Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-12-2014 02 Ran by Marta at 2014-12-08 20:20:28 Run:1 Running from C:\Users\Marta\Desktop\Czyszczenie Loaded Profiles: UpdatusUser & Marta (Available profiles: UpdatusUser & Marta) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: Task: {042E8582-3F25-4AED-B98D-2CC14FC8A42B} - System32\Tasks\61c99360-2be3-4593-806e-f395dc9af988-11 => C:\Program Files (x86)\Internet Speed Checker\61c99360-2be3-4593-806e-f395dc9af988-11.exe [2014-11-02] (Speedchecker) <==== ATTENTION Task: {9260D919-6FF8-47C4-92E0-64178A84B5F5} - System32\Tasks\61c99360-2be3-4593-806e-f395dc9af988-5_user => C:\Program Files (x86)\Internet Speed Checker\61c99360-2be3-4593-806e-f395dc9af988-5.exe [2014-11-02] (Speedchecker) <==== ATTENTION Task: {AF2BDC1B-D0E4-4B9F-87F1-A5F96B7D5767} - System32\Tasks\61c99360-2be3-4593-806e-f395dc9af988-7 => C:\Program Files (x86)\Internet Speed Checker\61c99360-2be3-4593-806e-f395dc9af988-7.exe [2014-11-02] (Speedchecker) <==== ATTENTION Task: {B7C80393-2807-4B87-B416-CD4F537D6C13} - System32\Tasks\61c99360-2be3-4593-806e-f395dc9af988-1 => C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-codedownloader.exe [2014-11-02] (Speedchecker) <==== ATTENTION Task: {B9BF867A-638F-4E39-BF3A-C8A9D52A8617} - System32\Tasks\61c99360-2be3-4593-806e-f395dc9af988-4 => C:\Program Files (x86)\Internet Speed Checker\61c99360-2be3-4593-806e-f395dc9af988-4.exe [2014-11-02] (Speedchecker) <==== ATTENTION Task: {CCE9D17C-8F16-4570-B3A9-8D39F0AA7B1E} - System32\Tasks\61c99360-2be3-4593-806e-f395dc9af988-5 => C:\Program Files (x86)\Internet Speed Checker\61c99360-2be3-4593-806e-f395dc9af988-5.exe [2014-11-02] (Speedchecker) <==== ATTENTION Task: {D73EF128-1367-4D7D-A7A3-01EF023F6B43} - System32\Tasks\61c99360-2be3-4593-806e-f395dc9af988-2 => C:\Program Files (x86)\Internet Speed Checker\61c99360-2be3-4593-806e-f395dc9af988-2.exe [2014-11-02] (Speedchecker) <==== ATTENTION Task: {FA36D863-0207-4E2D-9698-56FD59B3EC76} - System32\Tasks\61c99360-2be3-4593-806e-f395dc9af988-6 => C:\Program Files (x86)\Internet Speed Checker\61c99360-2be3-4593-806e-f395dc9af988-6.exe [2014-11-02] (Speedchecker) <==== ATTENTION Task: C:\windows\Tasks\61c99360-2be3-4593-806e-f395dc9af988-1.job => C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-codedownloader.exe <==== ATTENTION Task: C:\windows\Tasks\61c99360-2be3-4593-806e-f395dc9af988-11.job => C:\Program Files (x86)\Internet Speed Checker\61c99360-2be3-4593-806e-f395dc9af988-11.exe <==== ATTENTION Task: C:\windows\Tasks\61c99360-2be3-4593-806e-f395dc9af988-2.job => C:\Program Files (x86)\Internet Speed Checker\61c99360-2be3-4593-806e-f395dc9af988-2.exe <==== ATTENTION Task: C:\windows\Tasks\61c99360-2be3-4593-806e-f395dc9af988-4.job => C:\Program Files (x86)\Internet Speed Checker\61c99360-2be3-4593-806e-f395dc9af988-4.exe <==== ATTENTION Task: C:\windows\Tasks\61c99360-2be3-4593-806e-f395dc9af988-5.job => C:\Program Files (x86)\Internet Speed Checker\61c99360-2be3-4593-806e-f395dc9af988-5.exe <==== ATTENTION Task: C:\windows\Tasks\61c99360-2be3-4593-806e-f395dc9af988-5_user.job => C:\Program Files (x86)\Internet Speed Checker\61c99360-2be3-4593-806e-f395dc9af988-5.exe <==== ATTENTION Task: C:\windows\Tasks\61c99360-2be3-4593-806e-f395dc9af988-6.job => C:\Program Files (x86)\Internet Speed Checker\61c99360-2be3-4593-806e-f395dc9af988-6.exe <==== ATTENTION Task: C:\windows\Tasks\61c99360-2be3-4593-806e-f395dc9af988-7.job => C:\Program Files (x86)\Internet Speed Checker\61c99360-2be3-4593-806e-f395dc9af988-7.exe <==== ATTENTION R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-31] () [File not signed] HKU\S-1-5-21-421937301-649035308-745041611-1001\...\MountPoints2: {03679a96-fb59-11e1-98f8-60d819ec78d5} - E:\Startme.exe HKU\S-1-5-21-421937301-649035308-745041611-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=sft&utm_medium=installer&utm_campaign=sft SearchScopes: HKU\S-1-5-21-421937301-649035308-745041611-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKU\S-1-5-21-421937301-649035308-745041611-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKU\S-1-5-21-421937301-649035308-745041611-1001 -> {AA924ECE-29EB-43C3-A5C5-C410D7C75002} URL = http://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11406&pf=V7&p2=^BBE^OSJ000^YY^PL&gct=&itbv=12.18.0.82&apn_uid=EDD113BB-FCF5-4A7A-BE43-73B3EAF9F72D&apn_ptnrs=BBE&apn_dtid=^OSJ000^YY^PL&apn_dbr=ie_11.0.9600.17344&doi=2014-11-02&trgb=IE&q={searchTerms}&psv=&pt=tb BHO: Internet Speed Checker -> {11111111-1111-1111-1111-110611171152} -> C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-bho64.dll (Speedchecker) BHO-x32: Internet Speed Checker -> {11111111-1111-1111-1111-110611171152} -> C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-bho.dll (Speedchecker) FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File C:\Program Files\Google C:\Program Files (x86)\Google\Chrome C:\Program Files (x86)\McAfee C:\Program Files (x86)\Internet Speed Checker C:\Program Files (x86)\Tor C:\Program Files (x86)\v9Soft C:\ProgramData\McAfee C:\Users\Marta\AppData\Local\Google\Chrome C:\Users\Marta\AppData\Local\Flvto Youtube Downloader C:\Windows\SysWOW64\sho*.tmp Reg: reg delete HKCU\Software\Google\Chrome /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Google\Chrome /f Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Internet Speed Checker" /f CMD: for /d %f in (C:\Users\Marta\AppData\Local\{*}) do rd /s /q "%f" EmptyTemp: ***************** Processes closed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{042E8582-3F25-4AED-B98D-2CC14FC8A42B}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{042E8582-3F25-4AED-B98D-2CC14FC8A42B}" => Key deleted successfully. C:\Windows\System32\Tasks\61c99360-2be3-4593-806e-f395dc9af988-11 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\61c99360-2be3-4593-806e-f395dc9af988-11" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9260D919-6FF8-47C4-92E0-64178A84B5F5}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9260D919-6FF8-47C4-92E0-64178A84B5F5}" => Key deleted successfully. C:\Windows\System32\Tasks\61c99360-2be3-4593-806e-f395dc9af988-5_user => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\61c99360-2be3-4593-806e-f395dc9af988-5_user" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AF2BDC1B-D0E4-4B9F-87F1-A5F96B7D5767}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF2BDC1B-D0E4-4B9F-87F1-A5F96B7D5767}" => Key deleted successfully. C:\Windows\System32\Tasks\61c99360-2be3-4593-806e-f395dc9af988-7 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\61c99360-2be3-4593-806e-f395dc9af988-7" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B7C80393-2807-4B87-B416-CD4F537D6C13}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7C80393-2807-4B87-B416-CD4F537D6C13}" => Key deleted successfully. C:\Windows\System32\Tasks\61c99360-2be3-4593-806e-f395dc9af988-1 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\61c99360-2be3-4593-806e-f395dc9af988-1" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B9BF867A-638F-4E39-BF3A-C8A9D52A8617}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9BF867A-638F-4E39-BF3A-C8A9D52A8617}" => Key deleted successfully. C:\Windows\System32\Tasks\61c99360-2be3-4593-806e-f395dc9af988-4 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\61c99360-2be3-4593-806e-f395dc9af988-4" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CCE9D17C-8F16-4570-B3A9-8D39F0AA7B1E}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCE9D17C-8F16-4570-B3A9-8D39F0AA7B1E}" => Key deleted successfully. C:\Windows\System32\Tasks\61c99360-2be3-4593-806e-f395dc9af988-5 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\61c99360-2be3-4593-806e-f395dc9af988-5" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D73EF128-1367-4D7D-A7A3-01EF023F6B43}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D73EF128-1367-4D7D-A7A3-01EF023F6B43}" => Key deleted successfully. C:\Windows\System32\Tasks\61c99360-2be3-4593-806e-f395dc9af988-2 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\61c99360-2be3-4593-806e-f395dc9af988-2" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FA36D863-0207-4E2D-9698-56FD59B3EC76}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA36D863-0207-4E2D-9698-56FD59B3EC76}" => Key deleted successfully. C:\Windows\System32\Tasks\61c99360-2be3-4593-806e-f395dc9af988-6 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\61c99360-2be3-4593-806e-f395dc9af988-6" => Key deleted successfully. C:\windows\Tasks\61c99360-2be3-4593-806e-f395dc9af988-1.job => Moved successfully. C:\windows\Tasks\61c99360-2be3-4593-806e-f395dc9af988-11.job => Moved successfully. C:\windows\Tasks\61c99360-2be3-4593-806e-f395dc9af988-2.job => Moved successfully. C:\windows\Tasks\61c99360-2be3-4593-806e-f395dc9af988-4.job => Moved successfully. C:\windows\Tasks\61c99360-2be3-4593-806e-f395dc9af988-5.job => Moved successfully. C:\windows\Tasks\61c99360-2be3-4593-806e-f395dc9af988-5_user.job => Moved successfully. C:\windows\Tasks\61c99360-2be3-4593-806e-f395dc9af988-6.job => Moved successfully. C:\windows\Tasks\61c99360-2be3-4593-806e-f395dc9af988-7.job => Moved successfully. tor => Service deleted successfully. "HKU\S-1-5-21-421937301-649035308-745041611-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{03679a96-fb59-11e1-98f8-60d819ec78d5}" => Key deleted successfully. "HKCR\CLSID\{03679a96-fb59-11e1-98f8-60d819ec78d5}" => Key not found. HKU\S-1-5-21-421937301-649035308-745041611-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKU\S-1-5-21-421937301-649035308-745041611-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. "HKU\S-1-5-21-421937301-649035308-745041611-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully. "HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found. "HKU\S-1-5-21-421937301-649035308-745041611-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA924ECE-29EB-43C3-A5C5-C410D7C75002}" => Key deleted successfully. "HKCR\CLSID\{AA924ECE-29EB-43C3-A5C5-C410D7C75002}" => Key not found. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}" => Key deleted successfully. "HKCR\CLSID\{11111111-1111-1111-1111-110611171152}" => Key deleted successfully. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611171152}" => Key deleted successfully. "HKLM\Software\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10" => Key deleted successfully. "HKLM\Software\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4" => Key deleted successfully. C:\Program Files\Google => Moved successfully. "C:\Program Files (x86)\Google\Chrome" => File/Directory not found. C:\Program Files (x86)\McAfee => Moved successfully. C:\Program Files (x86)\Internet Speed Checker => Moved successfully. C:\Program Files (x86)\Tor => Moved successfully. C:\Program Files (x86)\v9Soft => Moved successfully. C:\ProgramData\McAfee => Moved successfully. "C:\Users\Marta\AppData\Local\Google\Chrome" => File/Directory not found. C:\Users\Marta\AppData\Local\Flvto Youtube Downloader => Moved successfully. C:\Windows\SysWOW64\sho*.tmp => Moved successfully. ========= reg delete HKCU\Software\Google\Chrome /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Google\Chrome /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Internet Speed Checker" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= for /d %f in (C:\Users\Marta\AppData\Local\{*}) do rd /s /q "%f" ========= ========= End of CMD: ========= EmptyTemp: => Removed 214.1 MB temporary data. The system needed a reboot. ==== End of Fixlog ====