Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-09-2014 Ran by Domuś at 2014-09-23 19:35:42 Run:2 Running from C:\Czyszczenie Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: HKU\S-1-5-21-1826986473-2377712830-1707152965-1003\...\Run: [Yahoo! Search] => C:\Users\Domu[\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe HKU\S-1-5-21-1826986473-2377712830-1707152965-1003\...\Run: [Google Update] => "C:\Users\Domu[\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-1826986473-2377712830-1707152965-1003\...\Run: [Facebook Update] => "C:\Users\Domu[\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver URLSearchHook: HKCU - (No Name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No File SearchScopes: HKCU - DefaultScope {3FF696B6-923B-45A0-919D-29A329DA8E92} URL = http://rts.dsrlte.com/?q={searchTerms}&r=286 SearchScopes: HKCU - {3FF696B6-923B-45A0-919D-29A329DA8E92} URL = http://rts.dsrlte.com/?q={searchTerms}&r=286 CHR StartupUrls: Default -> "hxxp://rts.dsrlte.com", "hxxp://www.msn.com/?pc=AV01" CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CustomCLSID: HKU\S-1-5-21-1826986473-2377712830-1707152965-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Domuś\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-1826986473-2377712830-1707152965-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Domuś\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly /f Reg: reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search" /f ***************** Processes closed successfully. HKU\S-1-5-21-1826986473-2377712830-1707152965-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Yahoo! Search => value deleted successfully. HKU\S-1-5-21-1826986473-2377712830-1707152965-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully. HKU\S-1-5-21-1826986473-2377712830-1707152965-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} => value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3FF696B6-923B-45A0-919D-29A329DA8E92}" => Key not found. "HKCR\CLSID\{3FF696B6-923B-45A0-919D-29A329DA8E92}" => Key not found. Chrome StartupUrls deleted successfully. "HKCU\SOFTWARE\Policies\Google" => Error deleting key. The key could be protected. "HKU\S-1-5-21-1826986473-2377712830-1707152965-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Error deleting key. The key could be protected. "HKU\S-1-5-21-1826986473-2377712830-1707152965-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Error deleting key. The key could be protected. ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= The system needed a reboot. ==== End of Fixlog ====