Fix result of Farbar Recovery Scan Tool (x64) Version: 23-02-2017 01 Ran by mati (23-02-2017 20:58:38) Run:4 Running from C:\Users\mati\Desktop Loaded Profiles: mati (Available Profiles: mati & Guest) Boot Mode: Normal ============================================== fixlist content: ***************** CloseProcesses: CreateRestorePoint: Task: {06E0C46F-8B4E-4640-891E-8B67F72FA06A} - System32\Tasks\{34DB617D-A6FE-46D4-86B0-151A17894B9E} => pcalua.exe -a C:\Users\mati\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Docs\Portable.exe -d C:\Users\mati\AppData\Local\Temp\ir_ext_temp_0\ <==== ATTENTION Task: {77928148-9D44-401E-B36B-D712194AFC40} - System32\Tasks\{6F5F0A0D-1C9C-4AF7-BE33-05A0A6BD7B41} => pcalua.exe -a C:\Users\mati\AppData\Local\Temp\ir_ext_temp_1\AutoPlay\Docs\Portable.exe -d C:\Users\mati\AppData\Local\Temp\ir_ext_temp_1\ <==== ATTENTION HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-3372699847-3746653199-2843972665-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> No File BHO-x32: No Name -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> No File CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1401895204&from=cor&uid=SAMSUNGXHD103SJ_S246JD2Z909343" S3 aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys [X] S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06E0C46F-8B4E-4640-891E-8B67F72FA06A} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06E0C46F-8B4E-4640-891E-8B67F72FA06A} => key removed successfully C:\Windows\System32\Tasks\{34DB617D-A6FE-46D4-86B0-151A17894B9E} => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{34DB617D-A6FE-46D4-86B0-151A17894B9E} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77928148-9D44-401E-B36B-D712194AFC40} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77928148-9D44-401E-B36B-D712194AFC40} => key removed successfully C:\Windows\System32\Tasks\{6F5F0A0D-1C9C-4AF7-BE33-05A0A6BD7B41} => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6F5F0A0D-1C9C-4AF7-BE33-05A0A6BD7B41} => key removed successfully HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully HKU\S-1-5-21-3372699847-3746653199-2843972665-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} => key removed successfully HKCR\Wow6432Node\CLSID\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} => key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289} => key removed successfully HKCR\Wow6432Node\CLSID\{9FDDE16B-836F-4806-AB1F-1455CBEFF289} => key not found. Chrome StartupUrls => removed successfully HKLM\System\CurrentControlSet\Services\aswHdsKe => key removed successfully aswHdsKe => service removed successfully HKLM\System\CurrentControlSet\Services\FairplayKD => key removed successfully FairplayKD => service removed successfully HKLM\System\CurrentControlSet\Services\Synth3dVsc => key removed successfully Synth3dVsc => service removed successfully HKLM\System\CurrentControlSet\Services\tsusbhub => key removed successfully tsusbhub => service removed successfully HKLM\System\CurrentControlSet\Services\VGPU => key removed successfully VGPU => service removed successfully =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 62604658 B Java, Flash, Steam htmlcache => 506 B Windows/system/drivers => 8845438 B Edge => 0 B Chrome => 558705718 B Firefox => 29834865 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 128 B systemprofile32 => 432 B LocalService => 0 B NetworkService => 0 B mati => 270286457 B UpdatusUser => 0 B Guest => 5051869 B RecycleBin => 12395042 B EmptyTemp: => 911.8 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 20:59:42 ====