Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015 Ran by Acer at 2015-04-01 07:39:01 Run:1 Running from C:\Users\Acer\Desktop\Clean Loaded Profiles: Acer (Available profiles: Acer) Boot Mode: Normal ============================================== Content of fixlist: ***************** Task: {0468BAC2-894E-413F-8FF0-A82AE61F22AC} - System32\Tasks\SPBIW_UpdateTask_Time_323633323531303231352d344a414155342a2a236c6c5a => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ATTENTION C:\ProgramData\ShopperPro Task: {477F8897-DCA5-4AF6-B6FD-48D6DB9ADEFB} - System32\Tasks\{8EEC7BDB-B69F-476E-91C6-A6AF8FBDA7C5} => pcalua.exe -a "C:\Program Files\YouTube Accelerator\YTAUninstall.exe" C:\Program Files\YouTube Accelerator Task: {8C721B13-32D4-402D-8A8B-E84BEB4AF4B7} - System32\Tasks\GFXWRHAD => C:\Users\Acer\AppData\Roaming\GFXWRHAD.exe <==== ATTENTION C:\Users\Acer\AppData\Roaming\GFXWRHAD.exe Task: {B9E439CF-81E0-4676-B5BC-8293FE14B0C0} - System32\Tasks\XSQFBT => C:\Users\Acer\AppData\Roaming\XSQFBT.exe <==== ATTENTION C:\Users\Acer\AppData\Roaming\XSQFBT.exe Task: {E4AA6030-1E43-48E2-9F72-1D216F270410} - System32\Tasks\YTAUpdate => C:\PROGRA~1\YOUTUB~1\Updater.exe <==== ATTENTION Task: C:\Windows\Tasks\12d6c2af-d25b-4e93-a355-4b2280c4a46c-1-6.job => C:\Program Files\GoHD\12d6c2af-d25b-4e93-a355-4b2280c4a46c-1-6.exe <==== ATTENTION Task: C:\Windows\Tasks\12d6c2af-d25b-4e93-a355-4b2280c4a46c-1-7.job => C:\Program Files\GoHD\12d6c2af-d25b-4e93-a355-4b2280c4a46c-1-7.exe <==== ATTENTION Task: C:\Windows\Tasks\12d6c2af-d25b-4e93-a355-4b2280c4a46c-10_user.job => C:\Program Files\GoHD\12d6c2af-d25b-4e93-a355-4b2280c4a46c-10.exe <==== ATTENTION Task: C:\Windows\Tasks\12d6c2af-d25b-4e93-a355-4b2280c4a46c-11.job => C:\Program Files\GoHD\12d6c2af-d25b-4e93-a355-4b2280c4a46c-11.exe <==== ATTENTION Task: C:\Windows\Tasks\12d6c2af-d25b-4e93-a355-4b2280c4a46c-4.job => C:\Program Files\GoHD\12d6c2af-d25b-4e93-a355-4b2280c4a46c-4.exe <==== ATTENTION Task: C:\Windows\Tasks\12d6c2af-d25b-4e93-a355-4b2280c4a46c-5.job => C:\Program Files\GoHD\12d6c2af-d25b-4e93-a355-4b2280c4a46c-5.exe <==== ATTENTION Task: C:\Windows\Tasks\12d6c2af-d25b-4e93-a355-4b2280c4a46c-5_user.job => C:\Program Files\GoHD\12d6c2af-d25b-4e93-a355-4b2280c4a46c-5.exe <==== ATTENTION Task: C:\Windows\Tasks\12d6c2af-d25b-4e93-a355-4b2280c4a46c-6.job => C:\Program Files\GoHD\12d6c2af-d25b-4e93-a355-4b2280c4a46c-6.exe <==== ATTENTION Task: C:\Windows\Tasks\12d6c2af-d25b-4e93-a355-4b2280c4a46c-7.job => C:\Program Files\GoHD\12d6c2af-d25b-4e93-a355-4b2280c4a46c-7.exe <==== ATTENTION Task: C:\Windows\Tasks\208aafe1-78bc-4f7b-a972-7c08a40c1a91-1.job => C:\Program Files\SensePlus\SensePlus-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\208aafe1-78bc-4f7b-a972-7c08a40c1a91-2.job => C:\Program Files\SensePlus\208aafe1-78bc-4f7b-a972-7c08a40c1a91-2.exe <==== ATTENTION Task: C:\Windows\Tasks\208aafe1-78bc-4f7b-a972-7c08a40c1a91-4.job => C:\Program Files\SensePlus\208aafe1-78bc-4f7b-a972-7c08a40c1a91-4.exe <==== ATTENTION Task: C:\Windows\Tasks\208aafe1-78bc-4f7b-a972-7c08a40c1a91-5.job => C:\Program Files\SensePlus\208aafe1-78bc-4f7b-a972-7c08a40c1a91-5.exe <==== ATTENTION Task: C:\Windows\Tasks\208aafe1-78bc-4f7b-a972-7c08a40c1a91-5_user.job => C:\Program Files\SensePlus\208aafe1-78bc-4f7b-a972-7c08a40c1a91-5.exe <==== ATTENTION Task: C:\Windows\Tasks\604196a1-9f5f-48e2-9c11-cb6cb22d19de-1-6.job => C:\Program Files\PlusHD Cinema 2.1cV03.02\604196a1-9f5f-48e2-9c11-cb6cb22d19de-1-6.exe <==== ATTENTION Task: C:\Windows\Tasks\604196a1-9f5f-48e2-9c11-cb6cb22d19de-1-7.job => C:\Program Files\PlusHD Cinema 2.1cV03.02\604196a1-9f5f-48e2-9c11-cb6cb22d19de-1-7.exe <==== ATTENTION Task: C:\Windows\Tasks\604196a1-9f5f-48e2-9c11-cb6cb22d19de-11.job => C:\Program Files\PlusHD Cinema 2.1cV03.02\604196a1-9f5f-48e2-9c11-cb6cb22d19de-11.exe <==== ATTENTION Task: C:\Windows\Tasks\604196a1-9f5f-48e2-9c11-cb6cb22d19de-4.job => C:\Program Files\PlusHD Cinema 2.1cV03.02\604196a1-9f5f-48e2-9c11-cb6cb22d19de-4.exe <==== ATTENTION Task: C:\Windows\Tasks\604196a1-9f5f-48e2-9c11-cb6cb22d19de-5.job => C:\Program Files\PlusHD Cinema 2.1cV03.02\604196a1-9f5f-48e2-9c11-cb6cb22d19de-5.exe <==== ATTENTION Task: C:\Windows\Tasks\604196a1-9f5f-48e2-9c11-cb6cb22d19de-5_user.job => C:\Program Files\PlusHD Cinema 2.1cV03.02\604196a1-9f5f-48e2-9c11-cb6cb22d19de-5.exe <==== ATTENTION Task: C:\Windows\Tasks\604196a1-9f5f-48e2-9c11-cb6cb22d19de-6.job => C:\Program Files\PlusHD Cinema 2.1cV03.02\604196a1-9f5f-48e2-9c11-cb6cb22d19de-6.exe <==== ATTENTION Task: C:\Windows\Tasks\604196a1-9f5f-48e2-9c11-cb6cb22d19de-7.job => C:\Program Files\PlusHD Cinema 2.1cV03.02\604196a1-9f5f-48e2-9c11-cb6cb22d19de-7.exe <==== ATTENTION C:\Program Files\PlusHD Cinema 2.1cV03.02 Task: C:\Windows\Tasks\GFXWRHAD.job => C:\Users\Acer\AppData\Roaming\GFXWRHAD.exe <==== ATTENTION Task: C:\Windows\Tasks\Price Fountain.job => C:\Users\Acer\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: C:\Windows\Tasks\XSQFBT.job => C:\Users\Acer\AppData\Roaming\XSQFBT.exe <==== ATTENTION GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f FF DefaultSearchEngine: webssearches FF SelectedSearchEngine: webssearches FF Extension: 158d7cb370394a758e0b3bd0a464edd2 - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\k8a17bfg.default\Extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2} [2015-01-31] FF Extension: No Name - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\k8a17bfg.default\extensions\fftoolbar2014@etech.com [Not Found] FF Extension: No Name - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\k8a17bfg.default\extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [Not Found] FF Extension: No Name - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\k8a17bfg.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [Not Found] FF Extension: No Name - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\k8a17bfg.default\extensions\OIBMBKA115048682@HYKFIU97176590.com [Not Found] FF Extension: No Name - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\k8a17bfg.default\extensions\e9d197d59f2f45f382b1aa5c14d82@8706aaed9b904554b5cb7984e9.com [Not Found] CHR Extension: (Solution Real) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gajmlbhaikobfinipefjoonopbfdkpcl [2015-02-01] CHR Extension: (No Name) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\idmleblnjffpliebomfhmbhimioibfjm [2015-02-03] OPR Extension: (GoHD) - C:\Users\Acer\AppData\Roaming\Opera Software\Opera Stable\Extensions\bokijhalndhhhikpnaniimagniglonke [2015-02-03] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] C:\Users\Acer\AppData\Local\nsa7183.tmp C:\Users\Acer\AppData\Local\nsoFE3.tmp C:\Users\Acer\AppData\Local\nsqDF26.tmp EmptyTemp: ***************** "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0468BAC2-894E-413F-8FF0-A82AE61F22AC}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0468BAC2-894E-413F-8FF0-A82AE61F22AC}" => Key deleted successfully. C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_323633323531303231352d344a414155342a2a236c6c5a => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_323633323531303231352d344a414155342a2a236c6c5a" => Key deleted successfully. "C:\ProgramData\ShopperPro" => File/Directory not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{477F8897-DCA5-4AF6-B6FD-48D6DB9ADEFB}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{477F8897-DCA5-4AF6-B6FD-48D6DB9ADEFB}" => Key deleted successfully. C:\Windows\System32\Tasks\{8EEC7BDB-B69F-476E-91C6-A6AF8FBDA7C5} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8EEC7BDB-B69F-476E-91C6-A6AF8FBDA7C5}" => Key deleted successfully. "C:\Program Files\YouTube Accelerator" => File/Directory not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8C721B13-32D4-402D-8A8B-E84BEB4AF4B7}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C721B13-32D4-402D-8A8B-E84BEB4AF4B7}" => Key deleted successfully. C:\Windows\System32\Tasks\GFXWRHAD => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GFXWRHAD" => Key deleted successfully. "C:\Users\Acer\AppData\Roaming\GFXWRHAD.exe" => File/Directory not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B9E439CF-81E0-4676-B5BC-8293FE14B0C0}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9E439CF-81E0-4676-B5BC-8293FE14B0C0}" => Key deleted successfully. C:\Windows\System32\Tasks\XSQFBT => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\XSQFBT" => Key deleted successfully. "C:\Users\Acer\AppData\Roaming\XSQFBT.exe" => File/Directory not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4AA6030-1E43-48E2-9F72-1D216F270410}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4AA6030-1E43-48E2-9F72-1D216F270410}" => Key deleted successfully. C:\Windows\System32\Tasks\YTAUpdate => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTAUpdate" => Key deleted successfully. C:\Windows\Tasks\12d6c2af-d25b-4e93-a355-4b2280c4a46c-1-6.job => Moved successfully. C:\Windows\Tasks\12d6c2af-d25b-4e93-a355-4b2280c4a46c-1-7.job => Moved successfully. C:\Windows\Tasks\12d6c2af-d25b-4e93-a355-4b2280c4a46c-10_user.job => Moved successfully. C:\Windows\Tasks\12d6c2af-d25b-4e93-a355-4b2280c4a46c-11.job => Moved successfully. C:\Windows\Tasks\12d6c2af-d25b-4e93-a355-4b2280c4a46c-4.job => Moved successfully. C:\Windows\Tasks\12d6c2af-d25b-4e93-a355-4b2280c4a46c-5.job => Moved successfully. C:\Windows\Tasks\12d6c2af-d25b-4e93-a355-4b2280c4a46c-5_user.job => Moved successfully. C:\Windows\Tasks\12d6c2af-d25b-4e93-a355-4b2280c4a46c-6.job => Moved successfully. C:\Windows\Tasks\12d6c2af-d25b-4e93-a355-4b2280c4a46c-7.job => Moved successfully. C:\Windows\Tasks\208aafe1-78bc-4f7b-a972-7c08a40c1a91-1.job => Moved successfully. C:\Windows\Tasks\208aafe1-78bc-4f7b-a972-7c08a40c1a91-2.job => Moved successfully. C:\Windows\Tasks\208aafe1-78bc-4f7b-a972-7c08a40c1a91-4.job => Moved successfully. C:\Windows\Tasks\208aafe1-78bc-4f7b-a972-7c08a40c1a91-5.job => Moved successfully. C:\Windows\Tasks\208aafe1-78bc-4f7b-a972-7c08a40c1a91-5_user.job => Moved successfully. C:\Windows\Tasks\604196a1-9f5f-48e2-9c11-cb6cb22d19de-1-6.job => Moved successfully. C:\Windows\Tasks\604196a1-9f5f-48e2-9c11-cb6cb22d19de-1-7.job => Moved successfully. C:\Windows\Tasks\604196a1-9f5f-48e2-9c11-cb6cb22d19de-11.job => Moved successfully. C:\Windows\Tasks\604196a1-9f5f-48e2-9c11-cb6cb22d19de-4.job => Moved successfully. C:\Windows\Tasks\604196a1-9f5f-48e2-9c11-cb6cb22d19de-5.job => Moved successfully. C:\Windows\Tasks\604196a1-9f5f-48e2-9c11-cb6cb22d19de-5_user.job => Moved successfully. C:\Windows\Tasks\604196a1-9f5f-48e2-9c11-cb6cb22d19de-6.job => Moved successfully. C:\Windows\Tasks\604196a1-9f5f-48e2-9c11-cb6cb22d19de-7.job => Moved successfully. "C:\Program Files\PlusHD Cinema 2.1cV03.02" => File/Directory not found. C:\Windows\Tasks\GFXWRHAD.job => Moved successfully. C:\Windows\Tasks\Price Fountain.job => Moved successfully. C:\Windows\Tasks\XSQFBT.job => Moved successfully. C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. ========= reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= Firefox DefaultSearchEngine deleted successfully. Firefox SelectedSearchEngine deleted successfully. C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\k8a17bfg.default\Extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2} => Moved successfully. C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\k8a17bfg.default\extensions\fftoolbar2014@etech.com => not found. C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\k8a17bfg.default\extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} => not found. C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\k8a17bfg.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} => not found. C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\k8a17bfg.default\extensions\OIBMBKA115048682@HYKFIU97176590.com => not found. C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\k8a17bfg.default\extensions\e9d197d59f2f45f382b1aa5c14d82@8706aaed9b904554b5cb7984e9.com => not found. C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gajmlbhaikobfinipefjoonopbfdkpcl => Moved successfully. C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\idmleblnjffpliebomfhmbhimioibfjm => Moved successfully. C:\Users\Acer\AppData\Roaming\Opera Software\Opera Stable\Extensions\bokijhalndhhhikpnaniimagniglonke => Moved successfully. Synth3dVsc => Service deleted successfully. tsusbhub => Service deleted successfully. VGPU => Service deleted successfully. C:\Users\Acer\AppData\Local\nsa7183.tmp => Moved successfully. C:\Users\Acer\AppData\Local\nsoFE3.tmp => Moved successfully. C:\Users\Acer\AppData\Local\nsqDF26.tmp => Moved successfully. EmptyTemp: => Removed 2.5 GB temporary data. The system needed a reboot. ==== End of Fixlog 07:39:36 ====