Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015 Ran by Jkrasnodebski at 2015-03-18 10:47:50 Run:2 Running from C:\Users\Jkrasnodebski\Desktop Loaded Profiles: Jkrasnodebski (Available profiles: UpdatusUser & Jkrasnodebski) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: CreateRestorePoint: HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-4264836577-1841705606-3099376491-1002\...\Run: [GoogleChromeAutoLaunch_98F6F8547EC45F51F9B053BC2DDC88CD] => "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window Startup: C:\Users\Jkrasnodebski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com SearchScopes: HKU\S-1-5-21-4264836577-1841705606-3099376491-1002 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKU\S-1-5-21-4264836577-1841705606-3099376491-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Task: {57F3414F-A3F4-47BC-9E02-CFED6DEE6745} - System32\Tasks\{D8511311-9911-45EB-8BC8-35C5F6353A2B} => pcalua.exe -a C:\Users\Jkrasnodebski\Downloads\bal1210001pl(2).exe -d C:\Users\Jkrasnodebski\Downloads Task: {5D154997-90B1-4DEC-9F2A-3B111AC48E1B} - System32\Tasks\{AA754580-0036-4C9F-A5E9-E9D346A6B003} => Iexplore.exe http://ui.skype.com/ui/0/6.2.0.106/pl/abandoninstall?source=lightinstaller&page=tsMain Task: {CA49D10C-0683-44D1-8ED5-F270248EA85C} - System32\Tasks\{DA280297-B5F1-4DF2-8314-B950DF687DC0} => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe Task: {EB1648A1-2873-43BA-9831-A0118DF9EF60} - System32\Tasks\{9BD0AECA-7611-46B9-8266-91A41F13FE51} => Iexplore.exe http://ui.skype.com/ui/0/6.6.0.106/pl/go/help.faq.installer?LastError=1601 Task: {F5EDD15B-3F9F-47FD-B315-A8A8F2A4D984} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" R3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-03-16] (Emsisoft GmbH) U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-03-16] () S3 cpuz134; \??\C:\Users\JKRASN~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S0 TfFsMon; system32\drivers\TfFsMon.sys [X] S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [X] S0 TfSysMon; system32\drivers\TfSysMon.sys [X] C:\Program Files (x86)\67604178-e27a-4913-a587-b0d37a0b8c9b C:\Program Files (x86)\Avira C:\Program Files (x86)\Doctor PC C:\ProgramData\Avira C:\ProgramData\Temp C:\Users\Jkrasnodebski\setup.exe C:\Users\Jkrasnodebski\AppData\Local\CrashRpt C:\Users\Jkrasnodebski\AppData\Local\{59BF1930-F63E-470F-84C3-B0CCF5AC7B14} C:\Users\Jkrasnodebski\AppData\Local\nsoD7AB.tmp C:\Users\Jkrasnodebski\AppData\Local\PDLSetup.*.txt C:\Users\Jkrasnodebski\AppData\Local\Google\Chrome\User Data\Default\Preferences C:\Users\Jkrasnodebski\AppData\Roaming\XREBYDPC C:\Users\Jkrasnodebski\AppData\Roaming\Doctor PC C:\Users\Jkrasnodebski\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Crossbrowse.lnk C:\Users\Jkrasnodebski\Documents\DoctorPC C:\Users\Public\Desktop\Crossbrowse.lnk C:\Users\Public\Documents\ShopperPro C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup C:\Windows\system32\BasementDusterOff.ini C:\Windows\System32\drivers\TrueSight.sys C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 C:\Windows\SysWOW64\BasementDusterOff.ini C:\Windows\SysWOW64\BDL.dll C:\Windows\SysWOW64\GroupPolicy\GPT.INI Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jkrasnodebski^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher: /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Babylon Client" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg" /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f CMD: netsh winsock reset EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value not found. HKU\S-1-5-21-4264836577-1841705606-3099376491-1002\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_98F6F8547EC45F51F9B053BC2DDC88CD => Value not found. C:\Users\Jkrasnodebski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk not found. "C:\Windows\system32\GroupPolicy\Machine" => File/Directory not found. HKLM\SOFTWARE\Policies\Google => Key not found. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKU\S-1-5-21-4264836577-1841705606-3099376491-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Value not found. HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found. HKU\S-1-5-21-4264836577-1841705606-3099376491-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value not found. HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57F3414F-A3F4-47BC-9E02-CFED6DEE6745} => Key not found. C:\Windows\System32\Tasks\{D8511311-9911-45EB-8BC8-35C5F6353A2B} not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D8511311-9911-45EB-8BC8-35C5F6353A2B} => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D154997-90B1-4DEC-9F2A-3B111AC48E1B} => Key not found. C:\Windows\System32\Tasks\{AA754580-0036-4C9F-A5E9-E9D346A6B003} not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AA754580-0036-4C9F-A5E9-E9D346A6B003} => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA49D10C-0683-44D1-8ED5-F270248EA85C} => Key not found. C:\Windows\System32\Tasks\{DA280297-B5F1-4DF2-8314-B950DF687DC0} not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DA280297-B5F1-4DF2-8314-B950DF687DC0} => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB1648A1-2873-43BA-9831-A0118DF9EF60} => Key not found. C:\Windows\System32\Tasks\{9BD0AECA-7611-46B9-8266-91A41F13FE51} not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9BD0AECA-7611-46B9-8266-91A41F13FE51} => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5EDD15B-3F9F-47FD-B315-A8A8F2A4D984} => Key not found. C:\Windows\System32\Tasks\Crossbrowse not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Crossbrowse => Key not found. HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => Key not found. HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => Key not found. HKLM\System\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => Key not found. HKLM\System\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => Key not found. cleanhlp => Service not found. TrueSight => Service not found. cpuz134 => Service not found. hwdatacard => Service not found. TfFsMon => Service not found. TfNetMon => Service not found. TfSysMon => Service not found. "C:\Program Files (x86)\67604178-e27a-4913-a587-b0d37a0b8c9b" => File/Directory not found. "C:\Program Files (x86)\Avira" => File/Directory not found. "C:\Program Files (x86)\Doctor PC" => File/Directory not found. "C:\ProgramData\Avira" => File/Directory not found. "C:\ProgramData\Temp" => File/Directory not found. "C:\Users\Jkrasnodebski\setup.exe" => File/Directory not found. "C:\Users\Jkrasnodebski\AppData\Local\CrashRpt" => File/Directory not found. "C:\Users\Jkrasnodebski\AppData\Local\{59BF1930-F63E-470F-84C3-B0CCF5AC7B14}" => File/Directory not found. "C:\Users\Jkrasnodebski\AppData\Local\nsoD7AB.tmp" => File/Directory not found. "C:\Users\Jkrasnodebski\AppData\Local\PDLSetup.*.txt" => File/Directory not found. "C:\Users\Jkrasnodebski\AppData\Local\Google\Chrome\User Data\Default\Preferences" => File/Directory not found. "C:\Users\Jkrasnodebski\AppData\Roaming\XREBYDPC" => File/Directory not found. "C:\Users\Jkrasnodebski\AppData\Roaming\Doctor PC" => File/Directory not found. "C:\Users\Jkrasnodebski\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Crossbrowse.lnk" => File/Directory not found. "C:\Users\Jkrasnodebski\Documents\DoctorPC" => File/Directory not found. "C:\Users\Public\Desktop\Crossbrowse.lnk" => File/Directory not found. "C:\Users\Public\Documents\ShopperPro" => File/Directory not found. "C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup" => File/Directory not found. "C:\Windows\system32\BasementDusterOff.ini" => File/Directory not found. "C:\Windows\System32\drivers\TrueSight.sys" => File/Directory not found. "C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7" => File/Directory not found. "C:\Windows\SysWOW64\BasementDusterOff.ini" => File/Directory not found. "C:\Windows\SysWOW64\BDL.dll" => File/Directory not found. "C:\Windows\SysWOW64\GroupPolicy\GPT.INI" => File/Directory not found. ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jkrasnodebski^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher: /f =========