Fix result of Farbar Recovery Scan Tool (x64) Version:20-08-2015 Ran by Studion (2015-08-20 13:39:46) Run:1 Running from C:\Users\Studion\Desktop Loaded Profiles: Studion (Available Profiles: Studion) Boot Mode: Normal ============================================== fixlist content: ***************** Task: {23D4EFF5-D749-46E6-9EF4-157D572E4C38} - System32\Tasks\{1E92400A-FD75-44A6-9D28-C5A63AC7A322} => pcalua.exe -a F:\Patch\imperialglory_vnnn_v11.exe -d F:\Patch Task: {69733A13-6193-4AE4-B3D6-36DDB219C2A8} - System32\Tasks\{321E83A8-54D9-4643-817C-9F9B584567D8} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe -c /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97} Task: {6B87A02A-9E68-48CD-8D56-0FFB39FE7C0B} - System32\Tasks\{08E0FBD4-B80B-4D2E-BBA9-D60B93CDB1C7} => pcalua.exe -a C:\Users\Studion\Desktop\sp52814.exe -d C:\Users\Studion\Desktop Task: {8CFC6B1C-BF32-4996-85D4-B87A9C8EE00D} - System32\Tasks\{E7F4CE25-8B6B-41D1-A637-572664741AFA} => pcalua.exe -a E:\start.exe -d E:\ Task: {BAE372AD-4223-462C-A1B0-C8AEB06765EE} - System32\Tasks\{7D01DC76-428C-4B39-9694-A6D238CB4D2E} => pcalua.exe -a C:\Users\Studion\Desktop\sp52814(1).exe -d C:\Users\Studion\Desktop HKU\S-1-5-21-3258366015-1162477691-122715158-1000\...\Run: [] => [X] HKU\S-1-5-21-3258366015-1162477691-122715158-1000\...\Run: [AdobeBridge] => [X] Reg: reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" /f Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [No File] S2 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [X] S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X] S3 btmaux; system32\DRIVERS\btmaux.sys [X] R3 cpuz136; \??\C:\Users\Studion\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires III\Age of Empires III w sieci.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires III\Age of Empires III.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires III\Czytaj to.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires III\Ensemble Studios w sieci.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk c:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Uninstall.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compare It!\Compare It!.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compare It!\Help.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMX Mod X\AMXx Studio.lnk EmptyTemp: ***************** "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23D4EFF5-D749-46E6-9EF4-157D572E4C38}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23D4EFF5-D749-46E6-9EF4-157D572E4C38}" => key removed successfully C:\Windows\System32\Tasks\{1E92400A-FD75-44A6-9D28-C5A63AC7A322} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1E92400A-FD75-44A6-9D28-C5A63AC7A322}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{69733A13-6193-4AE4-B3D6-36DDB219C2A8}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69733A13-6193-4AE4-B3D6-36DDB219C2A8}" => key removed successfully C:\Windows\System32\Tasks\{321E83A8-54D9-4643-817C-9F9B584567D8} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{321E83A8-54D9-4643-817C-9F9B584567D8}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B87A02A-9E68-48CD-8D56-0FFB39FE7C0B}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B87A02A-9E68-48CD-8D56-0FFB39FE7C0B}" => key removed successfully C:\Windows\System32\Tasks\{08E0FBD4-B80B-4D2E-BBA9-D60B93CDB1C7} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{08E0FBD4-B80B-4D2E-BBA9-D60B93CDB1C7}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CFC6B1C-BF32-4996-85D4-B87A9C8EE00D}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CFC6B1C-BF32-4996-85D4-B87A9C8EE00D}" => key removed successfully C:\Windows\System32\Tasks\{E7F4CE25-8B6B-41D1-A637-572664741AFA} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E7F4CE25-8B6B-41D1-A637-572664741AFA}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BAE372AD-4223-462C-A1B0-C8AEB06765EE}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAE372AD-4223-462C-A1B0-C8AEB06765EE}" => key removed successfully C:\Windows\System32\Tasks\{7D01DC76-428C-4B39-9694-A6D238CB4D2E} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7D01DC76-428C-4B39-9694-A6D238CB4D2E}" => key removed successfully HKU\S-1-5-21-3258366015-1162477691-122715158-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully HKU\S-1-5-21-3258366015-1162477691-122715158-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully ========= reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" /f ========= Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci. ========= End of Reg: ========= ========= reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully "HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => key removed successfully "HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2" => key removed successfully HP Health Check Service => service removed successfully BRDriver64_1_3_3_E02B25FC => service removed successfully btmaux => service removed successfully cpuz136 => Unable to stop service. cpuz136 => service removed successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires III\Age of Empires III w sieci.lnk => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires III\Age of Empires III.lnk => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires III\Czytaj to.lnk => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires III\Ensemble Studios w sieci.lnk => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk => moved successfully c:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Uninstall.lnk => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compare It!\Compare It!.lnk => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compare It!\Help.lnk => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMX Mod X\AMXx Studio.lnk => moved successfully EmptyTemp: => 2.3 GB temporary data Removed. The system needed a reboot.. ==== End of Fixlog 13:41:52 ====