Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-06-2014 01 Ran by mato at 2014-06-22 18:48:16 Run:1 Running from C:\Users\mato\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** Task: {CC44908D-7900-43D7-83F9-A777E875DFBE} - System32\Tasks\AmiUpdXp => C:\Users\mato\AppData\Local\31042\a8591.exe [2014-05-26] () <==== ATTENTION Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\mato\AppData\Local\31042\a8591.exe <==== ATTENTION C:\Program Files (x86)\Supporter\Supporter_x64.dll C:\Program Files (x86)\Supporter\Supporter.dll C:\Program Files (x86)\Supporter\SupporterSvc.dll C:\Program Files (x86)\Supporter C:\Windows\SysWOW64\nethtsrv.exe C:\Program Files\PCDApp\dgen.exe C:\Program Files\PCDApp\libcurl-4.dll C:\Program Files\PCDApp C:\Windows\SysWOW64\netupdsrv.exe AppInit_DLLs: C:\PROGRA~2\SUPPOR~1\SUPPOR~2.DLL => C:\Program Files (x86)\Supporter\Supporter_x64.dll AppInit_DLLs-x32: c:\progra~2\suppor~1\suppor~1.dll => C:\Program Files (x86)\Supporter\Supporter.dll BHO: CostMin - {7AE97584-8860-8214-DB02-29BFD8134C27} - C:\Program Files (x86)\CostMin\Ve6v.x64.dll () C:\Program Files (x86)\CostMin\Ve6v.x64.dll BHO: ChEaapMoe - {8071F7EF-C83B-9CCD-3838-722EB16D1B52} - C:\ProgramData\ChEaapMoe\oq5XHy.x64.dll () C:\ProgramData\ChEaapMoe\oq5XHy.x64.dll BHO-x32: CostMin - {7AE97584-8860-8214-DB02-29BFD8134C27} - C:\Program Files (x86)\CostMin\Ve6v.dll () BHO-x32: ChEaapMoe - {8071F7EF-C83B-9CCD-3838-722EB16D1B52} - C:\ProgramData\ChEaapMoe\oq5XHy.dll () BHO-x32: RObOSaveR - {963CDE27-5C00-3959-898E-7033A6B5F131} - C:\ProgramData\RObOSaveR\h.dll () BHO-x32: BittSaaver - {A596122C-FD77-E518-4A51-6A0C39C3512A} - C:\ProgramData\BittSaaver\T.dll () C:\ProgramData\BittSaaver\T.dll C:\ProgramData\RObOSaveR\h.dll C:\ProgramData\ChEaapMoe\oq5XHy.dll C:\Program Files (x86)\CostMin\Ve6v.dll CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION R2 be0fb33b; C:\Program Files (x86)\Supporter\SupporterSvc.dll R2 NetHttpService; C:\Windows\SysWOW64\nethtsrv.exe S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe R2 ServiceUpdater; C:\Windows\SysWOW64\netupdsrv.exe R1 nethfdrv; C:\Windows\system32\drivers\nethfdrv.sys [46160 2014-06-17] (nethfdrv) C:\Windows\SysWOW64\installd.exe C:\ProgramData\RObOSaveR C:\ProgramData\ChEaapMoe C:\ProgramData\80085dad5f485056 C:\Users\mato\AppData\Local\Torch C:\Users\mato\AppData\Local\Packages C:\Users\mato\AppData\Local\Comodo C:\Users\mato\AppData\Local\Chromatic Browser C:\Users\Gość\AppData\Local\Torch C:\Users\Gość\AppData\Local\Comodo C:\Users\Administrator\AppData\Local\Torch C:\Users\Administrator\AppData\Local\Comodo C:\Users\Administrator\AppData\Local\Chromatic Browser C:\ProgramData\BittSaaver C:\ProgramData\CostMin C:\Program Files (x86)\CostMin C:\Windows\Tasks\AmiUpdXp.job C:\Windows\System32\Tasks\AmiUpdXp C:\Windows\Minidump\053014-27877-01.dmp C:\Windows\System32\Tasks\AmiUpdXp C:\Users\mato\AppData\Local\31042 C:\Users\mato\AppData\Local\Temp\49442e40_.exe C:\Users\mato\AppData\Local\Temp\5d037a5a_.exe C:\Users\mato\AppData\Local\Temp\AutoRun.exe C:\Users\mato\AppData\Local\Temp\AutoRunGUI.dll C:\Users\mato\AppData\Local\Temp\Checkupdate.exe C:\Users\mato\AppData\Local\Temp\drvinstal.exe C:\Users\mato\AppData\Local\Temp\Foxit Reader Updater.exe C:\Users\mato\AppData\Local\Temp\gcapi_dll.dll C:\Users\mato\AppData\Local\Temp\gtapi_signed.dll C:\Users\mato\AppData\Local\Temp\MP3_Launcher_1_27_0_0.exe C:\Users\mato\AppData\Local\Temp\Social Club v1.1.0.6 Setup.exe C:\Users\mato\AppData\Local\Temp\sonarinst.exe Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f Reboot: ***************** 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC44908D-7900-43D7-83F9-A777E875DFBE}'=> Key not found. C:\Windows\System32\Tasks\AmiUpdXp not found. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp'=> Key not found. C:\Windows\Tasks\AmiUpdXp.job not found. "C:\Program Files (x86)\Supporter\Supporter_x64.dll" => File/Directory not found. "C:\Program Files (x86)\Supporter\Supporter.dll" => File/Directory not found. "C:\Program Files (x86)\Supporter\SupporterSvc.dll" => File/Directory not found. "C:\Program Files (x86)\Supporter" => File/Directory not found. C:\Windows\SysWOW64\nethtsrv.exe => Moved successfully. C:\Program Files\PCDApp\dgen.exe => Moved successfully. C:\Program Files\PCDApp\libcurl-4.dll => Moved successfully. C:\Program Files\PCDApp => Moved successfully. C:\Windows\SysWOW64\netupdsrv.exe => Moved successfully. "C:\PROGRA~2\SUPPOR~1\SUPPOR~2.DLL" => Value Data not found. "c:\progra~2\suppor~1\suppor~1.dll" => Value Data not found. 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7AE97584-8860-8214-DB02-29BFD8134C27}'=> Key not found. 'HKCR\CLSID\{7AE97584-8860-8214-DB02-29BFD8134C27}'=> Key not found. "C:\Program Files (x86)\CostMin\Ve6v.x64.dll" => File/Directory not found. 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8071F7EF-C83B-9CCD-3838-722EB16D1B52}'=> Key not found. 'HKCR\CLSID\{8071F7EF-C83B-9CCD-3838-722EB16D1B52}'=> Key not found. "C:\ProgramData\ChEaapMoe\oq5XHy.x64.dll" => File/Directory not found. 'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7AE97584-8860-8214-DB02-29BFD8134C27}'=> Key not found. 'HKCR\Wow6432Node\CLSID\{7AE97584-8860-8214-DB02-29BFD8134C27}'=> Key not found. 'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8071F7EF-C83B-9CCD-3838-722EB16D1B52}'=> Key not found. 'HKCR\Wow6432Node\CLSID\{8071F7EF-C83B-9CCD-3838-722EB16D1B52}'=> Key not found. 'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963CDE27-5C00-3959-898E-7033A6B5F131}'=> Key not found. 'HKCR\Wow6432Node\CLSID\{963CDE27-5C00-3959-898E-7033A6B5F131}' => Key deleted successfully. 'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A596122C-FD77-E518-4A51-6A0C39C3512A}'=> Key not found. 'HKCR\Wow6432Node\CLSID\{A596122C-FD77-E518-4A51-6A0C39C3512A}' => Key deleted successfully. "C:\ProgramData\BittSaaver\T.dll" => File/Directory not found. "C:\ProgramData\RObOSaveR\h.dll" => File/Directory not found. "C:\ProgramData\ChEaapMoe\oq5XHy.dll" => File/Directory not found. "C:\Program Files (x86)\CostMin\Ve6v.dll" => File/Directory not found. 'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully. be0fb33b => Service not found. NetHttpService => Service stopped successfully. NetHttpService => Service deleted successfully. ProtectMonitor => Service not found. ServiceUpdater => Service stopped successfully. ServiceUpdater => Service deleted successfully. nethfdrv => Service stopped successfully. nethfdrv => Service deleted successfully. C:\Windows\SysWOW64\installd.exe => Moved successfully. C:\ProgramData\RObOSaveR => Moved successfully. "C:\ProgramData\ChEaapMoe" => File/Directory not found. C:\ProgramData\80085dad5f485056 => Moved successfully. "C:\Users\mato\AppData\Local\Torch" => File/Directory not found. C:\Users\mato\AppData\Local\Packages => Moved successfully. C:\Users\mato\AppData\Local\Comodo => Moved successfully. "C:\Users\mato\AppData\Local\Chromatic Browser" => File/Directory not found. "C:\Users\Gość\AppData\Local\Torch" => File/Directory not found. C:\Users\Gość\AppData\Local\Comodo => Moved successfully. "C:\Users\Administrator\AppData\Local\Torch" => File/Directory not found. C:\Users\Administrator\AppData\Local\Comodo => Moved successfully. "C:\Users\Administrator\AppData\Local\Chromatic Browser" => File/Directory not found. C:\ProgramData\BittSaaver => Moved successfully. "C:\ProgramData\CostMin" => File/Directory not found. "C:\Program Files (x86)\CostMin" => File/Directory not found. "C:\Windows\Tasks\AmiUpdXp.job" => File/Directory not found. "C:\Windows\System32\Tasks\AmiUpdXp" => File/Directory not found. C:\Windows\Minidump\053014-27877-01.dmp => Moved successfully. "C:\Windows\System32\Tasks\AmiUpdXp" => File/Directory not found. "C:\Users\mato\AppData\Local\31042" => File/Directory not found. C:\Users\mato\AppData\Local\Temp\49442e40_.exe => Moved successfully. C:\Users\mato\AppData\Local\Temp\5d037a5a_.exe => Moved successfully. C:\Users\mato\AppData\Local\Temp\AutoRun.exe => Moved successfully. C:\Users\mato\AppData\Local\Temp\AutoRunGUI.dll => Moved successfully. C:\Users\mato\AppData\Local\Temp\Checkupdate.exe => Moved successfully. C:\Users\mato\AppData\Local\Temp\drvinstal.exe => Moved successfully. C:\Users\mato\AppData\Local\Temp\Foxit Reader Updater.exe => Moved successfully. C:\Users\mato\AppData\Local\Temp\gcapi_dll.dll => Moved successfully. C:\Users\mato\AppData\Local\Temp\gtapi_signed.dll => Moved successfully. C:\Users\mato\AppData\Local\Temp\MP3_Launcher_1_27_0_0.exe => Moved successfully. C:\Users\mato\AppData\Local\Temp\Social Club v1.1.0.6 Setup.exe => Moved successfully. C:\Users\mato\AppData\Local\Temp\sonarinst.exe => Moved successfully. ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= The system needed a reboot. ==== End of Fixlog ====