Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2014 02
Ran by Nordvendor at 2014-09-04 23:27:09 Run:1
Running from C:\Users\Nordvendor\Downloads\Skan antyvir 2014-09-30
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
S2 248642b4; "C:\Windows\system32\rundll32.exe" "c:\progra~2\pc_boo~1\AssistantSvc.dll",service
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-11] (AVG Technologies)
R1 {3de9eb9c-a833-42cb-b66f-841b954aebef}w64; C:\Windows\System32\drivers\{3de9eb9c-a833-42cb-b66f-841b954aebef}w64.sys [61112 2014-06-09] (StdLib)
S3 dump_wmimmc; \??\C:\-------- GRY --------\cabal online\GameGuard\dump_wmimmc.sys [X]
AppInit_DLLs: C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL => C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL File Not Found
AppInit_DLLs-x32: c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll => "c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll" File Not Found
AppInit_DLLs-x32: c:\progra~2\pc_boo~1\assist~1.dll => "c:\progra~2\pc_boo~1\assist~1.dll" File Not Found
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: {6570C58B-C08B-46AD-AA82-2369B0D1B627} -> MacDrive volume icons => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
SearchScopes: HKLM - DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6319CC73-A495-4FD0-8094-0CFB7679FE4D} URL = http://rts.dsrlte.com/?q={searchTerms}&r=890
SearchScopes: HKCU - {6A8E813D-8793-4D00-8B3D-FF82F76F09DA} URL = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100474&mntrId=006a53690000000000001078d27ccdc0
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: No Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
Task: {0F272A95-DD17-4B37-85E4-7BB19AE7C4EA} - System32\Tasks\{6B042CE6-A010-49CC-A5CE-0F30EF635EF6} => J:\------ ARCHIVE -------\LEGO Racers 2 ENG\LEGO Racers 2\Setup.exe
Task: {2561A1A2-45DA-4623-BB92-0310D6D871CE} - \Program aktualizacji online firmy Adobe. No Task File <==== ATTENTION
Task: {2C0023B3-8E35-42F0-8A1D-ADF244E46EEB} - \Program aktualizacji online produktu Real Player. No Task File <==== ATTENTION
Task: {7A6C311F-DC14-4F88-938C-F533793EE52B} - System32\Tasks\{3E163051-F1B0-4E8F-9FD8-902CE1C702CD} => C:\Program Files (x86)\JDownloader\JDownloaderD3D.exe
Task: {C0DC9573-7D8B-4DA7-9572-DBE9AA6D2151} - System32\Tasks\{947CCF1C-0914-4967-B6D9-49448FFBE710} => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2014-05-13] (Microsoft Corporation)
Task: {D0E26D77-300A-4B64-8091-04DC8134E2C8} - \Funmoods No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Microsoft:69HIJc2eWFRuWjKhlGUZpUbC
AlternateDataStreams: C:\ProgramData\Microsoft:KNa06ZLFnHrj8IClq3d
AlternateDataStreams: C:\ProgramData\Microsoft:qLMEFYbWHr40yPXjb2Igps
AlternateDataStreams: C:\ProgramData\Microsoft:wFG8MUwMeBgb1W5lijsafsl2B37CPb
AlternateDataStreams: C:\Users\Nordvendor\AppData\Local\HIICe5igWjGY:ZwJztacOXVa2tfywQMzZY8
AlternateDataStreams: C:\Users\Nordvendor\AppData\Local\Temporary Internet Files:6j0eXL7PsZp7pT0SBEc
AlternateDataStreams: C:\Users\Nordvendor\AppData\Local\XRw82QRGgEbh:13ppevkA8wrHijOpAABNbPYP4
C:\Program Files (x86)\ALlSaver
C:\Program Files (x86)\ExstrraSauvuiinegs
C:\Program Files (x86)\Mozilla Firefox
C:\Program Files (x86)\NeXtCoup
C:\Program Files (x86)\PC_Booster
C:\Program Files (x86)\SaveNNewaoAAppz
C:\ProgramData\a1b1058965f87030
C:\ProgramData\ALlSaver
C:\ProgramData\AVAST Software
C:\ProgramData\ExstrraSauvuiinegs
C:\ProgramData\ihmkapnfhloicabfpficfgnkfkldhalc
C:\ProgramData\NeXtCoup
C:\ProgramData\pRIccechopp
C:\ProgramData\SaveNNewaoAAppz
C:\ProgramData\TEMP
C:\Users\Nordvendor\AppData\Roaming\AVG
C:\Users\Nordvendor\AppData\Roaming\ProgSense
C:\Users\Nordvendor\AppData\Roaming\Temp
C:\Users\Nordvendor\AppData\Roaming\WNR
C:\Windows\system32\drivers\avgtpx64.sys
C:\Windows\System32\drivers\{3de9eb9c-a833-42cb-b66f-841b954aebef}w64.sys
DeleteKey: HKLM\SYSTEM\CurrentControlSet\Services\sptd
Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search" /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3} /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{248642b4} /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\S-493389286 /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
CMD: for /d %f in (C:\Users\Nordvendor\AppData\Local\{*}) do rd /s /q "%f"
CMD: netsh advfirewall reset
Hosts:
EmptyTemp:
*****************

248642b4 => Service deleted successfully.
avgtp => Service stopped successfully.
avgtp => Service deleted successfully.
{3de9eb9c-a833-42cb-b66f-841b954aebef}w64 => Service stopped successfully.
{3de9eb9c-a833-42cb-b66f-841b954aebef}w64 => Service deleted successfully.
dump_wmimmc => Service deleted successfully.
"C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL" => Value Data removed successfully.
"c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll" => Value Data removed successfully.
"c:\progra~2\pc_boo~1\assist~1.dll" => Value Data removed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
"HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\{6570C58B-C08B-46AD-AA82-2369B0D1B627}" => Key deleted successfully.
"HKCR\CLSID\MacDrive volume icons" => Key not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6319CC73-A495-4FD0-8094-0CFB7679FE4D}" => Key deleted successfully.
"HKCR\CLSID\{6319CC73-A495-4FD0-8094-0CFB7679FE4D}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A8E813D-8793-4D00-8B3D-FF82F76F09DA}" => Key deleted successfully.
"HKCR\CLSID\{6A8E813D-8793-4D00-8B3D-FF82F76F09DA}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key not found.
"HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}" => Key not found.
"HKCR\PROTOCOLS\Handler\linkscanner" => Key deleted successfully.
"HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" => Key not found.
"HKCR\Wow6432Node\PROTOCOLS\Handler\linkscanner" => Key not found.
"HKCR\Wow6432Node\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F272A95-DD17-4B37-85E4-7BB19AE7C4EA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F272A95-DD17-4B37-85E4-7BB19AE7C4EA}" => Key deleted successfully.
C:\Windows\System32\Tasks\{6B042CE6-A010-49CC-A5CE-0F30EF635EF6} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6B042CE6-A010-49CC-A5CE-0F30EF635EF6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2561A1A2-45DA-4623-BB92-0310D6D871CE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2561A1A2-45DA-4623-BB92-0310D6D871CE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Program aktualizacji online firmy Adobe." => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C0023B3-8E35-42F0-8A1D-ADF244E46EEB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C0023B3-8E35-42F0-8A1D-ADF244E46EEB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Program aktualizacji online produktu Real Player." => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A6C311F-DC14-4F88-938C-F533793EE52B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A6C311F-DC14-4F88-938C-F533793EE52B}" => Key deleted successfully.
C:\Windows\System32\Tasks\{3E163051-F1B0-4E8F-9FD8-902CE1C702CD} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3E163051-F1B0-4E8F-9FD8-902CE1C702CD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0DC9573-7D8B-4DA7-9572-DBE9AA6D2151}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0DC9573-7D8B-4DA7-9572-DBE9AA6D2151}" => Key deleted successfully.
C:\Windows\System32\Tasks\{947CCF1C-0914-4967-B6D9-49448FFBE710} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{947CCF1C-0914-4967-B6D9-49448FFBE710}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D0E26D77-300A-4B64-8091-04DC8134E2C8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0E26D77-300A-4B64-8091-04DC8134E2C8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Funmoods" => Key deleted successfully.
C:\ProgramData\Microsoft => ":69HIJc2eWFRuWjKhlGUZpUbC" ADS removed successfully.
C:\ProgramData\Microsoft => ":KNa06ZLFnHrj8IClq3d" ADS removed successfully.
C:\ProgramData\Microsoft => ":qLMEFYbWHr40yPXjb2Igps" ADS removed successfully.
C:\ProgramData\Microsoft => ":wFG8MUwMeBgb1W5lijsafsl2B37CPb" ADS removed successfully.
C:\Users\Nordvendor\AppData\Local\HIICe5igWjGY => ":ZwJztacOXVa2tfywQMzZY8" ADS removed successfully.
"C:\Users\Nordvendor\AppData\Local\Temporary Internet Files" => ":6j0eXL7PsZp7pT0SBEc" ADS not found.
C:\Users\Nordvendor\AppData\Local\XRw82QRGgEbh => ":13ppevkA8wrHijOpAABNbPYP4" ADS removed successfully.
C:\Program Files (x86)\ALlSaver => Moved successfully.
C:\Program Files (x86)\ExstrraSauvuiinegs => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox => Moved successfully.
C:\Program Files (x86)\NeXtCoup => Moved successfully.
C:\Program Files (x86)\PC_Booster => Moved successfully.
C:\Program Files (x86)\SaveNNewaoAAppz => Moved successfully.
C:\ProgramData\a1b1058965f87030 => Moved successfully.
C:\ProgramData\ALlSaver => Moved successfully.
C:\ProgramData\AVAST Software => Moved successfully.
C:\ProgramData\ExstrraSauvuiinegs => Moved successfully.
C:\ProgramData\ihmkapnfhloicabfpficfgnkfkldhalc => Moved successfully.
C:\ProgramData\NeXtCoup => Moved successfully.
C:\ProgramData\pRIccechopp => Moved successfully.
C:\ProgramData\SaveNNewaoAAppz => Moved successfully.
C:\ProgramData\TEMP => Moved successfully.
C:\Users\Nordvendor\AppData\Roaming\AVG => Moved successfully.
C:\Users\Nordvendor\AppData\Roaming\ProgSense => Moved successfully.
C:\Users\Nordvendor\AppData\Roaming\Temp => Moved successfully.
C:\Users\Nordvendor\AppData\Roaming\WNR => Moved successfully.
C:\Windows\system32\drivers\avgtpx64.sys => Moved successfully.
C:\Windows\System32\drivers\{3de9eb9c-a833-42cb-b66f-841b954aebef}w64.sys => Moved successfully.
HKLM\SYSTEM\CurrentControlSet\Services\sptd => Failed to delete key at first attempt (Error: C0000121), see next line.
HKLM\SYSTEM\CurrentControlSet\Services\sptd => Key Deleted Successfully.

========= reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3} /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{248642b4} /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\S-493389286 /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


=========  for /d %f in (C:\Users\Nordvendor\AppData\Local\{*}) do rd /s /q "%f" =========


========= End of CMD: =========


=========  netsh advfirewall reset =========

Ok.


========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 177.8 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====