Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:17-05-2014
Ran by rodzina at 2014-05-23 15:11:45 Run:1
Running from D:\Pobieranie\searchengines.pl
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
ProxyServer: localhost:8080
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\rodzina\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2012-04-17]
CHR HKCU\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\rodzina\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2012-04-17]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
Task: {23023DC3-890E-4F61-BC92-6D29486CBF21} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-865144796-2722442251-660881151-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {5298DD05-A0DB-4BF0-A4FC-78A340AB693F} - System32\Tasks\Secunia PSI Logon Task => C:\Program Files\Secunia\PSI\psi.exe
Task: {579211B9-B52A-4338-A024-C1CD12B83F54} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-865144796-2722442251-660881151-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {5A1378A5-9149-42ED-825F-4688BC4E7D20} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-865144796-2722442251-660881151-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
Task: {7EE494E7-6B54-4138-B037-D1AD416780AA} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-865144796-2722442251-660881151-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {973092CC-7C63-4EF0-9C0E-020BEB26EF14} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-865144796-2722442251-660881151-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {98FEC5E2-7D6C-4196-AFCD-3A8C157F6364} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-865144796-2722442251-660881151-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {E2C777CB-DF93-407B-8D36-6B71481C9F6B} - System32\Tasks\{BC56D6AE-2E71-4F88-9E83-9FDAD7E4757E} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.9.0.123&amp;LastError=12007
Task: {F37F1B6E-3FD5-46EC-B4F3-B939EE00627C} - \RealUpgradeLogonTaskS-1-5-21-865144796-2722442251-660881151-1000 No Task File <==== ATTENTION
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
S1 ArcCtrl; system32\drivers\ArcCtrl.sys [X]
C:\ProgramData\ojvzdisj.xda
C:\ProgramData\16632ae3a94ac84d
C:\ProgramData\DownloadManager
C:\ProgramData\InstallMate
C:\Program Files\Mozilla Firefox\extensions
C:\Program Files\Mozilla Firefox\plugins
C:\Program Files\RealNetworks
C:\Users\Default\Desktop\CyberLink DVD Suite.lnk
C:\Users\Default\Desktop\CyberLink YouCam.lnk
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
C:\Users\postgres\Desktop\CyberLink DVD Suite.lnk
C:\Users\postgres\Desktop\CyberLink YouCam.lnk
C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
C:\Users\postgres.rodzina-PC\Desktop\CyberLink DVD Suite.lnk
C:\Users\postgres.rodzina-PC\Desktop\CyberLink YouCam.lnk
C:\Users\postgres.rodzina-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
C:\Users\postgres.rodzina-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
C:\Users\postgres.rodzina-PC\AppData\Local\Comodo
C:\Users\rodzina\AppData\Local\Comodo
C:\Users\rodzina\AppData\Local\CRE
C:\Users\rodzina\AppData\Roaming\Temp
C:\Users\rodzina\AppData\Roaming\ThePluginSite
C:\Users\Administrator
C:\Users\Gość
C:\Windows\system32\sqlite3.dll
C:\Windows\system32\Drivers\etc\hosts.*.backup
C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
Reg: reg delete "HKCU\SOFTWARE\Microsoft\Internet Explorer\Search" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpybotSD TeaTimer" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateLBPShortCut" /f
Reg: reg query: "HKLM\SYSTEM\CurrentControlSet\Services\Winstep Xtreme Service" /s
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc => Key deleted successfully.
C:\Users\rodzina\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx => Moved successfully.
HKCU\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc => Key deleted successfully.
"C:\Users\rodzina\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx" => File/Directory not found.
HKLM\Software\Mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23023DC3-890E-4F61-BC92-6D29486CBF21} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23023DC3-890E-4F61-BC92-6D29486CBF21} => Key deleted successfully.
C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-865144796-2722442251-660881151-1000 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayerRealUpgradeScheduledTaskS-1-5-21-865144796-2722442251-660881151-1000 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5298DD05-A0DB-4BF0-A4FC-78A340AB693F} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5298DD05-A0DB-4BF0-A4FC-78A340AB693F} => Key deleted successfully.
C:\Windows\System32\Tasks\Secunia PSI Logon Task => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Secunia PSI Logon Task => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{579211B9-B52A-4338-A024-C1CD12B83F54} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{579211B9-B52A-4338-A024-C1CD12B83F54} => Key deleted successfully.
C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-865144796-2722442251-660881151-1000 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayerRealUpgradeLogonTaskS-1-5-21-865144796-2722442251-660881151-1000 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A1378A5-9149-42ED-825F-4688BC4E7D20} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A1378A5-9149-42ED-825F-4688BC4E7D20} => Key deleted successfully.
C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-865144796-2722442251-660881151-1000 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderDownloaderScheduledTaskS-1-5-21-865144796-2722442251-660881151-1000 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EE494E7-6B54-4138-B037-D1AD416780AA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EE494E7-6B54-4138-B037-D1AD416780AA} => Key deleted successfully.
C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-865144796-2722442251-660881151-1000 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-865144796-2722442251-660881151-1000 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{973092CC-7C63-4EF0-9C0E-020BEB26EF14} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{973092CC-7C63-4EF0-9C0E-020BEB26EF14} => Key deleted successfully.
C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-865144796-2722442251-660881151-1000 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderRealUpgradeLogonTaskS-1-5-21-865144796-2722442251-660881151-1000 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98FEC5E2-7D6C-4196-AFCD-3A8C157F6364} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98FEC5E2-7D6C-4196-AFCD-3A8C157F6364} => Key deleted successfully.
C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-865144796-2722442251-660881151-1000 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealUpgradeScheduledTaskS-1-5-21-865144796-2722442251-660881151-1000 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2C777CB-DF93-407B-8D36-6B71481C9F6B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2C777CB-DF93-407B-8D36-6B71481C9F6B} => Key deleted successfully.
C:\Windows\System32\Tasks\{BC56D6AE-2E71-4F88-9E83-9FDAD7E4757E} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BC56D6AE-2E71-4F88-9E83-9FDAD7E4757E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F37F1B6E-3FD5-46EC-B4F3-B939EE00627C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F37F1B6E-3FD5-46EC-B4F3-B939EE00627C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealUpgradeLogonTaskS-1-5-21-865144796-2722442251-660881151-1000 => Key deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => Value deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MCODS => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MpfService => Key deleted successfully.
ArcCtrl => Service deleted successfully.
C:\ProgramData\ojvzdisj.xda => Moved successfully.
C:\ProgramData\16632ae3a94ac84d => Moved successfully.
C:\ProgramData\DownloadManager => Moved successfully.
C:\ProgramData\InstallMate => Moved successfully.
C:\Program Files\Mozilla Firefox\extensions => Moved successfully.
C:\Program Files\Mozilla Firefox\plugins => Moved successfully.
"C:\Program Files\RealNetworks" => File/Directory not found.
C:\Users\Default\Desktop\CyberLink DVD Suite.lnk => Moved successfully.
C:\Users\Default\Desktop\CyberLink YouCam.lnk => Moved successfully.
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam => Moved successfully.
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite => Moved successfully.
C:\Users\postgres\Desktop\CyberLink DVD Suite.lnk => Moved successfully.
C:\Users\postgres\Desktop\CyberLink YouCam.lnk => Moved successfully.
C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam => Moved successfully.
C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite => Moved successfully.
C:\Users\postgres.rodzina-PC\Desktop\CyberLink DVD Suite.lnk => Moved successfully.
C:\Users\postgres.rodzina-PC\Desktop\CyberLink YouCam.lnk => Moved successfully.
C:\Users\postgres.rodzina-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam => Moved successfully.
C:\Users\postgres.rodzina-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite => Moved successfully.
C:\Users\postgres.rodzina-PC\AppData\Local\Comodo => Moved successfully.
C:\Users\rodzina\AppData\Local\Comodo => Moved successfully.
C:\Users\rodzina\AppData\Local\CRE => Moved successfully.
C:\Users\rodzina\AppData\Roaming\Temp => Moved successfully.
C:\Users\rodzina\AppData\Roaming\ThePluginSite => Moved successfully.
C:\Users\Administrator => Moved successfully.
C:\Users\Gość => Moved successfully.
C:\Windows\system32\sqlite3.dll => Moved successfully.
C:\Windows\system32\Drivers\etc\hosts.*.backup => Moved successfully.
C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension => Moved successfully.

========= reg delete "HKCU\SOFTWARE\Microsoft\Internet Explorer\Search" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpybotSD TeaTimer" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall" /f =========

Bť¤D: System nie znalaz w rejestrze okrelonego klucza albo wartoci.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateLBPShortCut" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg query: "HKLM\SYSTEM\CurrentControlSet\Services\Winstep Xtreme Service" /s =========

Bť¤D: Nieprawidowy argument lub opcja - 'query:'.
Aby pozna† spos˘b uľycia, wpisz "REG /?".


========= End of Reg: =========


==== End of Fixlog ====