Fix result of Farbar Recovery Scan Tool (x64) Version:20-08-2015 Ran by Roland (2015-08-24 06:32:12) Run:4 Running from C:\Users\Roland\Desktop Loaded Profiles: Roland (Available Profiles: Roland & Leandro) Boot Mode: Normal ============================================== fixlist content: ***************** start CloseProcesses: Host: CreateRestorePoint: HKLM-x32\...\Run: [] => [X] HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKLM\...\Policies\Explorer: [NoFolderOptions] 0 ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File SearchScopes: HKLM-x32 -> DefaultScope {2DECF747-CAA0-4040-BE82-7995BE704FCD} URL = SearchScopes: HKU\S-1-5-21-1832894771-1512126686-778580116-1001 -> {80FF4E67-9F66-4531-BEF2-0D6B3834B140} URL = hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=APN11406&pf=V7&p2=%5EBBE%5EOSJ000%5EYY%5EAU&gct=&itbv=12.7.0.15&apn_uid=7CF1055A-120B-473A-9830-957EDF7BFBFD&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5EAU&apn_dbr=ie_10.0.9200.16736&doi=2013-11-26&trgb=IE&q={searchTerms}&psv= SearchScopes: HKU\S-1-5-21-1832894771-1512126686-778580116-1001 -> {AB1E37DA-99E2-440A-8D9E-63EB92BC74D0} URL = BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> No File BHO-x32: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> No File BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File Toolbar: HKU\S-1-5-21-1832894771-1512126686-778580116-1001 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Tcpip\..\Interfaces\{c3624dfc-78fc-44c9-bade-e19ae3b89dd2}: [DhcpNameServer] 61.9.194.49 61.9.195.193 FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006 FF Homepage: hxxps://www.google.com/?trackid=sp-006 FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006 FF Extension: Yahoo! Toolbar - C:\Users\Roland\AppData\Roaming\Mozilla\Firefox\Profiles\bzuobp64.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012-11-16] FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt U3 idsvc; no ImagePath S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] U3 idsvc; no ImagePath U3 wpcsvc; no ImagePath NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> No File 2013-12-19 23:19 - 2015-08-14 08:19 - 0000089 _____ () C:\Users\Roland\AppData\Roaming\WB.CFG CustomCLSID: HKU\S-1-5-21-1832894771-1512126686-778580116-1001_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\rdpencom.dll No File <==== ATTENTION Task: {1243C3F1-FEA4-4B96-8436-FCBA446D29E4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {38216CA4-2345-411D-AD66-350CAF166E59} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {41B549FD-F1F3-4A01-9C30-E9416978711D} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION Task: {68228499-C9A2-4B09-8EE2-7D1261AF12AD} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {70C8CE81-FB2F-46CD-A3E0-190537F5718A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {9E1227FA-3559-46E0-A82A-F3797ABBE331} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {A851EEC9-620C-43C8-9B1B-15744DC88B2C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {ACD32FC0-E74C-4B82-9309-E53D0C0BADC4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {AE7B750F-8F4D-481E-A804-352711BA698F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {B4CD7778-4977-4C5C-8194-AF4134102713} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {B7EA721B-D657-47E4-A0CB-DE869F4242E0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {F625181D-5A9B-4BA8-9424-5D593B91B2AD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION cmd: ipconfig /fluhsdns EmptyTemp: end ***************** Processes closed successfully. Host: => Error: No automatic fix found for this entry. Restore point was successfully created. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value not found. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value not found. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value not found. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1 => key not found. HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2 => key not found. HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3 => key not found. HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4 => key not found. HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully HKU\S-1-5-21-1832894771-1512126686-778580116-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80FF4E67-9F66-4531-BEF2-0D6B3834B140} => key not found. HKCR\CLSID\{80FF4E67-9F66-4531-BEF2-0D6B3834B140} => key not found. HKU\S-1-5-21-1832894771-1512126686-778580116-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AB1E37DA-99E2-440A-8D9E-63EB92BC74D0} => key not found. HKCR\CLSID\{AB1E37DA-99E2-440A-8D9E-63EB92BC74D0} => key not found. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => key not found. HKCR\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => key not found. HKCR\Wow6432Node\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => key not found. HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => key not found. HKU\S-1-5-21-1832894771-1512126686-778580116-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value not found. HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => key not found. HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c3624dfc-78fc-44c9-bade-e19ae3b89dd2}\\DhcpNameServer => value not found. Firefox DefaultSearchUrl removed successfully Firefox "homepage" removed successfully Firefox "Keyword.URL" removed successfully C:\Users\Roland\AppData\Roaming\Mozilla\Firefox\Profiles\bzuobp64.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} => not found. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\otis@digitalpersona.com => value not found. idsvc => service not found. wfpcapture => service not found. idsvc => service not found. wpcsvc => service not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs UserManager not found. "C:\Users\Roland\AppData\Roaming\WB.CFG" => File/Folder not found. HKU\S-1-5-21-1832894771-1512126686-778580116-1001_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1243C3F1-FEA4-4B96-8436-FCBA446D29E4} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38216CA4-2345-411D-AD66-350CAF166E59} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41B549FD-F1F3-4A01-9C30-E9416978711D} => key not found. C:\WINDOWS\System32\Tasks\0 not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0 => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68228499-C9A2-4B09-8EE2-7D1261AF12AD} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70C8CE81-FB2F-46CD-A3E0-190537F5718A} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E1227FA-3559-46E0-A82A-F3797ABBE331} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A851EEC9-620C-43C8-9B1B-15744DC88B2C} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACD32FC0-E74C-4B82-9309-E53D0C0BADC4} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE7B750F-8F4D-481E-A804-352711BA698F} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4CD7778-4977-4C5C-8194-AF4134102713} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7EA721B-D657-47E4-A0CB-DE869F4242E0} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F625181D-5A9B-4BA8-9424-5D593B91B2AD} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key not found. ========= ipconfig /fluhsdns ========= Error: unrecognized or incomplete command line. USAGE: ipconfig [/allcompartments] [/? | /all | /renew [adapter] | /release [adapter] | /renew6 [adapter] | /release6 [adapter] | /flushdns | /displaydns | /registerdns | /showclassid adapter | /setclassid adapter [classid] | /showclassid6 adapter | /setclassid6 adapter [classid] ] where adapter Connection name (wildcard characters * and ? allowed, see examples) Options: /? Display this help message /all Display full configuration information. /release Release the IPv4 address for the specified adapter. /release6 Release the IPv6 address for the specified adapter. /renew Renew the IPv4 address for the specified adapter. /renew6 Renew the IPv6 address for the specified adapter. /flushdns Purges the DNS Resolver cache. /registerdns Refreshes all DHCP leases and re-registers DNS names /displaydns Display the contents of the DNS Resolver Cache. /showclassid Displays all the dhcp class IDs allowed for adapter. /setclassid Modifies the dhcp class id. /showclassid6 Displays all the IPv6 DHCP class IDs allowed for adapter. /setclassid6 Modifies the IPv6 DHCP class id. The default is to display only the IP address, subnet mask and default gateway for each adapter bound to TCP/IP. For Release and Renew, if no adapter name is specified, then the IP address leases for all adapters bound to TCP/IP will be released or renewed. For Setclassid and Setclassid6, if no ClassId is specified, then the ClassId is removed. Examples: > ipconfig ... Show information > ipconfig /all ... Show detailed information > ipconfig /renew ... renew all adapters > ipconfig /renew EL* ... renew any connection that has its name starting with EL > ipconfig /release *Con* ... release all matching connections, eg. "Wired Ethernet Connection 1" or "Wired Ethernet Connection 2" > ipconfig /allcompartments ... Show information about all compartments > ipconfig /allcompartments /all ... Show detailed information about all compartments ========= End of CMD: ========= EmptyTemp: => 8.1 MB temporary data Removed. The system needed a reboot.. ==== End of Fixlog 06:33:02 ====