Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 22-02-2015 Ran by Blysku at 2015-02-23 10:43:47 Run:1 Running from C:\Users\Blysku\Desktop Loaded Profiles: Blysku (Available profiles: Błysku & Blysku) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: CreateRestorePoint: HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220150217 HKU\S-1-5-21-859423121-132849420-3883132106-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220150217 BHO: No Name -> {c723a437-2eaf-466d-a95b-3fa0966bf88c} -> No File CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2014-12-09] CustomCLSID: HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path C:\Program Files\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce C:\ProgramData\McAfee C:\Users\Blysku\Downloads\adwcleaner*.exe C:\Users\Blysku\Downloads\wlsetup-web*.exe CMD: for /d %f in (C:\Users\Blysku\AppData\Local\{*}) do rd /s /q "%f" Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKU\S-1-5-21-859423121-132849420-3883132106-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c723a437-2eaf-466d-a95b-3fa0966bf88c}" => Key deleted successfully. HKCR\CLSID\{c723a437-2eaf-466d-a95b-3fa0966bf88c} => Key not found. "HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => Key deleted successfully. Could not move "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx" => Scheduled to move on reboot. "HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}" => Key deleted successfully. "HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}" => Key deleted successfully. "HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}" => Key deleted successfully. "HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}" => Key deleted successfully. "HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key deleted successfully. "HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}" => Key deleted successfully. "HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}" => Key deleted successfully. "HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}" => Key deleted successfully. "HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}" => Key deleted successfully. "HKU\S-1-5-21-859423121-132849420-3883132106-1001_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}" => Key deleted successfully. C:\Program Files\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce => Moved successfully. C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce => Moved successfully. C:\ProgramData\McAfee => Moved successfully. C:\Users\Blysku\Downloads\adwcleaner*.exe => Moved successfully. C:\Users\Blysku\Downloads\wlsetup-web*.exe => Moved successfully. ========= for /d %f in (C:\Users\Blysku\AppData\Local\{*}) do rd /s /q "%f" ========= ========= End of CMD: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= EmptyTemp: => Removed 344 MB temporary data. => Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-02-23 10:47:07)<= "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx" => File could not move. ==== End of Fixlog 10:47:07 ====