Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015 Ran by Artur19E68 at 2015-06-20 20:52:56 Run:1 Running from C:\Users\Artur19E68\Desktop\Logi Loaded Profiles: Artur19E68 (Available Profiles: Artur19E68) Boot Mode: Normal ============================================== fixlist content: ***************** CloseProcesses: CreateRestorePoint: CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1166034103-2044418019-3407044678-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1166034103-2044418019-3407044678-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\S-1-5-21-1166034103-2044418019-3407044678-1000 -> DefaultScope {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S4 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1509320 2015-05-30] (GOOBZO) Task: {18351A95-C6FB-4B0E-8160-D1025803A7DB} - \ASP No Task File <==== ATTENTION Task: {2213EF14-772A-46DA-AAB6-F49EAA9D3C71} - \ShopperProJSUpd No Task File <==== ATTENTION Task: {2CC37559-56B8-4DDB-890A-309F3D4C5BD9} - \SmartWeb Upgrade Trigger Task No Task File <==== ATTENTION Task: {3EA784C1-33CB-4772-89C5-3ABE52B27F88} - System32\Tasks\{8AAD4043-004A-469F-B853-FF97D7CC4A10} => pcalua.exe -a C:\Users\Artur19E68\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=squadm Task: {8957C5E4-EF1C-4E64-8E38-28401954BA65} - System32\Tasks\YTAUpdate => C:\Program Files (x86)\YouTube Accelerator\Updater.exe [2015-05-30] (Goobzo) <==== ATTENTION Task: {CD62D989-46BF-40C4-8CC1-04EBD491E823} - \SPDriver No Task File <==== ATTENTION Task: {D0AA78CD-7397-4EF6-B0E4-D2FC5D26702E} - \ShopperPro No Task File <==== ATTENTION C:\Program Files (x86)\YouTube Accelerator C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. "HKLM\SOFTWARE\Policies\Google" => key removed successfully "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully "HKU\S-1-5-21-1166034103-2044418019-3407044678-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value removed successfully HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully HKU\S-1-5-21-1166034103-2044418019-3407044678-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully HKU\S-1-5-21-1166034103-2044418019-3407044678-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully catchme => Service removed successfully VGPU => Service removed successfully YouTubeAcceleratorService => Service removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{18351A95-C6FB-4B0E-8160-D1025803A7DB}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18351A95-C6FB-4B0E-8160-D1025803A7DB}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASP" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2213EF14-772A-46DA-AAB6-F49EAA9D3C71}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2213EF14-772A-46DA-AAB6-F49EAA9D3C71}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperProJSUpd" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CC37559-56B8-4DDB-890A-309F3D4C5BD9}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CC37559-56B8-4DDB-890A-309F3D4C5BD9}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3EA784C1-33CB-4772-89C5-3ABE52B27F88}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EA784C1-33CB-4772-89C5-3ABE52B27F88}" => key removed successfully C:\Windows\System32\Tasks\{8AAD4043-004A-469F-B853-FF97D7CC4A10} => moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8AAD4043-004A-469F-B853-FF97D7CC4A10}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8957C5E4-EF1C-4E64-8E38-28401954BA65}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8957C5E4-EF1C-4E64-8E38-28401954BA65}" => key removed successfully C:\Windows\System32\Tasks\YTAUpdate => moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTAUpdate" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CD62D989-46BF-40C4-8CC1-04EBD491E823}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD62D989-46BF-40C4-8CC1-04EBD491E823}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPDriver" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0AA78CD-7397-4EF6-B0E4-D2FC5D26702E}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0AA78CD-7397-4EF6-B0E4-D2FC5D26702E}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperPro" => key removed successfully C:\Program Files (x86)\YouTube Accelerator => moved successfully. "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator" => File/Folder not found. EmptyTemp: => 757.8 MB temporary data Removed. The system needed a reboot.. ==== End of Fixlog 20:53:42 ====