Fix result of Farbar Recovery Scan Tool (x64) Version: 21-10-2017 Ran by libya (22-10-2017 00:27:15) Run:1 Running from C:\Users\libya\Desktop Loaded Profiles: libya (Available Profiles: libya) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: RemoveProxy: HKU\S-1-5-21-3510374653-403196421-1552044869-1000\...\Run: [BingSvc] => C:\Users\libya\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (� 2015 Microsoft Corporation) HKU\S-1-5-21-3510374653-403196421-1552044869-1000\...\MountPoints2: {045e826e-6c31-11e5-b9d2-78843ce872f1} - F:\Startme.exe HKU\S-1-5-21-3510374653-403196421-1552044869-1000\...\MountPoints2: {49394324-19c3-11e4-97b3-78843ce872f1} - F:\Setup.exe HKU\S-1-5-21-3510374653-403196421-1552044869-1000\...\MountPoints2: {594258e7-b85b-11e4-84e5-78843ce872f1} - E:\RNDISInst.exe HKU\S-1-5-21-3510374653-403196421-1552044869-1000\...\MountPoints2: {8aea54b3-f84a-11e5-9eb6-78843ce872f1} - E:\iLinker.exe HKU\S-1-5-21-3510374653-403196421-1552044869-1000\...\MountPoints2: {8cf7f625-337b-11e4-bb30-78843ce872f1} - E:\Setup.exe HKU\S-1-5-21-3510374653-403196421-1552044869-1000\...\MountPoints2: {968be5ab-75af-11e6-9a9b-ccaf78b61332} - E:\setup.exe HKU\S-1-5-21-3510374653-403196421-1552044869-1000\...\MountPoints2: {9c79fdeb-3f77-11e4-8653-78843ce872f1} - G:\NokiaPCIA_Autorun.exe GroupPolicy: Restriction - Chrome <==== ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = Toolbar: HKU\S-1-5-21-3510374653-403196421-1552044869-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler: WSKVAllmytubechrome - No CLSID Value FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] U3 aswbdisk; no ImagePath S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X] S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X] S3 btath_avdt; system32\drivers\btath_avdt.sys [X] S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X] S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X] S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X] S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X] S3 catchme; \??\C:\Users\libya\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION S3 cpuz140; \??\C:\Users\libya\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X] S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X] S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\BatteryCare\WinRing0x64.sys [X] 2017-10-21 23:04 - 2017-10-21 23:04 - 000000000 ____H C:\ProgramData\cm-lock CMD: netsh winsock reset all CMD: ipconfig /flushdns hosts: EmptyTemp: Reboot: end ***************** Restore point was successfully created. Processes closed successfully. ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully HKU\S-1-5-21-3510374653-403196421-1552044869-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\S-1-5-21-3510374653-403196421-1552044869-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully ========= End of RemoveProxy: ========= HKU\S-1-5-21-3510374653-403196421-1552044869-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc => value removed successfully HKU\S-1-5-21-3510374653-403196421-1552044869-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{045e826e-6c31-11e5-b9d2-78843ce872f1} => key removed successfully HKLM\Software\Classes\CLSID\{045e826e-6c31-11e5-b9d2-78843ce872f1} => key not found. HKU\S-1-5-21-3510374653-403196421-1552044869-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{49394324-19c3-11e4-97b3-78843ce872f1} => key removed successfully HKLM\Software\Classes\CLSID\{49394324-19c3-11e4-97b3-78843ce872f1} => key not found. HKU\S-1-5-21-3510374653-403196421-1552044869-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{594258e7-b85b-11e4-84e5-78843ce872f1} => key removed successfully HKLM\Software\Classes\CLSID\{594258e7-b85b-11e4-84e5-78843ce872f1} => key not found. HKU\S-1-5-21-3510374653-403196421-1552044869-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8aea54b3-f84a-11e5-9eb6-78843ce872f1} => key removed successfully HKLM\Software\Classes\CLSID\{8aea54b3-f84a-11e5-9eb6-78843ce872f1} => key not found. HKU\S-1-5-21-3510374653-403196421-1552044869-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8cf7f625-337b-11e4-bb30-78843ce872f1} => key removed successfully HKLM\Software\Classes\CLSID\{8cf7f625-337b-11e4-bb30-78843ce872f1} => key not found. HKU\S-1-5-21-3510374653-403196421-1552044869-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{968be5ab-75af-11e6-9a9b-ccaf78b61332} => key removed successfully HKLM\Software\Classes\CLSID\{968be5ab-75af-11e6-9a9b-ccaf78b61332} => key not found. HKU\S-1-5-21-3510374653-403196421-1552044869-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9c79fdeb-3f77-11e4-8653-78843ce872f1} => key removed successfully HKLM\Software\Classes\CLSID\{9c79fdeb-3f77-11e4-8653-78843ce872f1} => key not found. C:\Windows\system32\GroupPolicy\Machine => moved successfully C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully HKU\S-1-5-21-3510374653-403196421-1552044869-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found. HKLM\Software\Classes\PROTOCOLS\Handler\WSKVAllmytubechrome => key removed successfully HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully HKLM\System\CurrentControlSet\Services\aswbdisk => key removed successfully aswbdisk => service removed successfully HKLM\System\CurrentControlSet\Services\AthBTPort => key removed successfully AthBTPort => service removed successfully HKLM\System\CurrentControlSet\Services\BTATH_A2DP => key removed successfully BTATH_A2DP => service removed successfully HKLM\System\CurrentControlSet\Services\btath_avdt => key removed successfully btath_avdt => service removed successfully HKLM\System\CurrentControlSet\Services\BTATH_BUS => key removed successfully BTATH_BUS => service removed successfully HKLM\System\CurrentControlSet\Services\BTATH_HCRP => key removed successfully BTATH_HCRP => service removed successfully HKLM\System\CurrentControlSet\Services\BTATH_LWFLT => key removed successfully BTATH_LWFLT => service removed successfully HKLM\System\CurrentControlSet\Services\BTATH_RCP => key removed successfully BTATH_RCP => service removed successfully HKLM\System\CurrentControlSet\Services\catchme => key removed successfully catchme => service removed successfully HKLM\System\CurrentControlSet\Services\cpuz140 => key removed successfully cpuz140 => service removed successfully HKLM\System\CurrentControlSet\Services\pccsmcfd => key removed successfully pccsmcfd => service removed successfully HKLM\System\CurrentControlSet\Services\vmci => key removed successfully vmci => service removed successfully HKLM\System\CurrentControlSet\Services\VMnetAdapter => key removed successfully VMnetAdapter => service removed successfully HKLM\System\CurrentControlSet\Services\WinRing0_1_2_0 => key removed successfully WinRing0_1_2_0 => service removed successfully "C:\ProgramData\cm-lock" => not found. ========= netsh winsock reset all ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9509186 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 473885021 B Edge => 0 B Chrome => 905002 B Firefox => 14492284 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 33058 B systemprofile32 => 33490 B LocalService => 33125 B NetworkService => 2718 B libya => 77578175 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B => 0 B RecycleBin => 149711178 B EmptyTemp: => 700.5 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 00:28:15 ====