Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-01-2015 Ran by Lenovo at 2015-01-28 22:41:41 Run:1 Running from C:\Users\Lenovo\Downloads Loaded Profiles: UpdatusUser & Lenovo (Available profiles: UpdatusUser & Lenovo & DefaultAppPool) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: CreateRestorePoint: CustomCLSID: HKU\S-1-5-21-1795135361-112343103-1123866960-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File CustomCLSID: HKU\S-1-5-21-1795135361-112343103-1123866960-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File CustomCLSID: HKU\S-1-5-21-1795135361-112343103-1123866960-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File CustomCLSID: HKU\S-1-5-21-1795135361-112343103-1123866960-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com SearchScopes: HKU\S-1-5-21-1795135361-112343103-1123866960-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X] S2 Update Dynamo Combo; "C:\Program Files (x86)\Dynamo Combo\updateDynamoCombo.exe" [X] Task: {2A5E4F67-106F-42B0-892C-B35A50150AB0} - System32\Tasks\{0ED9FC55-019F-4E50-AB08-9107FFAEA583} => pcalua.exe -a "D:\Gry\The Sims 4\__Installer\vp6\vp6install.exe" -d "D:\Gry\The Sims 4\__Installer\vp6" Task: {4198A5C1-05BC-4F61-86E5-ED359800C1A1} - System32\Tasks\{A2EE0C25-E6D3-4652-81F0-0599D18493D4} => pcalua.exe -a "C:\Program Files (x86)\LTC\LTspiceIV\scad3.exe" -c -uninstall Task: {42C9E47E-A752-430A-92F7-39B32B36B989} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe Task: {B4775489-6520-4C7C-8395-AE92172A4A8E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-03-04] (RealNetworks, Inc.) FF Plugin HKU\S-1-5-21-1795135361-112343103-1123866960-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File C:\Program Files (x86)\Mozilla Firefox\plugins C:\Program Files (x86)\IObit C:\ProgramData\IObit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UDS C:\Users\Lenovo\AppData\Roaming\Microsoft\Excel\fiz304220234029583876\fiz.xlsx.lnk C:\Users\Lenovo\Downloads\*(*)-dp*.exe C:\Users\UpdatusUser\Desktop\Texmaker.lnk Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid" /f Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. "HKU\S-1-5-21-1795135361-112343103-1123866960-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => Key deleted successfully. "HKU\S-1-5-21-1795135361-112343103-1123866960-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => Key deleted successfully. "HKU\S-1-5-21-1795135361-112343103-1123866960-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => Key deleted successfully. "HKU\S-1-5-21-1795135361-112343103-1123866960-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" => Key deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt1"" => Key deleted successfully. HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Key not found. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt2"" => Key deleted successfully. HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Key not found. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt3"" => Key deleted successfully. "HKCR\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" => Key deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt4"" => Key deleted successfully. "HKCR\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" => Key deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt5"" => Key deleted successfully. HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Key not found. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt6"" => Key deleted successfully. "HKCR\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" => Key deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt7"" => Key deleted successfully. HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Key not found. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt8"" => Key deleted successfully. "HKCR\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" => Key deleted successfully. C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKU\S-1-5-21-1795135361-112343103-1123866960-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found. EagleX64 => Service deleted successfully. WinRing0_1_2_0 => Service deleted successfully. Update Dynamo Combo => Service deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2A5E4F67-106F-42B0-892C-B35A50150AB0}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A5E4F67-106F-42B0-892C-B35A50150AB0}" => Key deleted successfully. C:\Windows\System32\Tasks\{0ED9FC55-019F-4E50-AB08-9107FFAEA583} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0ED9FC55-019F-4E50-AB08-9107FFAEA583}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4198A5C1-05BC-4F61-86E5-ED359800C1A1}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4198A5C1-05BC-4F61-86E5-ED359800C1A1}" => Key deleted successfully. C:\Windows\System32\Tasks\{A2EE0C25-E6D3-4652-81F0-0599D18493D4} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A2EE0C25-E6D3-4652-81F0-0599D18493D4}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{42C9E47E-A752-430A-92F7-39B32B36B989}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42C9E47E-A752-430A-92F7-39B32B36B989}" => Key deleted successfully. C:\Windows\System32\Tasks\Game_Booster_AutoUpdate => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Game_Booster_AutoUpdate" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4775489-6520-4C7C-8395-AE92172A4A8E}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4775489-6520-4C7C-8395-AE92172A4A8E}" => Key deleted successfully. C:\Windows\System32\Tasks\Java Update Scheduler => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Java Update Scheduler" => Key deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\TkBellExe => value deleted successfully. "HKU\S-1-5-21-1795135361-112343103-1123866960-1001\Software\MozillaPlugins\ubisoft.com/uplaypc" => Key deleted successfully. C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll not found. C:\Program Files (x86)\Mozilla Firefox\plugins => Moved successfully. C:\Program Files (x86)\IObit => Moved successfully. C:\ProgramData\IObit => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker => Moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UDS => Moved successfully. "C:\Users\Lenovo\AppData\Roaming\Microsoft\Excel\fiz304220234029583876\fiz.xlsx.lnk" => File/Directory not found. C:\Users\Lenovo\Downloads\*(*)-dp*.exe => Moved successfully. C:\Users\UpdatusUser\Desktop\Texmaker.lnk => Moved successfully. ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iLivid" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= EmptyTemp: => Removed 1.5 GB temporary data. The system needed a reboot. ==== End of Fixlog 22:42:15 ====