Fix result of Farbar Recovery Scan Tool (x64) Version: 03.05.2018 Ran by Myriam (03-05-2018 19:46:14) Run:5 Running from C:\Users\Myriam\Downloads Loaded Profiles: Myriam (Available Profiles: Myriam) Boot Mode: Normal ============================================== fixlist content: ***************** Start CloseProcesses: CreateRestorePoint: HKLM-x32\...\Run: [] => [X] SearchScopes: HKLM -> DefaultScope {385E2DE8-C618-40C2-89FC-630DBA51240F} URL = SearchScopes: HKLM-x32 -> DefaultScope {385E2DE8-C618-40C2-89FC-630DBA51240F} URL = SearchScopes: HKU\S-1-5-21-2870124582-2670056687-1688047813-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2870124582-2670056687-1688047813-1001 -> {0A041559-87C4-581F-4F04-3F9883CFF8DA} URL = SearchScopes: HKU\S-1-5-21-2870124582-2670056687-1688047813-1001 -> {385E2DE8-C618-40C2-89FC-630DBA51240F} URL = BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File Toolbar: HKU\S-1-5-21-2870124582-2670056687-1688047813-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File BootExecute: autocheck autochk /m /P \Device\HarddiskVolume9autocheck autochk * FF user.js: detected! => C:\Users\Myriam\AppData\Roaming\Mozilla\Firefox\Profiles\auux7g6s.default-1378140617709\user.js [2014-06-28] FF Extension: (OneTab) - C:\Users\Myriam\AppData\Roaming\Mozilla\Firefox\Profiles\auux7g6s.default-1378140617709\Extensions\extension@one-tab.com.xpi [2017-11-18] FF Plugin HKU\S-1-5-21-2870124582-2670056687-1688047813-1001: box.com/BoxEdit -> C:\Users\Myriam\AppData\Local\Box\Box Edit\npBoxEdit.dll [No File] S2 SMService; C:\program files (x86)\iobit\Classic Start\SMService.exe [X] U5 AppMgmt; C:\windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 dbx; system32\DRIVERS\dbx.sys [X] S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X] Task: {AA0CF02E-543A-42CE-BD31-A987AA663C97} - System32\Tasks\{D6F156B6-B064-4539-92BF-5148DDA2DE3C} => C:\windows\system32\pcalua.exe -a C:\windows\UN091222.EXE -c /UNINST C:\windows\UN091222.EXE C:\program files (x86)\iobit EmptyTemp: End ***************** Processes closed successfully. Restore point was successfully created. "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully "HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully "HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0A041559-87C4-581F-4F04-3F9883CFF8DA}" => removed successfully HKLM\Software\Classes\CLSID\{0A041559-87C4-581F-4F04-3F9883CFF8DA} => not found "HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{385E2DE8-C618-40C2-89FC-630DBA51240F}" => removed successfully HKLM\Software\Classes\CLSID\{385E2DE8-C618-40C2-89FC-630DBA51240F} => not found "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => removed successfully "HKLM\Software\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => removed successfully "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => removed successfully HKLM\Software\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => not found "HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => removed successfully HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => not found HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully C:\Users\Myriam\AppData\Roaming\Mozilla\Firefox\Profiles\auux7g6s.default-1378140617709\user.js => moved successfully C:\Users\Myriam\AppData\Roaming\Mozilla\Firefox\Profiles\auux7g6s.default-1378140617709\Extensions\extension@one-tab.com.xpi => moved successfully "HKU\S-1-5-21-2870124582-2670056687-1688047813-1001\Software\MozillaPlugins\box.com/BoxEdit" => removed successfully "C:\Users\Myriam\AppData\Local\Box\Box Edit\npBoxEdit.dll" => not found "HKLM\System\CurrentControlSet\Services\SMService" => removed successfully SMService => service removed successfully "HKLM\System\CurrentControlSet\Services\AppMgmt" => removed successfully AppMgmt => service removed successfully "HKLM\System\CurrentControlSet\Services\catchme" => removed successfully catchme => service removed successfully "HKLM\System\CurrentControlSet\Services\dbx" => removed successfully dbx => service removed successfully "HKLM\System\CurrentControlSet\Services\SmbDrvI" => removed successfully SmbDrvI => service removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA0CF02E-543A-42CE-BD31-A987AA663C97}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA0CF02E-543A-42CE-BD31-A987AA663C97}" => removed successfully C:\windows\System32\Tasks\{D6F156B6-B064-4539-92BF-5148DDA2DE3C} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D6F156B6-B064-4539-92BF-5148DDA2DE3C}" => removed successfully C:\windows\UN091222.EXE => moved successfully "C:\program files (x86)\iobit" => not found =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7419974 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 18412502 B Edge => 0 B Chrome => 0 B Firefox => 289691560 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 5956 B systemprofile32 => 128 B LocalService => 796564 B NetworkService => 0 B Myriam => 139325405 B RecycleBin => 223897 B EmptyTemp: => 442.8 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 19:49:16 ====