Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-01-2015 01 Ran by ADMIN at 2015-01-12 20:05:38 Run:2 Running from C:\Users\ADMIN\Desktop\FRST Loaded Profile: ADMIN (Available profiles: ADMIN & UpdatusUser & Edyta) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: CreateRestorePoint: HKU\S-1-5-21-2339661925-3291958849-1774368646-1000\...\MountPoints2: {6a42f142-1eb0-11e3-8f91-806e6f6e6963} - E:\setup.exe BootExecute: autocheck autochk * PCloudBroom.exe \systemroot\system32\BroomData.bit HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = Toolbar: HKU\S-1-5-21-2339661925-3291958849-1774368646-1000 -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No File CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - No Path S1 A2DDA; \??\C:\USERS\ADMIN\DESKTOP\EEK\BIN\a2ddax86.sys [X] S3 cleanhlp; \??\C:\Users\ADMIN\Desktop\EEK\bin\cleanhlp32.sys [X] HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\81837042.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\81837042.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AQQ" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FlashPlayerUpdate" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched" /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. "HKU\S-1-5-21-2339661925-3291958849-1774368646-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a42f142-1eb0-11e3-8f91-806e6f6e6963}" => Key deleted successfully. HKCR\CLSID\{6a42f142-1eb0-11e3-8f91-806e6f6e6963} => Key not found. HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully. HKU\S-1-5-21-2339661925-3291958849-1774368646-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{71576546-354D-41C9-AAE8-31F2EC22BF0D} => value deleted successfully. "HKCR\CLSID\{71576546-354D-41C9-AAE8-31F2EC22BF0D}" => Key deleted successfully. "HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj" => Key deleted successfully. A2DDA => Service deleted successfully. cleanhlp => Service deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\81837042.sys" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\81837042.sys" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\CleanHlp" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys" => Key deleted successfully. ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AQQ" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FlashPlayerUpdate" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= EmptyTemp: => Removed 229.9 MB temporary data. The system needed a reboot. ==== End of Fixlog 20:06:39 ====