Fix result of Farbar Recovery Scan Tool (x64) Version:19-08-2015 Ran by Brave (2015-08-19 22:59:37) Run:1 Running from C:\Users\Brave\Desktop\FRST Loaded Profiles: Brave (Available Profiles: Brave) Boot Mode: Normal ============================================== fixlist content: ***************** HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-2195184045-3265951034-2981680463-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION SearchScopes: HKU\S-1-5-21-2195184045-3265951034-2981680463-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=2&src=sp&cf=3e30cbc9-dcc1-11e1-950c-b482fe52c840&q={searchTerms} SearchScopes: HKU\S-1-5-21-2195184045-3265951034-2981680463-1000 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} SearchScopes: HKU\S-1-5-21-2195184045-3265951034-2981680463-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=2&src=sp&cf=3e30cbc9-dcc1-11e1-950c-b482fe52c840&q={searchTerms} BHO-x32: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> No File Toolbar: HKU\S-1-5-21-2195184045-3265951034-2981680463-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File CHR HKLM-x32\...\Chrome\Extension: [pbiamblgmkgbcgbcgejjgebalncpmhnp] - S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 nmwcdcx64; system32\drivers\ccdcmbox64.sys [X] S3 nmwcdx64; system32\drivers\ccdcmbx64.sys [X] S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X] S3 upperdev; system32\DRIVERS\usbser_lowerfltx64.sys [X] S3 UsbserFilt; system32\DRIVERS\usbser_lowerfltx64j.sys [X] S3 X6va003; \??\C:\Users\Brave\AppData\Local\Temp\00358F8.tmp [X] Task: {75864C43-5BF1-40D0-A4E2-789C9CBEDF86} - System32\Tasks\{DC99E662-1431-40D0-B629-257EB54CB8F8} => pcalua.exe -a D:\GRY\Diablo-III-8370-plPL-Installer-downloader.exe -d D:\GRY EmptyTemp: ***************** "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully "HKU\S-1-5-21-2195184045-3265951034-2981680463-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully HKU\S-1-5-21-2195184045-3265951034-2981680463-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully HKU\S-1-5-21-2195184045-3265951034-2981680463-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\ToolbarSearchProviderProgress => value removed successfully "HKU\S-1-5-21-2195184045-3265951034-2981680463-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" => key removed successfully HKCR\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => key not found. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}" => key removed successfully "HKCR\Wow6432Node\CLSID\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}" => key removed successfully HKU\S-1-5-21-2195184045-3265951034-2981680463-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp" => key removed successfully catchme => service removed successfully nmwcdcx64 => service removed successfully nmwcdx64 => service removed successfully pccsmcfd => service removed successfully upperdev => service removed successfully UsbserFilt => service removed successfully X6va003 => service removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75864C43-5BF1-40D0-A4E2-789C9CBEDF86}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75864C43-5BF1-40D0-A4E2-789C9CBEDF86}" => key removed successfully C:\windows\System32\Tasks\{DC99E662-1431-40D0-B629-257EB54CB8F8} => moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DC99E662-1431-40D0-B629-257EB54CB8F8}" => key removed successfully EmptyTemp: => 572.6 MB temporary data Removed. The system needed a reboot.. ==== End of Fixlog 23:00:07 ====