Fix result of Farbar Recovery Scan Tool (x64) Version: 24-05-2017 Ran by Gulek (25-05-2017 18:48:27) Run:1 Running from C:\Users\Gulek\Desktop\Nowy folder Loaded Profiles: Gulek (Available Profiles: Gulek & DefaultAppPool) Boot Mode: Normal ============================================== fixlist content: ***************** Task: {18AE229F-90CA-42C2-BE78-18579A738557} - \{5184F9DF-6D77-4FC1-87EB-435B41D3061F} -> No File <==== ATTENTION Task: {25BBB072-C9F3-4C83-8BEB-AA89875BB081} - \{E899CB0F-3D13-4E1F-95FF-EC10916D46A8} -> No File <==== ATTENTION Task: {6E52E24D-C445-4F53-8E63-2CDB6456A705} - \{F7B90C1D-352E-496F-BCCF-54A121DD7231} -> No File <==== ATTENTION Task: {B181AE0C-0CA8-43EF-A855-455EACFD542B} - \{26CAFE0E-7B53-4A47-B7C3-B987BF4F11AC} -> No File <==== ATTENTION HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\MountPoints2: F - F:\autorun.exe HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\MountPoints2: L - L:\Setup.exe HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\MountPoints2: {16fa681b-1750-11e5-91e9-00c2c60ec8cd} - F:\autorun.exe HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\MountPoints2: {16fa682a-1750-11e5-91e9-00c2c60ec8cd} - E:\setup.exe HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\MountPoints2: {235ccd98-0056-11e5-808e-00c2c60ec8cd} - L:\Setup.exe HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\MountPoints2: {4f378167-d113-11e6-82f5-00c2c60ec8cd} - E:\HiSuiteDownLoader.exe HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\MountPoints2: {7793c0ce-7358-11e5-99f7-00c2c60ec8cd} - H:\setup.exe HKU\S-1-5-21-3358588553-51344018-1733655914-1000\...\MountPoints2: {b1d4e59d-c215-11e6-a270-00c2c60ec8cd} - E:\HiSuiteDownLoader.exe CHR HomePage: ChromeDefaultData -> hxxp://www.istartsurf.com/?type=sy&ts=1432298350&z=1b7e14261a30cda3757f9dbg7zdcboaoatbbcc1w9m&from=smt&uid=ST1000LM014-SSHD-8GB_W380XD11XXXXW380XD11 CHR StartupUrls: ChromeDefaultData -> "hxxp://www.trotux.com/?z=get_error&from=ftp&uid=ST1000LM014-SSHD-8GB_W380XD11XXXXW380XD11&type=hp" CHR Profile: C:\Users\Gulek\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-05-24] <==== ATTENTION CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X] S3 BT; system32\DRIVERS\btnetdrv.sys [X] S3 BTCOM; system32\DRIVERS\btcomport.sys [X] S3 Btcsrusb; System32\Drivers\btcusb.sys [X] S3 IvtComBusSrv; System32\Drivers\btcombus.sys [X] EmptyTemp: ***************** HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18AE229F-90CA-42C2-BE78-18579A738557} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18AE229F-90CA-42C2-BE78-18579A738557} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5184F9DF-6D77-4FC1-87EB-435B41D3061F} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25BBB072-C9F3-4C83-8BEB-AA89875BB081} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25BBB072-C9F3-4C83-8BEB-AA89875BB081} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E899CB0F-3D13-4E1F-95FF-EC10916D46A8} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E52E24D-C445-4F53-8E63-2CDB6456A705} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E52E24D-C445-4F53-8E63-2CDB6456A705} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F7B90C1D-352E-496F-BCCF-54A121DD7231} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B181AE0C-0CA8-43EF-A855-455EACFD542B} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B181AE0C-0CA8-43EF-A855-455EACFD542B} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{26CAFE0E-7B53-4A47-B7C3-B987BF4F11AC} => key removed successfully HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully HKU\S-1-5-21-3358588553-51344018-1733655914-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => key removed successfully HKU\S-1-5-21-3358588553-51344018-1733655914-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\L => key removed successfully HKU\S-1-5-21-3358588553-51344018-1733655914-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{16fa681b-1750-11e5-91e9-00c2c60ec8cd} => key removed successfully HKCR\CLSID\{16fa681b-1750-11e5-91e9-00c2c60ec8cd} => key not found. HKU\S-1-5-21-3358588553-51344018-1733655914-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{16fa682a-1750-11e5-91e9-00c2c60ec8cd} => key removed successfully HKCR\CLSID\{16fa682a-1750-11e5-91e9-00c2c60ec8cd} => key not found. HKU\S-1-5-21-3358588553-51344018-1733655914-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{235ccd98-0056-11e5-808e-00c2c60ec8cd} => key removed successfully HKCR\CLSID\{235ccd98-0056-11e5-808e-00c2c60ec8cd} => key not found. HKU\S-1-5-21-3358588553-51344018-1733655914-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f378167-d113-11e6-82f5-00c2c60ec8cd} => key removed successfully HKCR\CLSID\{4f378167-d113-11e6-82f5-00c2c60ec8cd} => key not found. HKU\S-1-5-21-3358588553-51344018-1733655914-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7793c0ce-7358-11e5-99f7-00c2c60ec8cd} => key removed successfully HKCR\CLSID\{7793c0ce-7358-11e5-99f7-00c2c60ec8cd} => key not found. HKU\S-1-5-21-3358588553-51344018-1733655914-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1d4e59d-c215-11e6-a270-00c2c60ec8cd} => key removed successfully HKCR\CLSID\{b1d4e59d-c215-11e6-a270-00c2c60ec8cd} => key not found. Chrome HomePage => removed successfully Chrome StartupUrls => removed successfully C:\Users\Gulek\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => key removed successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => key not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => key not found. HKLM\System\CurrentControlSet\Services\BlueletAudio => key removed successfully BlueletAudio => service removed successfully HKLM\System\CurrentControlSet\Services\BT => key removed successfully BT => service removed successfully HKLM\System\CurrentControlSet\Services\BTCOM => key removed successfully BTCOM => service removed successfully HKLM\System\CurrentControlSet\Services\Btcsrusb => key removed successfully Btcsrusb => service removed successfully HKLM\System\CurrentControlSet\Services\IvtComBusSrv => key removed successfully IvtComBusSrv => service removed successfully =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 51266401 B Java, Flash, Steam htmlcache => 368908325 B Windows/system/drivers => 411960 B Edge => 0 B Chrome => 0 B Firefox => 17520594 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 128 B systemprofile32 => 128 B LocalService => 0 B NetworkService => 0 B Gulek => 190739154 B UpdatusUser => 0 B DefaultAppPool => 0 B RecycleBin => 2317206554 B EmptyTemp: => 2.8 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 18:48:45 ====