Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-05-2014
Ran by ZWiKUWiM at 2014-05-10 15:59:20 Run:1
Running from D:\skany
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
() C:\Program Files\PCDApp\dgen.exe
() C:\Program Files (x86)\HulaToo\updateHulaToo.exe
() C:\Users\ZWiKUWiM\AppData\Local\fst_pl_107\upfst_pl_107.exe
(s'enthousiasma) C:\Users\ZWiKUWiM\AppData\Local\Lollipop\Lollipop.exe
() C:\Program Files (x86)\fst_pl_107\fst_pl_107.exe
() C:\Program Files (x86)\HulaToo\bin\utilHulaToo.exe
() C:\Program Files (x86)\HulaToo\bin\FilterApp_C64.exe
() C:\Program Files (x86)\HulaToo\bin\HulaToo.BrowserAdapter.exe
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [97113 2014-05-02] ()
R2 Update HulaToo; C:\Program Files (x86)\HulaToo\updateHulaToo.exe [350488 2014-05-06] ()
R2 Util HulaToo; C:\Program Files (x86)\HulaToo\bin\utilHulaToo.exe [317720 2014-05-09] ()
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-05-07] (StdLib)
Task: {A291D5F1-D24E-42B0-82B6-E31B85EAF4CF} - System32\Tasks\AmiUpdXp => C:\Users\ZWiKUWiM\AppData\Local\11351\a26851.exe [2014-05-07] () <==== ATTENTION
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\ZWiKUWiM\AppData\Local\11351\a26851.exe
HKLM-x32\...\Run: [fst_pl_107] => C:\Program Files (x86)\fst_pl_107\fst_pl_107.exe [3984848 2014-04-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre7\bin\jusched.exe"
HKLM-x32\...\RunOnce: [upfst_pl_107.exe] - C:\Users\ZWiKUWiM\AppData\Local\fst_pl_107\upfst_pl_107.exe -runonce [3267536 2014-04-17] ()
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-1673701928-1646380960-438894873-1000\...\Run: [HW_OPENEYE_OUC_blueconnect] => C:\Program Files (x86)\blueconnect\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-1673701928-1646380960-438894873-1000\...\Run: [genesis] => c:\users\zwikuwim\appdata\local\genesis\genesis.exe [3178496 2014-05-07] ()
HKU\S-1-5-21-1673701928-1646380960-438894873-1000\...\Run: [lollipop] => c:\users\zwikuwim\appdata\local\lollipop\lollipop.exe [2552320 2014-05-07] (s'enthousiasma)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://istart.webssearches.com/?type=sc&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://istart.webssearches.com/?type=sc&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066
ShortcutWithArgument: C:\Users\ZWiKUWiM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://istart.webssearches.com/?type=sc&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066
ShortcutWithArgument: C:\Users\ZWiKUWiM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://istart.webssearches.com/?type=sc&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066
ShortcutWithArgument: C:\Users\ZWiKUWiM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://istart.webssearches.com/?type=sc&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066
ShortcutWithArgument: C:\Users\ZWiKUWiM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://istart.webssearches.com/?type=sc&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066
ShortcutWithArgument: C:\Users\ZWiKUWiM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://istart.webssearches.com/?type=sc&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066
ShortcutWithArgument: C:\Users\ZWiKUWiM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://istart.webssearches.com/?type=sc&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066&q={searchTerms}
SearchScopes: HKCU - {DDB07020-A1E3-4BB7-8EB0-0E445300ADFF} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^PL&apn_uid=F3FC1E74-8508-422C-B0BC-C4BBEC00FD7E&apn_sauid=E42A66BD-AB1A-4818-AEC0-11BE6DA0E8AA
BHO-x32: HulaToo - {ab65caf0-fc3b-40f8-8b88-6d096a48f659} - C:\Program Files (x86)\HulaToo\HulaToobho.dll (HulaToo)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://istart.webssearches.com/?type=sc&ts=1399475746&from=amt&uid=WDCXWD15EARS-00Z5B1_WD-WMAVU319206692066
C:\Program Files (x86)\Mozilla Firefox
C:\Program Files (x86)\Opera
C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
C:\ProgramData\AVG
C:\ProgramData\Kaspersky Lab Setup Files
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_today
C:\Users\ZWiKUWiM\AppData\Local\AVG
C:\Users\ZWiKUWiM\AppData\Local\Opera Software
C:\Users\ZWiKUWiM\AppData\Roaming\AVG
C:\Users\ZWiKUWiM\AppData\Roaming\Opera Software
C:\Users\ZWiKUWiM\AppData\Roaming\OpenCandy
C:\Users\ZWiKUWiM\AppData\Roaming\rmi
C:\Users\ZWiKUWiM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk
C:\Users\ZWiKUWiM\AppData\Roaming\Mozilla
C:\Users\ZWiKUWiM\Downloads\setup.exe
C:\Windows\system32\Drivers\wStLibG64.sys
C:\Windows\SysWOW64\s.o
Reg: reg delete HKCU\Software\Mozilla /f
Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\mozilla.org /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f
CMD: netsh advfirewall reset
Reboot:
*****************

[1372] C:\Program Files\PCDApp\dgen.exe => Process closed successfully.
[2288] C:\Program Files (x86)\HulaToo\updateHulaToo.exe => Process closed successfully.
C:\Users\ZWiKUWiM\AppData\Local\fst_pl_107\upfst_pl_107.exe => No running process found
C:\Users\ZWiKUWiM\AppData\Local\Lollipop\Lollipop.exe => No running process found
[4912] C:\Program Files (x86)\fst_pl_107\fst_pl_107.exe => Process closed successfully.
[2404] C:\Program Files (x86)\HulaToo\bin\utilHulaToo.exe => Process closed successfully.
C:\Program Files (x86)\HulaToo\bin\FilterApp_C64.exe => No running process found
C:\Program Files (x86)\HulaToo\bin\HulaToo.BrowserAdapter.exe => No running process found
ProtectMonitor => Service deleted successfully.
Update HulaToo => Service deleted successfully.
Util HulaToo => Service deleted successfully.
wStLibG64 => Service stopped successfully.
wStLibG64 => Service deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A291D5F1-D24E-42B0-82B6-E31B85EAF4CF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A291D5F1-D24E-42B0-82B6-E31B85EAF4CF} => Key deleted successfully.
C:\Windows\System32\Tasks\AmiUpdXp => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp => Key deleted successfully.
C:\Windows\Tasks\AmiUpdXp.job => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\fst_pl_107 => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\upfst_pl_107.exe => Value not found.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp => Key deleted successfully.
HKU\S-1-5-21-1673701928-1646380960-438894873-1000\Software\Microsoft\Windows\CurrentVersion\Run\\HW_OPENEYE_OUC_blueconnect => Value deleted successfully.
HKU\S-1-5-21-1673701928-1646380960-438894873-1000\Software\Microsoft\Windows\CurrentVersion\Run\\genesis => Value deleted successfully.
HKU\S-1-5-21-1673701928-1646380960-438894873-1000\Software\Microsoft\Windows\CurrentVersion\Run\\lollipop => Value not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk => Shortcut argument was removed successfully.
C:\Users\Public\Desktop\Google Chrome.lnk => Shortcut argument was removed successfully.
C:\Users\ZWiKUWiM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Shortcut argument was removed successfully.
C:\Users\ZWiKUWiM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => Shortcut argument was restored successfully.
C:\Users\ZWiKUWiM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Shortcut argument was removed successfully.
C:\Users\ZWiKUWiM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Shortcut argument was removed successfully.
C:\Users\ZWiKUWiM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => Shortcut argument was removed successfully.
C:\Users\ZWiKUWiM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk => Shortcut argument was removed successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DDB07020-A1E3-4BB7-8EB0-0E445300ADFF} => Key deleted successfully.
HKCR\CLSID\{DDB07020-A1E3-4BB7-8EB0-0E445300ADFF} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ab65caf0-fc3b-40f8-8b88-6d096a48f659} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{ab65caf0-fc3b-40f8-8b88-6d096a48f659} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => Value was restored successfully.
C:\Program Files (x86)\Mozilla Firefox => Moved successfully.
C:\Program Files (x86)\Opera => Moved successfully.
C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} => Moved successfully.
C:\ProgramData\AVG => Moved successfully.
C:\ProgramData\Kaspersky Lab Setup Files => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_today => Moved successfully.
C:\Users\ZWiKUWiM\AppData\Local\AVG => Moved successfully.
C:\Users\ZWiKUWiM\AppData\Local\Opera Software => Moved successfully.
C:\Users\ZWiKUWiM\AppData\Roaming\AVG => Moved successfully.
C:\Users\ZWiKUWiM\AppData\Roaming\Opera Software => Moved successfully.
C:\Users\ZWiKUWiM\AppData\Roaming\OpenCandy => Moved successfully.
C:\Users\ZWiKUWiM\AppData\Roaming\rmi => Moved successfully.
C:\Users\ZWiKUWiM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk => Moved successfully.
C:\Users\ZWiKUWiM\AppData\Roaming\Mozilla => Moved successfully.
C:\Users\ZWiKUWiM\Downloads\setup.exe => Moved successfully.
C:\Windows\system32\Drivers\wStLibG64.sys => Moved successfully.
C:\Windows\SysWOW64\s.o => Moved successfully.

========= reg delete HKCU\Software\Mozilla /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\MozillaPlugins /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Wow6432Node\mozilla.org /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


=========  netsh advfirewall reset =========

Ok.


========= End of CMD: =========



The system needed a reboot. 

==== End of Fixlog ====