Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-09-2014 Ran by Wiex at 2014-09-17 20:01:47 Run:1 Running from C:\Users\Wiex\Downloads\FRST Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: S2 *etadpug; "C:\Program Files\Google\Desktop\Install\{a886596a-7018-f03a-8a2c-160be15bac0a}\ \...\???\{a886596a-7018-f03a-8a2c-160be15bac0a}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess) HKU\S-1-5-21-3592015403-793725120-2322176034-1000\...\Run: [Google Update**.d<*>] => "C:\Users\Wiex\AppData\Local\Google\Desktop\Install\{a886596a-7018-f03a-8a2c-160be15bac0a}\d'x"Å®"\", &h#\. ůű[\{a886596a-7018-f03a-8a2c-160be15bac0a}\GoogleUpdate.exe" > <===== ATTENTION (Value Name with invalid characters) Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll" FF NetworkProxy: "gopher", "" FF NetworkProxy: "gopher_port", 0 FF NetworkProxy: "share_proxy_settings", true FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" S3 ATP; system32\DRIVERS\cmdatp.sys [X] U3 DfSdkS; No ImagePath S0 kovabf; No ImagePath U0 Partizan; system32\drivers\Partizan.sys [X] S3 taphss; system32\DRIVERS\taphss.sys [X] S3 taphss6; system32\DRIVERS\taphss6.sys [X] S3 usbbus; system32\DRIVERS\lgusbbus.sys [X] S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X] S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X] C:\ProgramData\TEMP C:\Program Files\Dll-Files.com Fixer C:\Program Files\Google\Desktop C:\Users\Wiex\AppData\Local\Google\Desktop C:\Users\Wiex\AppData\Roaming\3909 C:\Users\Wiex\AppData\Roaming\System C:\Windows\system32\Drivers\etc\hosts.ccebak C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension CMD: netsh winsock reset Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ClamWin" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon" /f EmptyTemp: ***************** Processes closed successfully. *etadpug => Service deleted successfully. HKU\S-1-5-21-3592015403-793725120-2322176034-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update**.d<*> => Value Deleted Successfully. Winsock: Catalog5 entry 000000000001\\LibraryPath was set successfully to %SystemRoot%\system32\NLAapi.dll Winsock: Catalog5 entry 000000000005\\LibraryPath was set successfully to %SystemRoot%\System32\mswsock.dll Firefox Proxy settings were reset. Firefox Proxy settings were reset. Firefox Proxy settings were reset. HKLM\Software\Mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} => value deleted successfully. HKLM\Software\Mozilla\Firefox\Extensions\\smartwebprinting@hp.com => value deleted successfully. HKCU\Software\Mozilla\Firefox\Extensions\\smartwebprinting@hp.com => value deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\CleanHlp" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys" => Key deleted successfully. ATP => Service deleted successfully. DfSdkS => Service deleted successfully. kovabf => Service deleted successfully. Partizan => Service deleted successfully. taphss => Service deleted successfully. taphss6 => Service deleted successfully. usbbus => Service deleted successfully. UsbDiag => Service deleted successfully. USBModem => Service deleted successfully. C:\ProgramData\TEMP => Moved successfully. C:\Program Files\Dll-Files.com Fixer => Moved successfully. "C:\Program Files\Google\Desktop" directory move: Could not move "C:\Program Files\Google\Desktop" directory. => Scheduled to move on reboot. C:\Users\Wiex\AppData\Local\Google\Desktop => Moved successfully. C:\Users\Wiex\AppData\Roaming\3909 => Moved successfully. C:\Users\Wiex\AppData\Roaming\System => Moved successfully. C:\Windows\system32\Drivers\etc\hosts.ccebak => Moved successfully. C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension => Moved successfully. ========= netsh winsock reset ========= Pomy˜lnie zresetowano Winsock Catalog. Musisz ponownie uruchomi† komputer, aby ukoäczy† resetowanie. ========= End of CMD: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ClamWin" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= EmptyTemp: => Removed 148.8 MB temporary data. => Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-09-17 20:04:54)<= C:\Program Files\Google\Desktop => Is moved successfully. ==== End of Fixlog ====