Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-12-2014
Ran by User-PC at 2014-12-14 09:54:24 Run:1
Running from K:\Temp\Wazne\FRST
Loaded Profile: User-PC (Available profiles: User-PC)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
(Microsoft Corporation) C:\Windows\explorer.exe
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
BootExecute: PDBoot.exeautocheck autochk * sdnclean64.exe
S3 cthda; \SystemRoot\system32\drivers\cthda.sys [X]
S3 cthdb; \SystemRoot\system32\DRIVERS\cthdb.sys [X]
Task: {6BA89DCA-2163-4ACC-A09A-3FDC4E6ECF3B} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe
Task: {8A4E7231-8C00-4158-A528-1D2303D6296C} - System32\Tasks\{78303051-A97D-46F8-A129-565C8D318CCE} => pcalua.exe -a C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe -c -maintain plugin
Task: {A9A447EF-87CC-4839-891E-8A6617CCA163} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe
Task: {C47A7B77-16DA-4993-BDFF-C6F803E13425} - System32\Tasks\{E05BB42C-77A2-4EC7-8E51-A988B525AED3} => pcalua.exe -a "C:\Temp\Logitech\Windows 8\unifying210.exe" -d "C:\Temp\Logitech\Windows 8"
HKLM-x32\...\Run: [] => [X]
FF NetworkProxy: "type", 0
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
C:\Program Files (x86)\Temp
C:\ProgramData\Microsoft\Secure
C:\ProgramData\Spybot - Search & Destroy
C:\Users\User-PC\Appdata\Local\ujmedia
C:\Users\User-PC\Appdata\Local\ytpack
C:\Windows\System32\Tasks\Safer-Networking
Hosts:
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking
Reg: reg delete HKLM\SOFTWARE\Google /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Google /f
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v SearchProtection /f
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v YTPack /f
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v Ujmedia /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
CMD: netsh advfirewall reset
*****************

Processes closed successfully.
[1792] C:\Windows\explorer.exe => Process closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\1SecureIconsProvider" => Key deleted successfully.
"HKCR\CLSID\{FC9D8189-520A-4417-AED7-9EAC810C6FBA}" => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
cthda => Service deleted successfully.
cthdb => Service deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6BA89DCA-2163-4ACC-A09A-3FDC4E6ECF3B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BA89DCA-2163-4ACC-A09A-3FDC4E6ECF3B}" => Key deleted successfully.
C:\Windows\System32\Tasks\Norton Identity Safe\Norton Error Analyzer => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Identity Safe\Norton Error Analyzer" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A4E7231-8C00-4158-A528-1D2303D6296C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A4E7231-8C00-4158-A528-1D2303D6296C}" => Key deleted successfully.
C:\Windows\System32\Tasks\{78303051-A97D-46F8-A129-565C8D318CCE} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{78303051-A97D-46F8-A129-565C8D318CCE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9A447EF-87CC-4839-891E-8A6617CCA163}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9A447EF-87CC-4839-891E-8A6617CCA163}" => Key deleted successfully.
C:\Windows\System32\Tasks\Norton Identity Safe\Norton Error Processor => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Identity Safe\Norton Error Processor" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C47A7B77-16DA-4993-BDFF-C6F803E13425}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C47A7B77-16DA-4993-BDFF-C6F803E13425}" => Key deleted successfully.
C:\Windows\System32\Tasks\{E05BB42C-77A2-4EC7-8E51-A988B525AED3} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E05BB42C-77A2-4EC7-8E51-A988B525AED3}" => Key deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
Firefox Proxy settings were reset.
"HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.1" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.3.2" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.1" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
C:\Program Files (x86)\Temp => Moved successfully.
C:\ProgramData\Microsoft\Secure => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
"C:\Users\User-PC\Appdata\Local\ujmedia" => File/Directory not found.
"C:\Users\User-PC\Appdata\Local\ytpack" => File/Directory not found.
C:\Windows\System32\Tasks\Safer-Networking => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking => Failed to delete key at first attempt (Error: C0000121), see next line.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking => Key Deleted Successfully.

========= reg delete HKLM\SOFTWARE\Google /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Wow6432Node\Google /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v SearchProtection /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v YTPack /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v Ujmedia /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


=========  netsh advfirewall reset =========

Ok.


========= End of CMD: =========



The system needed a reboot. 

==== End of Fixlog ====