Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-11-2014 01 Ran by bungar at 2014-11-11 10:55:43 Run:1 Running from C:\Users\bungar\Downloads Loaded Profile: bungar (Available profiles: bungar) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: R1 {75afa305-1b32-4464-a5e2-f606c80b73a4}Gw64; C:\Windows\System32\drivers\{75afa305-1b32-4464-a5e2-f606c80b73a4}Gw64.sys [48784 2014-11-09] (StdLib) R2 70e6ca8c; c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll [3113040 2014-11-09] () R2 Update BrowseStudio; C:\Program Files (x86)\BrowseStudio\updateBrowseStudio.exe [526064 2014-11-10] () R2 Util BrowseStudio; C:\Program Files (x86)\BrowseStudio\bin\utilBrowseStudio.exe [526064 2014-11-10] () HKU\S-1-5-21-743176339-2179438372-1338448093-1001\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [148048 2014-10-28] (PC Utilities Software Limited) HKU\S-1-5-21-743176339-2179438372-1338448093-1001\...\MountPoints2: {61c30387-6419-11e4-8256-b0104163d09a} - "G:\setup.exe" HKLM\...\Policies\Explorer: [NoControlPanel] 0 CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION Task: {920593E3-BE79-4B20-B1A2-7D51A361976C} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RCP\RegCleanPro.exe [2014-10-06] () <==== ATTENTION Task: {ACB16352-6B97-4250-BC28-B4C6C104C46F} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RCP\RegCleanPro.exe [2014-10-06] () <==== ATTENTION Task: {E103A4F8-7D53-4457-AD5E-2DD025CDD484} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RCP\RegCleanPro.exe [2014-10-06] () <==== ATTENTION Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RCP\RegCleanPro.exe <==== ATTENTION Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RCP\RegCleanPro.exe <==== ATTENTION HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220141109 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220141109 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220141109 BHO: savernet -> {dbe6eeb8-4e75-456e-9244-98a91f84863f} -> C:\ProgramData\savernet\DqwNJivpzSZ5Co.x64.dll () BHO-x32: BrowseStudio -> {1e9e0e98-4ab7-40b0-a0ce-69105c1b7c92} -> C:\Program Files (x86)\BrowseStudio\BrowseStudiobho.dll (BrowseStudio) BHO-x32: savernet -> {dbe6eeb8-4e75-456e-9244-98a91f84863f} -> C:\ProgramData\savernet\DqwNJivpzSZ5Co.dll () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro C:\Users\bungar\AppData\Roaming\WebExtend C:\Users\bungar\Downloads\DirectX*.exe C:\Users\bungar\Downloads\SoftonicDownloader*.exe C:\Windows\system32\roboot64.exe C:\Windows\system32\Drivers\{75afa305-1b32-4464-a5e2-f606c80b73a4}Gw64.sys Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Google /f Reg: reg query "HKLM\SOFTWARE\Clients\StartMenuInternet\OperaStable\shell\open\command" /s Folder: C:\Users\bungar\AppData\Roaming\Opera Software\Opera Stable\Extensions CMD: type "C:\Users\bungar\AppData\Roaming\Opera Software\Opera Stable\Preferences" EmptyTemp: ***************** Processes closed successfully. {75afa305-1b32-4464-a5e2-f606c80b73a4}Gw64 => Unable to stop service {75afa305-1b32-4464-a5e2-f606c80b73a4}Gw64 => Service deleted successfully. 70e6ca8c => Service deleted successfully. Update BrowseStudio => Service deleted successfully. Util BrowseStudio => Service deleted successfully. HKU\S-1-5-21-743176339-2179438372-1338448093-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Optimizer Pro => value deleted successfully. "HKU\S-1-5-21-743176339-2179438372-1338448093-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61c30387-6419-11e4-8256-b0104163d09a}" => Key deleted successfully. "HKCR\CLSID\{61c30387-6419-11e4-8256-b0104163d09a}" => Key not found. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{920593E3-BE79-4B20-B1A2-7D51A361976C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{920593E3-BE79-4B20-B1A2-7D51A361976C}" => Key deleted successfully. C:\Windows\System32\Tasks\RegClean Pro_DEFAULT => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_DEFAULT" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ACB16352-6B97-4250-BC28-B4C6C104C46F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACB16352-6B97-4250-BC28-B4C6C104C46F}" => Key deleted successfully. C:\Windows\System32\Tasks\RegClean Pro_UPDATES => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_UPDATES" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E103A4F8-7D53-4457-AD5E-2DD025CDD484}" => Key not found. C:\Windows\System32\Tasks\RegClean Pro => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro" => Key deleted successfully. C:\Windows\Tasks\RegClean Pro_DEFAULT.job => Moved successfully. C:\Windows\Tasks\RegClean Pro_UPDATES.job => Moved successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dbe6eeb8-4e75-456e-9244-98a91f84863f}" => Key deleted successfully. "HKCR\CLSID\{dbe6eeb8-4e75-456e-9244-98a91f84863f}" => Key deleted successfully. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1e9e0e98-4ab7-40b0-a0ce-69105c1b7c92}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{1e9e0e98-4ab7-40b0-a0ce-69105c1b7c92}" => Key deleted successfully. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dbe6eeb8-4e75-456e-9244-98a91f84863f}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{dbe6eeb8-4e75-456e-9244-98a91f84863f}" => Key deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro => Moved successfully. C:\Users\bungar\AppData\Roaming\WebExtend => Moved successfully. C:\Users\bungar\Downloads\DirectX*.exe => Moved successfully. C:\Users\bungar\Downloads\SoftonicDownloader*.exe => Moved successfully. C:\Windows\system32\roboot64.exe => Moved successfully. C:\Windows\system32\Drivers\{75afa305-1b32-4464-a5e2-f606c80b73a4}Gw64.sys => Moved successfully. ========= reg delete HKLM\SOFTWARE\Wow6432Node\Google /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg query "HKLM\SOFTWARE\Clients\StartMenuInternet\OperaStable\shell\open\command" /s ========= HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\OperaStable\shell\open\command (Default) REG_SZ "C:\Program Files (x86)\Opera\Launcher.exe" ========= End of Reg: ========= ========================= Folder: C:\Users\bungar\AppData\Roaming\Opera Software\Opera Stable\Extensions ======================== Directory Not Found ========= type "C:\Users\bungar\AppData\Roaming\Opera Software\Opera Stable\Preferences" ========= ========= End of CMD: ========= EmptyTemp: => Removed 421.4 MB temporary data. The system needed a reboot. ==== End of Fixlog ====