Fix result of Farbar Recovery Scan Tool (x64) Version:18-05-2016 Ran by adam (2016-05-19 23:55:45) Run:1 Running from D:\FRST64 Loaded Profiles: UpdatusUser & adam (Available Profiles: UpdatusUser & adam) Boot Mode: Normal ============================================== fixlist content: ***************** CloseProcesses: CreateRestorePoint: RemoveProxy: R2 PrivoxyService; C:\Program Files (x86)\Softcomp Software\privoxy.exe [371200 2015-06-02] (The Privoxy team - www.privoxy.org) [File not signed] <==== ATTENTION Task: {7F537B1F-A2B4-4B56-BC74-F7C9FFD0F728} - System32\Tasks\Softcomp Software Viewer => C:\Program Files (x86)\Softcomp Software\swjob.exe [2015-06-02] (SecureSoft) <==== ATTENTION U3 tmlwf; no ImagePath U3 tmwfp; no ImagePath HKU\S-1-5-21-3595127932-1541083318-131603667-1001\...\Run: [AdobeBridge] => [X] HKLM\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-3595127932-1541083318-131603667-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki SearchScopes: HKU\S-1-5-21-3595127932-1541083318-131603667-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3595127932-1541083318-131603667-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3595127932-1541083318-131603667-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = SearchScopes: HKU\S-1-5-21-3595127932-1541083318-131603667-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = Toolbar: HKU\S-1-5-21-3595127932-1541083318-131603667-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File FF Homepage: hxxp://www.interia.pl/#utm_source=instalki1&utm_medium=installer&utm_campaign=instalki1&iwa_source=installer_instalki FF NetworkProxy: "type", 5 FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-12-10] DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher C:\Program Files (x86)\Mozilla Firefox\distribution C:\Program Files (x86)\Softcomp Software C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk C:\Users\adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk C:\Users\adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url C:\Users\adam\Desktop\shorts\ControlDeck.lnk C:\Users\adam\Desktop\shorts\Splendid Utility.Lnk C:\Users\adam\Desktop\shorts\syncables desktop SE.lnk C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk C:\Users\UpdatusUser\Desktop\Warcraft III.lnk CMD: netsh advfirewall reset EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. ========= RemoveProxy: ========= HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => value removed successfully HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully HKU\S-1-5-21-3595127932-1541083318-131603667-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully HKU\S-1-5-21-3595127932-1541083318-131603667-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully HKU\S-1-5-21-3595127932-1541083318-131603667-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\S-1-5-21-3595127932-1541083318-131603667-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully ========= End of RemoveProxy: ========= PrivoxyService => service removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F537B1F-A2B4-4B56-BC74-F7C9FFD0F728} => key not found. C:\Windows\System32\Tasks\Softcomp Software Viewer => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Softcomp Software Viewer" => key removed successfully tmlwf => service removed successfully tmwfp => service removed successfully HKU\S-1-5-21-3595127932-1541083318-131603667-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Setwallpaper => value removed successfully HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully HKU\S-1-5-21-3595127932-1541083318-131603667-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully HKU\S-1-5-21-3595127932-1541083318-131603667-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully "HKU\S-1-5-21-3595127932-1541083318-131603667-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. "HKU\S-1-5-21-3595127932-1541083318-131603667-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" => key removed successfully HKCR\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => key not found. "HKU\S-1-5-21-3595127932-1541083318-131603667-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => key removed successfully HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found. HKU\S-1-5-21-3595127932-1541083318-131603667-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value removed successfully HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => key not found. Firefox "homepage" removed successfully Firefox Proxy settings were reset. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\sp@avast.com => value removed successfully "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => key removed successfully Could not move "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx" => Scheduled to move on reboot. HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher => key removed successfully C:\Program Files (x86)\Mozilla Firefox\distribution => moved successfully C:\Program Files (x86)\Softcomp Software => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III => moved successfully C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => moved successfully C:\Users\adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => moved successfully C:\Users\adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url => moved successfully C:\Users\adam\Desktop\shorts\ControlDeck.lnk => moved successfully C:\Users\adam\Desktop\shorts\Splendid Utility.Lnk => moved successfully C:\Users\adam\Desktop\shorts\syncables desktop SE.lnk => moved successfully C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => moved successfully C:\Users\UpdatusUser\Desktop\Warcraft III.lnk => moved successfully ========= netsh advfirewall reset ========= Ok. ========= End of CMD: ========= EmptyTemp: => 1.1 GB temporary data Removed. Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-05-20 00:01:17) "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx" => Could not move ==== End of Fixlog 00:01:17 ====