Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-11-2014 01 Ran by Robert at 2014-11-29 23:11:46 Run:1 Running from C:\Users\Robert\Desktop Loaded Profile: Robert (Available profiles: Robert & UpdatusUser) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: S2 Aktualizacja Techgile; "C: \ Program Files (x86) \ Techgile \ updateTechgile.exe" [X] HKLM-x32 \ ... \ Run: [ROC_roc_ssl_v12] => "C: \ Program Files (x86) \ AVG Bezpieczne wyszukiwanie \ ROC_roc_ssl_v12. exe "/ / PROMPT / CMPID = roc_ssl_v12 HKU \ S-1-5-21-2184118066-859118458-687225370-1000 \ ... \ Run: [AVG Secure-wyszukiwania-Update_1213b] => C: \ Users \ Robert \ Campaign \ AVG Secure-wyszukiwanie-Update-1213b.exe AppData \ roaming, \ AVG 1213b / SZYBKA / mid = 54e62f3abf8d47d0be1cd1543b71c18b-1308d3c63c742bcf262aec552d1bdcca5b3be4c5 / CMPID = 1213b ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku GroupPolicy: Zasady grupy na Chrome wykryto <======= UWAGA CHR HKLM \ Software \ Policies \ Google: ograniczenie Polityka <======= UWAGA HKU \ S-1-5-21- 2184118066-859118458-687225370-1000 \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = Explorer \ Main, Search Bar = http://www.google.com/ie HKU \ S-1-5-21-2184118066-859118458-687225370-1000 \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http: / /www.google.com/ie SearchScopes: HKU \ S-1-5-21-2184118066-859118458-687225370-1000 -> DefaultScope {szukaj.gazeta.pl} URL = http://szukaj.gazeta.pl/internet /0,0.html?slowo={searchTerms} SearchScopes: HKU \ S-1-5-21-2184118066-859118458-687225370-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http: // www.google.com/search?q={sear SearchScopes: HKU \ S-1-5-21-2184118066-859118458-687225370-1000 -> {C68463FC-2E20-492D-B129-C09640278F6B} URL = HKU \ S-1-5-21-2184118066-859118458-687225370-1000 -> {szukaj.gazeta.pl} URL = http://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms } BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C: \ Program Files (x86) \ AVG \ AVG2012 \ avgssiea.dll Nie File BHO-x32: AVG Safe Search -> {3CA2F312 -6F6E-4B53-A66E-4E65E497C8C0} -> C: \ Program Files (x86) \ AVG \ AVG2012 \ avgssie.dll Brak pliku Handler: LinkScanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C: \ Program Files (x86) \ AVG \ AVG2012 \ avgpp.dll Brak pliku CustomCLSID: -> C: \ Users \ Robert \ AppData \ Local \ Google \ Update \ 1.3.25.5 \ psuser_64.dll Brak pliku CustomCLSID: -> C: \ Users \ Robert \ AppData \ Local \ Google \ Update \ 1.3.23.9 \ psuser_64.dll Brak pliku CustomCLSID: -> C: \ Users \ Robert \ AppData \ Local \ Google \ Update \ 1.3.24.15 \ psuser_64.dll Brak pliku CustomCLSID: -> C: \ Users \ Robert \ AppData \ Local \ Google \ Update \ 1.3.24.7 \ psuser_64.dll Brak pliku C: \ ProgramData \ AVAST Software C: \ Users \ Robert \ AppData \ Local \ Avg2014 C: \ Users \ Robert \ AppData \ Local \ Google \ Chrome \ User \ Dane \ Ustawienia domyÅ›lne C: \ Users \ Robert \ AppData \ Local \ Google \ Chrome \ User Data \ DomyÅ›lnie \ Local Storage \ * localStorage * C: \ Users \ Robert \ AppData \ Roaming \ Mozilla C: \ Users \ Robert \ AppData \ Roaming \ TuneUp Software C: \ Users \ DomyÅ›lnie \ AppData \ Roaming \ TuneUp Software C: \ Users \ Robert \ Pulpit \ * _ Sciagnij.pl.exe Reg: reg delete " HKCU \ Software \ Microsoft \ Internet Explorer \ Search "/ f Reg: reg delete HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ mountpoints2 CMD: dir / "C: \ Program Files" CMD: dir / "C: \ Program Files (x86) " CMD: dir / C: \ ProgramData CMD: dir / C: \ Users \ Robert \ AppData \ Local CMD: dir / C: \ Users \ Robert \ AppData \ LocalLow CMD: dir / C: \ Users \ Robert \ AppData \ Roaming EmptyTemp: ***************** Processes closed successfully. Aktualizacja Techgile => Service not found. HKLM-x32 \ ... \ Run: [ROC_roc_ssl_v12] => "C: \ Program Files (x86) \ AVG Bezpieczne wyszukiwanie \ ROC_roc_ssl_v12. exe "/ / PROMPT / CMPID = roc_ssl_v12 => Error: No automatic fix found for this entry. HKU \ S-1-5-21-2184118066-859118458-687225370-1000 \ ... \ Run: [AVG Secure-wyszukiwania-Update_1213b] => C: \ Users \ Robert \ Campaign \ AVG Secure-wyszukiwanie-Update-1213b.exe AppData \ roaming, \ AVG 1213b / SZYBKA / mid = 54e62f3abf8d47d0be1cd1543b71c18b-1308d3c63c742bcf262aec552d1bdcca5b3be4c5 / CMPID = 1213b => Error: No automatic fix found for this entry. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully. "HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found. GroupPolicy: Zasady grupy na Chrome wykryto <======= UWAGA => Error: No automatic fix found for this entry. CHR HKLM \ Software \ Policies \ Google: ograniczenie Polityka <======= UWAGA => Error: No automatic fix found for this entry. HKU \ S-1-5-21- 2184118066-859118458-687225370-1000 \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = => Error: No automatic fix found for this entry. Explorer \ Main, Search Bar = http://www.google.com/ie => Error: No automatic fix found for this entry. HKU \ S-1-5-21-2184118066-859118458-687225370-1000 \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http: / /www.google.com/ie => Error: No automatic fix found for this entry. \\DefaultScope => Value not found. \\SearchScopes: HKU \ S-1-5-21-2184118066-859118458-687225370-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http: // www.google.com/search?q={sear => Value not found. \\SearchScopes: HKU \ S-1-5-21-2184118066-859118458-687225370-1000 -> {C68463FC-2E20-492D-B129-C09640278F6B} URL = => Value not found. HKU \ S-1-5-21-2184118066-859118458-687225370-1000 -> {szukaj.gazeta.pl} URL = http://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms } => Error: No automatic fix found for this entry. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully. "HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312 -6F6E-4B53-A66E-4E65E497C8C0}" => Key not found. "HKCR\Wow6432Node\CLSID\{3CA2F312 -6F6E-4B53-A66E-4E65E497C8C0}" => Key not found. "HKCR\PROTOCOLS\Handler\LinkScanner" => Key deleted successfully. "HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" => Key deleted successfully. "CustomCLSID: -> C: \ Users \ Robert \ AppData \ Local \ Google \ Update \ 1.3.25.5 \ psuser_64.dll Brak pliku" => Key not found. "CustomCLSID: -> C: \ Users \ Robert \ AppData \ Local \ Google \ Update \ 1.3.23.9 \ psuser_64.dll Brak pliku" => Key not found. "CustomCLSID: -> C: \ Users \ Robert \ AppData \ Local \ Google \ Update \ 1.3.24.15 \ psuser_64.dll Brak pliku" => Key not found. "CustomCLSID: -> C: \ Users \ Robert \ AppData \ Local \ Google \ Update \ 1.3.24.7 \ psuser_64.dll Brak pliku" => Key not found. C: \ ProgramData \ AVAST Software => Error: No automatic fix found for this entry. C: \ Users \ Robert \ AppData \ Local \ Avg2014 => Error: No automatic fix found for this entry. C: \ Users \ Robert \ AppData \ Local \ Google \ Chrome \ User \ Dane \ Ustawienia domyÅ›lne => Error: No automatic fix found for this entry. C: \ Users \ Robert \ AppData \ Local \ Google \ Chrome \ User Data \ DomyÅ›lnie \ Local Storage \ * localStorage * => Error: No automatic fix found for this entry. C: \ Users \ Robert \ AppData \ Roaming \ Mozilla => Error: No automatic fix found for this entry. C: \ Users \ Robert \ AppData \ Roaming \ TuneUp Software => Error: No automatic fix found for this entry. C: \ Users \ DomyÅ›lnie \ AppData \ Roaming \ TuneUp Software => Error: No automatic fix found for this entry. C: \ Users \ Robert \ Pulpit \ * _ Sciagnij.pl.exe => Error: No automatic fix found for this entry. ========= reg delete " HKCU \ Software \ Microsoft \ Internet Explorer \ Search "/ f ========= Bť¤D: Nieprawidˆowa nazwa klucza. Aby pozna† spos˘b uľycia, wpisz "REG DELETE /?". ========= End of Reg: ========= ========= reg delete HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ mountpoints2 ========= Bť¤D: Nieprawidˆowa skˆadania. Aby pozna† spos˘b uľycia, wpisz "REG DELETE /?". ========= End of Reg: ========= ========= dir / "C: \ Program Files" ========= Nieprawidˆowy przeˆ¥cznik - ""C: \ Program Files"". ========= End of CMD: ========= ========= dir / "C: \ Program Files (x86) " ========= Nieprawidˆowy przeˆ¥cznik - ""C: \ Program Files (x86) "". ========= End of CMD: ========= ========= dir / C: \ ProgramData ========= Niepoprawny format parametru - "C:". ========= End of CMD: ========= ========= dir / C: \ Users \ Robert \ AppData \ Local ========= Niepoprawny format parametru - "C:". ========= End of CMD: ========= ========= dir / C: \ Users \ Robert \ AppData \ LocalLow ========= Niepoprawny format parametru - "C:". ========= End of CMD: ========= ========= dir / C: \ Users \ Robert \ AppData \ Roaming ========= Niepoprawny format parametru - "C:". ========= End of CMD: ========= EmptyTemp: => Removed 3.3 GB temporary data. The system needed a reboot. ==== End of Fixlog ====