Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-09-2014 01 Ran by Alicja at 2014-09-07 23:02:58 Run:1 Running from C:\Users\Alicja\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-30] (AVG Technologies) S2 vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [X] Task: {27BB28F1-8529-4D4A-9A0A-1240DB074C4E} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3135873756-1747778033-1847798441-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {5F7EE5D6-DD02-428C-9CCB-49ADE1F3C33C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3135873756-1747778033-1847798441-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {A67CA087-3168-4E24-B5EB-18B0F340CB79} - System32\Tasks\{59609522-1B79-4B1E-9D52-20AE49D08C06} => C:\Program Files (x86)\blueconnect\ModemApplication.exe HKU\S-1-5-21-3135873756-1747778033-1847798441-1000\...\Run: [AQQ] => C:\Users\Alicja\Desktop\WAPSTE~1\AQQ.exe HKU\S-1-5-21-3135873756-1747778033-1847798441-1000\...\Run: [Tlen.pl] => C:\Program Files (x86)\Tlen7\tlen7.exe ShellIconOverlayIdentifiers: GGDriveOverlay1 -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File ShellIconOverlayIdentifiers: GGDriveOverlay2 -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File ShellIconOverlayIdentifiers: GGDriveOverlay3 -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File ShellIconOverlayIdentifiers: GGDriveOverlay4 -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File CustomCLSID: HKU\S-1-5-21-3135873756-1747778033-1847798441-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Alicja\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service" C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} C:\ProgramData\AVG C:\ProgramData\AVG Web TuneUp C:\ProgramData\Temp C:\Users\Alicja\AppData\Local\AVG C:\Users\Alicja\AppData\Local\AVG Web TuneUp C:\Users\Alicja\AppData\Roaming\AVG C:\Windows\system32\Drivers\avgtpx64.sys CMD: netsh advfirewall reset EmptyTemp: ***************** avgtp => Unable to stop service avgtp => Service deleted successfully. vToolbarUpdater3.2.0 => Service deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{27BB28F1-8529-4D4A-9A0A-1240DB074C4E}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27BB28F1-8529-4D4A-9A0A-1240DB074C4E}" => Key deleted successfully. C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3135873756-1747778033-1847798441-1000 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealUpgradeLogonTaskS-1-5-21-3135873756-1747778033-1847798441-1000" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F7EE5D6-DD02-428C-9CCB-49ADE1F3C33C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F7EE5D6-DD02-428C-9CCB-49ADE1F3C33C}" => Key deleted successfully. C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3135873756-1747778033-1847798441-1000 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealUpgradeScheduledTaskS-1-5-21-3135873756-1747778033-1847798441-1000" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A67CA087-3168-4E24-B5EB-18B0F340CB79}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A67CA087-3168-4E24-B5EB-18B0F340CB79}" => Key deleted successfully. C:\Windows\System32\Tasks\{59609522-1B79-4B1E-9D52-20AE49D08C06} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{59609522-1B79-4B1E-9D52-20AE49D08C06}" => Key deleted successfully. HKU\S-1-5-21-3135873756-1747778033-1847798441-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AQQ => value deleted successfully. HKU\S-1-5-21-3135873756-1747778033-1847798441-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Tlen.pl => value deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GGDriveOverlay1" => Key deleted successfully. "HKCR\CLSID\{E68D0A50-3C40-4712-B90D-DCFA93FF2534}" => Key deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GGDriveOverlay2" => Key deleted successfully. "HKCR\CLSID\{E68D0A51-3C40-4712-B90D-DCFA93FF2534}" => Key deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GGDriveOverlay3" => Key deleted successfully. "HKCR\CLSID\{E68D0A52-3C40-4712-B90D-DCFA93FF2534}" => Key deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GGDriveOverlay4" => Key deleted successfully. "HKCR\CLSID\{E68D0A53-3C40-4712-B90D-DCFA93FF2534}" => Key deleted successfully. "HKU\S-1-5-21-3135873756-1747778033-1847798441-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}" => Key deleted successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully. "HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully. "HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found. "HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4" => Key deleted successfully. "HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5" => Key deleted successfully. C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml => Moved successfully. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e} => value deleted successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MCODS" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MCODS" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MpfService" => Key deleted successfully. C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} => Moved successfully. C:\ProgramData\AVG => Moved successfully. C:\ProgramData\AVG Web TuneUp => Moved successfully. C:\ProgramData\Temp => Moved successfully. C:\Users\Alicja\AppData\Local\AVG => Moved successfully. C:\Users\Alicja\AppData\Local\AVG Web TuneUp => Moved successfully. C:\Users\Alicja\AppData\Roaming\AVG => Moved successfully. C:\Windows\system32\Drivers\avgtpx64.sys => Moved successfully. ========= netsh advfirewall reset ========= Ok. ========= End of CMD: ========= EmptyTemp: => Removed 1.1 GB temporary data. The system needed a reboot. ==== End of Fixlog ====