Fix result of Farbar Recovery Scan Tool (x64) Version: 26-05-2015
Ran by Administrator at 2015-05-27 17:43:18 Run:1
Running from C:\Users\Administrator\Downloads
Loaded Profiles: Administrator (Available Profiles: Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
Task: {05CA4F16-C41D-4D20-BD7F-E9441B371280} - \SmartWeb Upgrade Trigger Task No Task File <==== ATTENTION
Task: {5B94828A-0A3B-41FB-B8C3-1A14834725BF} - \ShopperPro No Task File <==== ATTENTION
Task: {8F956E02-2741-4228-A6CC-5CB77BBC2A30} - \ShopperProJSUpd No Task File <==== ATTENTION
Task: {9D71992D-A317-4AF6-B938-96B59FDE380C} - \SPDriver No Task File <==== ATTENTION
Task: {AA26E772-EE3E-4FFC-A036-8FBE613FCBBD} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}
Task: {AAAFAB6D-90C9-4D43-B6CF-2320B8C88B76} - System32\Tasks\YTAUpdate => C:\PROGRA~2\YOUTUB~1\Updater.exe <==== ATTENTION
Task: {B4C04B14-090D-4E1F-A49A-B3DE9F0F367D} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {DAD458BB-568B-4946-9F45-2F9133517EF8} - \SPBIW_UpdateTask_Time_323238373130313733372d4a5b5b345a417845455a376c No Task File <==== ATTENTION
Task: {DBF4784D-234D-489F-A322-15800626ECAB} - System32\Tasks\YTAUpdate_logon => C:\PROGRA~2\YOUTUB~1\Updater.exe <==== ATTENTION
S2 YouTubeAcceleratorService; C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm [X]
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WinCheck] => C:\Users\Administrator\AppData\Local\F5A708FF-1432679338-11E3-9673-CE39E75C1B10\bnsh7D3E.exe [861696 2015-05-26] ()
HKU\S-1-5-21-3325632279-856947495-1742326175-500\...\Run: [Virtual WiFi Router] => ""
HKU\S-1-5-21-3325632279-856947495-1742326175-500\...\RunOnce: [CleanupUninstallerTemp] => cmd.exe /c del /F /Q "%temp%\updater_uninstall.exe" /f
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.oursurfing.com/?type=sc&ts=1432672679&z=6e1253d79318ef88d43923cg8z0c6o7qem2odqftce&from=cmi&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF300055N
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.oursurfing.com/?type=sc&ts=1432672679&z=6e1253d79318ef88d43923cg8z0c6o7qem2odqftce&from=cmi&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF300055N
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.oursurfing.com/?type=sc&ts=1432672679&z=6e1253d79318ef88d43923cg8z0c6o7qem2odqftce&from=cmi&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF300055N
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.oursurfing.com/?type=sc&ts=1432672679&z=6e1253d79318ef88d43923cg8z0c6o7qem2odqftce&from=cmi&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF300055N
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.oursurfing.com/?type=sc&ts=1432672679&z=6e1253d79318ef88d43923cg8z0c6o7qem2odqftce&from=cmi&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF300055N
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.oursurfing.com/?type=sc&ts=1432672679&z=6e1253d79318ef88d43923cg8z0c6o7qem2odqftce&from=cmi&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF300055N
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.oursurfing.com/?type=sc&ts=1432672679&z=6e1253d79318ef88d43923cg8z0c6o7qem2odqftce&from=cmi&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF300055N
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKU\S-1-5-21-3325632279-856947495-1742326175-500 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
StartMenuInternet: FIREFOX.EXE - firefox.exe
StartMenuInternet: Google Chrome - Chrome.exe
C:\Program Files (x86)\4269711e-b00b-412b-9fd9-d13df3fdba78
C:\Program Files (x86)\8d843763-d167-4df4-ab9a-d24ccbd91ac1
C:\Program Files (x86)\globalUpdate
C:\Program Files (x86)\YouTube Accelerator
C:\ProgramData\TEMP
C:\Users\Administrator\AppData\Local\F5A708FF-1432679338-11E3-9673-CE39E75C1B10
C:\Users\Administrator\AppData\Local\globalUpdate
C:\Users\Administrator\Downloads\Virtual WiFi Router 3.0.1.2 Setup.exe
C:\Users\Public\Documents\GOOBZO
RemoveDirectory: C:\Users\admin.p
RemoveDirectory: C:\Users\lol
DisableService: Mobile Partner. RunOuc
CMD: netsh advfirewall reset
CMD: netsh winsock reset
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05CA4F16-C41D-4D20-BD7F-E9441B371280}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05CA4F16-C41D-4D20-BD7F-E9441B371280}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B94828A-0A3B-41FB-B8C3-1A14834725BF}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B94828A-0A3B-41FB-B8C3-1A14834725BF}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperPro" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8F956E02-2741-4228-A6CC-5CB77BBC2A30}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F956E02-2741-4228-A6CC-5CB77BBC2A30}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperProJSUpd" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9D71992D-A317-4AF6-B938-96B59FDE380C}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D71992D-A317-4AF6-B938-96B59FDE380C}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPDriver" => key Removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA26E772-EE3E-4FFC-A036-8FBE613FCBBD} => key not found. 
Could not move "C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}" => Scheduled to move on reboot.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AAAFAB6D-90C9-4D43-B6CF-2320B8C88B76}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAAFAB6D-90C9-4D43-B6CF-2320B8C88B76}" => key Removed successfully
C:\Windows\System32\Tasks\YTAUpdate => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTAUpdate" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4C04B14-090D-4E1F-A49A-B3DE9F0F367D}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4C04B14-090D-4E1F-A49A-B3DE9F0F367D}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DAD458BB-568B-4946-9F45-2F9133517EF8}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DAD458BB-568B-4946-9F45-2F9133517EF8}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_323238373130313733372d4a5b5b345a417845455a376c" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DBF4784D-234D-489F-A322-15800626ECAB}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBF4784D-234D-489F-A322-15800626ECAB}" => key Removed successfully
C:\Windows\System32\Tasks\YTAUpdate_logon => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTAUpdate_logon" => key Removed successfully
YouTubeAcceleratorService => Service Removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value Removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value Removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WinCheck => value not found.
HKU\S-1-5-21-3325632279-856947495-1742326175-500\Software\Microsoft\Windows\CurrentVersion\Run\\Virtual WiFi Router => value Removed successfully
HKU\S-1-5-21-3325632279-856947495-1742326175-500\Software\Microsoft\Windows\CurrentVersion\RunOnce\\CleanupUninstallerTemp => value not found.
"HKLM\SOFTWARE\Policies\Google" => key Removed successfully
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Shortcut argument Removed successfully.
C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Shortcut argument Removed successfully.
C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Shortcut argument Removed successfully.
C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => Shortcut argument Removed successfully.
C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk => Shortcut argument Removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk => Shortcut argument Removed successfully.
C:\Users\Public\Desktop\Google Chrome.lnk => Shortcut argument Removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-3325632279-856947495-1742326175-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => value restored successfully
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => value restored successfully
C:\Program Files (x86)\4269711e-b00b-412b-9fd9-d13df3fdba78 => Moved successfully.
C:\Program Files (x86)\8d843763-d167-4df4-ab9a-d24ccbd91ac1 => Moved successfully.
C:\Program Files (x86)\globalUpdate => Moved successfully.
C:\Program Files (x86)\YouTube Accelerator => Moved successfully.
C:\ProgramData\TEMP => Moved successfully.
"C:\Users\Administrator\AppData\Local\F5A708FF-1432679338-11E3-9673-CE39E75C1B10" => File/Folder not found.
C:\Users\Administrator\AppData\Local\globalUpdate => Moved successfully.
C:\Users\Administrator\Downloads\Virtual WiFi Router 3.0.1.2 Setup.exe => Moved successfully.
C:\Users\Public\Documents\GOOBZO => Moved successfully.
could not remove "C:\Users\admin.p" => Scheduled to remove on reboot.
"C:\Users\lol" => File/Folder not found.
Mobile Partner. RunOuc service was disabled

=========  netsh advfirewall reset =========

Ok.


========= End of CMD: =========


=========  netsh winsock reset =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========

EmptyTemp: => Removed 793.4 MB temporary data.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-05-27 17:44:29)<=

C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => Moved successfully
C:\Users\admin.p => Removed successfully

==== End of Fixlog 17:48:15 ====