72EB8-1EA9-45A5-B622-E420639341E6} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E3B72EB8-1EA9-45A5-B622-E420639341E6} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3358DA14-FAA1-42F8-9C30-49B16A2570B4} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3358DA14-FAA1-42F8-9C30-49B16A2570B4} => Key deleted successfully. C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyLiveUpdateTaskMachineUA => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{351CE44A-5D53-4EB3-8201-98AB7DBED644} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{351CE44A-5D53-4EB3-8201-98AB7DBED644} => Key deleted successfully. C:\Windows\System32\Tasks\{E1D9971C-0102-47FA-8BE4-22205055C5DC} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E1D9971C-0102-47FA-8BE4-22205055C5DC} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BFF6E60-C11C-491B-A7B9-3520840465CA} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BFF6E60-C11C-491B-A7B9-3520840465CA} => Key deleted successfully. C:\Windows\System32\Tasks\{26A70251-7F45-4821-B206-59A202063FC9} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{26A70251-7F45-4821-B206-59A202063FC9} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3EA20308-7AEA-4094-BA80-BE1555D1F4F1} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EA20308-7AEA-4094-BA80-BE1555D1F4F1} => Key deleted successfully. C:\Windows\System32\Tasks\{EA0BED82-876C-4C44-B9A2-4D7C65050B60} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EA0BED82-876C-4C44-B9A2-4D7C65050B60} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4AD3D4AA-EB87-4AD1-8749-F6FC37006E99} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AD3D4AA-EB87-4AD1-8749-F6FC37006E99} => Key deleted successfully. C:\Windows\System32\Tasks\DealPlyUpdate => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5210045D-EBE9-4BA3-A207-BA5AB52FCF2A} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5210045D-EBE9-4BA3-A207-BA5AB52FCF2A} => Key deleted successfully. C:\Windows\System32\Tasks\{1A2BADD5-59E7-4974-9B3B-4C57CAAD9ECF} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1A2BADD5-59E7-4974-9B3B-4C57CAAD9ECF} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{724A1624-8453-466D-9B78-42E609D69AE0} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{724A1624-8453-466D-9B78-42E609D69AE0} => Key deleted successfully. C:\Windows\System32\Tasks\{2690C56A-DCB0-41D1-AB89-B4868E092FF5} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2690C56A-DCB0-41D1-AB89-B4868E092FF5} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EC644888-3B96-4B52-A4E3-F62D1BDBC634} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC644888-3B96-4B52-A4E3-F62D1BDBC634} => Key deleted successfully. C:\Windows\System32\Tasks\RegClean Pro => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED11C9E4-D504-4DCE-AA0B-3095ECDC5EB4} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED11C9E4-D504-4DCE-AA0B-3095ECDC5EB4} => Key deleted successfully. C:\Windows\System32\Tasks\{E31C989E-A3FD-4B69-A322-370434C2D8D6} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E31C989E-A3FD-4B69-A322-370434C2D8D6} => Key deleted successfully. C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => Moved successfully. C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => Moved successfully. "C:\Users\Adam\AppData\Roaming\1O1L1I1PtF1F1C1N" => File/Directory not found. C:\Users\Adam\AppData\Roaming\Oxy => Moved successfully. C:\Users\Adam\AppData\Roaming\SimilarSites => Moved successfully. C:\Users\Adam\AppData\Roaming\systweak => Moved successfully. C:\Users\Adam\Downloads\FirefoxSetup-17326964-vffsb.exe => Moved successfully. C:\Users\Adam\Downloads\NASA World Wind 1.4_isdmgr.exe => Moved successfully. C:\Users\Adam\Downloads\MIO A201 driver provided through paweldrivers.com(1).exe => Moved successfully. C:\Users\Adam\Desktop\Continue Firefox Free Download Installation.lnk => Moved successfully. C:\Windows\System32\DRIVERS\GenericMount.sys => Moved successfully. ========= reg delete "HKCU\Software\Microsoft\Internet Explorer\Search" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= netsh advfirewall reset ========= Ok. ========= End of CMD: ========= ========= rd /s /q "C:\Users\Adam\Desktop\Stare dane programu Firefox" ========= ========= End of CMD: ========= ==== End of Fixlog ====