Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014 Ran by Optimus at 2014-09-16 23:24:35 Run:1 Running from C:\Users\Optimus\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: http=127.0.0.1:49207;https=127.0.0.1:49207 BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File HKLM\...\Policies\Explorer: [NoControlPanel] 0 S3 cleanhlp; \??\C:\Ashampoo Anti-Virus\cleanhlp64.sys [X] R4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X] HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\08129178.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\08129178.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" CustomCLSID: HKU\S-1-5-21-2628711367-3849038609-2972679648-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Optimus\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2628711367-3849038609-2972679648-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Optimus\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File Task: {220370E0-0A64-4701-BC70-53BC3842BA78} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe Task: {3FCF85B1-4A6E-4382-9E36-E679CB7BBCD2} - System32\Tasks\{36C6E431-46A7-411C-B95E-27DDCB131A26} => C:\Users\Optimus\Downloads\kis14.0.0.4651aEN_4955.exe Task: {6677A4C3-1ED5-40FD-9CAF-78599D5789B2} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe Task: {7336B108-ECBA-461E-A9E6-62E599ECA101} - System32\Tasks\{E0ABAA79-06A6-4227-B4B1-FB48C7A32C72} => C:\Users\Optimus\Downloads\kis14.0.0.4651aEN_4955.exe Task: {7F4B5A50-6B7B-4269-8313-E04FBCDF6871} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: {C6909511-615C-4589-8E46-BED38EFCC433} - System32\Tasks\{4D811F42-9A5E-4691-8E3C-A714D027C0F2} => C:\Users\Optimus\Downloads\kis14.0.0.4651aEN_4955.exe Task: {D918E371-4505-4860-AE28-254553AC28B6} - System32\Tasks\{119DBF9E-46CA-4371-98D3-2711E97399C8} => C:\Users\Optimus\Downloads\kis14.0.0.4651aEN_4955.exe Task: {E18320FC-D998-4B22-A77E-8044DD49BBC5} - System32\Tasks\{DD6887CC-67B7-4A48-B18A-4EA1F84CEC66} => C:\Users\Optimus\Downloads\kis14.0.0.4651aEN_4955.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC App Store C:\Users\Optimus\AppData\Roaming\Mozilla C:\Users\Optimus\Downloads\*(*)-dp*.exe Reg: reg delete HKCU\Software\Mozilla /f Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\mozilla.org /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f EmptyTemp: ***************** CloseProcesses => Error: No automatic fix found for this entry. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key deleted successfully. "HKCR\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key not found. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully. "HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found. HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully. "HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully. cleanhlp => Service deleted successfully. sptd => Service not found. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\08129178.sys" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\08129178.sys" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\CleanHlp" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys" => Key deleted successfully. "HKU\S-1-5-21-2628711367-3849038609-2972679648-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key deleted successfully. "HKU\S-1-5-21-2628711367-3849038609-2972679648-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{220370E0-0A64-4701-BC70-53BC3842BA78}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{220370E0-0A64-4701-BC70-53BC3842BA78}" => Key deleted successfully. C:\Windows\System32\Tasks\AdobeFlashPlayerUpdate 2 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate 2" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3FCF85B1-4A6E-4382-9E36-E679CB7BBCD2}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FCF85B1-4A6E-4382-9E36-E679CB7BBCD2}" => Key deleted successfully. C:\Windows\System32\Tasks\{36C6E431-46A7-411C-B95E-27DDCB131A26} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{36C6E431-46A7-411C-B95E-27DDCB131A26}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6677A4C3-1ED5-40FD-9CAF-78599D5789B2}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6677A4C3-1ED5-40FD-9CAF-78599D5789B2}" => Key deleted successfully. C:\Windows\System32\Tasks\AdobeFlashPlayerUpdate => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7336B108-ECBA-461E-A9E6-62E599ECA101}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7336B108-ECBA-461E-A9E6-62E599ECA101}" => Key deleted successfully. C:\Windows\System32\Tasks\{E0ABAA79-06A6-4227-B4B1-FB48C7A32C72} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E0ABAA79-06A6-4227-B4B1-FB48C7A32C72}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F4B5A50-6B7B-4269-8313-E04FBCDF6871}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F4B5A50-6B7B-4269-8313-E04FBCDF6871}" => Key deleted successfully. C:\Windows\System32\Tasks\Adobe Flash Player Updater => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C6909511-615C-4589-8E46-BED38EFCC433}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6909511-615C-4589-8E46-BED38EFCC433}" => Key deleted successfully. C:\Windows\System32\Tasks\{4D811F42-9A5E-4691-8E3C-A714D027C0F2} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4D811F42-9A5E-4691-8E3C-A714D027C0F2}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D918E371-4505-4860-AE28-254553AC28B6}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D918E371-4505-4860-AE28-254553AC28B6}" => Key deleted successfully. C:\Windows\System32\Tasks\{119DBF9E-46CA-4371-98D3-2711E97399C8} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{119DBF9E-46CA-4371-98D3-2711E97399C8}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E18320FC-D998-4B22-A77E-8044DD49BBC5}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E18320FC-D998-4B22-A77E-8044DD49BBC5}" => Key deleted successfully. C:\Windows\System32\Tasks\{DD6887CC-67B7-4A48-B18A-4EA1F84CEC66} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DD6887CC-67B7-4A48-B18A-4EA1F84CEC66}" => Key deleted successfully. C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC App Store => Moved successfully. C:\Users\Optimus\AppData\Roaming\Mozilla => Moved successfully. C:\Users\Optimus\Downloads\*(*)-dp*.exe => Moved successfully. ========= reg delete HKCU\Software\Mozilla /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\MozillaPlugins /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\mozilla.org /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= EmptyTemp: => Removed 426.7 MB temporary data. The system needed a reboot. ==== End of Fixlog ====