Fix result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by user (2015-09-05 11:43:43) Run:1
Running from C:\Users\user\Downloads
Loaded Profiles: user (Available Profiles: user)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
HKLM\...\Policies\Explorer\Run: [1853556740] => C:\ProgramData\msbogj.exe [76288 2015-06-16] ()
C:\ProgramData\msbogj.exe
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-934653896-176862922-3437185597-1002\...\Run: [YbPack] => regsvr32.exe C:\Users\user\AppData\Local\YbPack\comNetengine.dll <===== ATTENTION
HKU\S-1-5-21-934653896-176862922-3437185597-1002\...\Run: [xzhw] => rundll32 "C:\Users\user\AppData\Roaming\scrrunp.dll",obtmokiq
HKU\S-1-5-21-934653896-176862922-3437185597-1002\...\Run: [FireFoxUpdServeisSystem] => C:\Users\user\AppData\Roaming\FireFoxUpdServeis\Microsoft_raletarune@.exe [66560 2015-09-02] ()
HKU\S-1-5-21-934653896-176862922-3437185597-1002\...\Run: [GoogleUpdate] => C:\Users\user\AppData\Roaming\GoogleUpdate\GoogleUpdate.exe [62042624 2015-09-03] ()
HKU\S-1-5-21-934653896-176862922-3437185597-1002\...\Run: [Update] => C:\Users\user\AppData\Roaming\GoogleUpdate\GoogleUpdate.exe [62042624 2015-09-03] ()
U3 McAPExe; no ImagePath
U3 McMPFSvc; no ImagePath
U3 McNaiAnn; no ImagePath
U3 mcpltsvc; no ImagePath
U3 mfecore; no ImagePath
U3 MSK80Service; no ImagePath
2015-09-03 01:07 - 2015-09-03 01:07 - 00453120 __RSH C:\Users\user\AppData\Roaming\scrrunp.dll
2015-09-02 05:22 - 2015-09-02 05:22 - 00000000 ____D C:\Users\user\AppData\Roaming\FireFoxUpdServeis
2015-08-30 10:39 - 2015-09-03 01:20 - 00000712 ____H C:\ProgramData\@system.temp
2015-08-30 10:38 - 2015-09-04 06:31 - 00000000 ____D C:\Users\user\AppData\Roaming\GoogleUpdate
2015-08-30 10:38 - 2015-09-03 01:20 - 00000448 ____H C:\ProgramData\@system3.att
2015-08-18 23:51 - 2015-08-18 23:56 - 00000000 ____D C:\ProgramData\pauhu
2015-08-14 18:15 - 2015-09-02 05:12 - 00000000 ____D C:\Users\user\AppData\Local\YbPack
2015-08-14 17:25 - 2015-09-03 15:49 - 00000000 ____D C:\Users\user\AppData\Local\Ufrmedia
2015-08-30 10:38 - 2015-08-30 10:38 - 00000464 ____H C:\Users\user\AppData\Roaming\½Ó
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
Folder: C:\Windows\wb
Folder: C:\AdwCleaner 
EmptyTemp:
CMD: bitsadmin /reset /allusers
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupApproved" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupApproved" /F
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\1853556740 => value not found.
C:\ProgramData\msbogj.exe => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value removed successfully
HKU\S-1-5-21-934653896-176862922-3437185597-1002\Software\Microsoft\Windows\CurrentVersion\Run\\YbPack => value removed successfully
HKU\S-1-5-21-934653896-176862922-3437185597-1002\Software\Microsoft\Windows\CurrentVersion\Run\\xzhw => value removed successfully
HKU\S-1-5-21-934653896-176862922-3437185597-1002\Software\Microsoft\Windows\CurrentVersion\Run\\FireFoxUpdServeisSystem => value removed successfully
HKU\S-1-5-21-934653896-176862922-3437185597-1002\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleUpdate => value removed successfully
HKU\S-1-5-21-934653896-176862922-3437185597-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Update => value removed successfully
McAPExe => service removed successfully
McMPFSvc => service removed successfully
McNaiAnn => service removed successfully
mcpltsvc => service removed successfully
mfecore => service removed successfully
MSK80Service => service removed successfully
C:\Users\user\AppData\Roaming\scrrunp.dll => moved successfully
C:\Users\user\AppData\Roaming\FireFoxUpdServeis => moved successfully
C:\ProgramData\@system.temp => moved successfully
C:\Users\user\AppData\Roaming\GoogleUpdate => moved successfully
C:\ProgramData\@system3.att => moved successfully
C:\ProgramData\pauhu => moved successfully
C:\Users\user\AppData\Local\YbPack => moved successfully
C:\Users\user\AppData\Local\Ufrmedia => moved successfully
C:\Users\user\AppData\Roaming\½Ó => moved successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc" => key removed successfully

========================= Folder: C:\Windows\wb ========================

2015-08-16 21:30 - 2001-12-01 23:21 - 0273408 _____ (Mpath Interactive) C:\Windows\wb\mplaynow.exe
2015-08-16 21:30 - 2001-12-01 23:21 - 0000264 _____ () C:\Windows\wb\mplaynow.ini

====== End of Folder: ======


========================= Folder: C:\AdwCleaner ========================

2015-09-03 02:04 - 2015-09-03 02:04 - 0000933 _____ () C:\AdwCleaner\AdwCleaner[C1].txt
2015-09-03 01:59 - 2015-09-03 02:03 - 0000851 _____ () C:\AdwCleaner\AdwCleaner[S1].txt
2015-09-03 01:58 - 2015-09-03 01:58 - 0000000 ____D () C:\AdwCleaner\Quarantine

====== End of Folder: ======


=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {A930FFAA-A46F-46E7-8CCE-11A17AEDB981}.
Unable to cancel {CF7D67BE-DF72-4B1A-A00A-E08B973AD9EE}.
Unable to cancel {2C3161AD-7FFD-4020-A7E3-3934D8A9B1EE}.
Unable to cancel {054E9175-2EED-4D4B-BDB1-2DC0D01B6B84}.
Unable to cancel {949E56CF-B5D0-40F1-8E8F-FDDCB9F3C2CE}.
Unable to cancel {F38BD0F2-CA08-4D54-9313-3F6C2E4FE092}.
Unable to cancel {EAED34B7-C2F8-49EA-95E0-41C4ABC3639B}.
Unable to cancel {6647223B-B021-45CE-B664-2E4EEE773362}.
Unable to cancel {7996C83A-A486-43B7-B877-4FA34A1C33D2}.
Unable to cancel {A3154ED9-0A67-403D-9B0B-F349113BD45A}.
Unable to cancel {CE24CA47-F239-4EF6-908C-5348DA216FD8}.
Unable to cancel {A7C905CD-C0E0-4D8E-B80D-388B72409D55}.
Unable to cancel {FD4CCAB4-463A-4704-8CE0-46524310E01B}.
Unable to cancel {7FFE5F9B-1DB6-4F87-87FC-4916BAE38E91}.
Unable to cancel {82AD7B3F-8436-4C6D-9C20-9C74BF1D7909}.
Unable to cancel {9F226EC7-8BC4-408F-B9BF-BDCEBA1B76A6}.
Unable to cancel {CF71A493-359B-4B8D-AA90-4ABD42701E5C}.
Unable to cancel {CA0AE5D2-C013-41A1-BDE9-243A49B91AE7}.
Unable to cancel {807F4C12-F761-470A-82EF-40674ABCFC80}.
Unable to cancel {DF89B060-FECD-4877-8021-7E343ADFF807}.
Unable to cancel {70A8BD05-3775-475C-9B2B-427E70DD60D3}.
Unable to cancel {CBDB220A-5BB5-44A4-9AAA-CEB357E474EB}.
Unable to cancel {9A4FA720-DC79-423B-A90A-2CB8C4DE93D6}.
Unable to cancel {60BBA729-8E6A-4F0F-B40F-1509079D8AAE}.
Unable to cancel {32122E3F-FB97-4D50-86AD-4AF4082AA76D}.
Unable to cancel {9C331840-B0A0-429E-8334-FDE1CAF2BBE7}.
Unable to cancel {0634AA5A-7160-4DF1-A0D8-FB1464492C87}.
Unable to cancel {6E093D5B-D389-4042-8DC0-FBD9BF3A1CF2}.
Unable to cancel {D52D0C65-3D3E-4A1E-8014-48ECD0401862}.
Unable to cancel {F9C6C269-A314-4AD1-B2F3-BF95E79E16D0}.
Unable to cancel {542C947D-E65E-4BDF-A498-BF8C313BB619}.
Unable to cancel {19B88C80-B939-4527-8357-045E52FBE4B9}.
Unable to cancel {EBBDEA97-4853-4362-8A40-1937CC26A67E}.
Unable to cancel {66205599-AE55-4C49-B356-7F54D74AEEA1}.
Unable to cancel {5E31C399-1567-48F2-B334-F90D7BCACE28}.
Unable to cancel {01C69D9D-4048-4705-802E-2D022A3725F2}.
Unable to cancel {C06E2EC1-F725-4DAC-8609-39923C9EDDAF}.
Unable to cancel {A5BDB4CC-3626-49C1-A58A-1FCBE6848F8C}.
Unable to cancel {315E73CD-0C73-4974-9441-B9965E34FCEB}.
Unable to cancel {0795ADCD-6A86-454F-B067-2DC360C2578B}.
Unable to cancel {22B355D4-0E0C-4C97-ADF6-19085AF671C9}.
Unable to cancel {898878D4-C4EF-4AB9-BE97-15501F7643B8}.
Unable to cancel {61E826D7-05AA-4B88-8A39-0B1730D6BE62}.
Unable to cancel {C2B4B0DB-E128-4E66-AD49-851ACD482F0D}.
Unable to cancel {AAB7B7DF-5E74-45EC-8F51-3F3C2204EAD1}.
Unable to cancel {5F2F33F7-7C91-4380-A201-3E31859DEDAA}.
Unable to cancel {84D66B62-5B95-4FB6-9785-141F196738DA}.
Unable to cancel {00533D62-673D-4D42-BCBB-3C74C5ECF533}.
{AE304CD2-05AA-48BD-BCBC-9161C7AF12E2} canceled.
{A1D9D531-89A1-40C2-AD9D-B670206C0D03} canceled.
{D9776B65-8F36-4641-A099-EB8F9B9BD12B} canceled.
{256E82F4-0724-46AB-80B1-B1E93F50C20E} canceled.
{0AED9301-64ED-466D-8481-FCFA7BAF2D22} canceled.
{98A15E78-C29C-401C-BDDA-E5F6DD554693} canceled.
{1064EEE0-90BD-406C-8CBF-693BFF86B0EF} canceled.
{C2924EC8-6BA4-40FF-A145-D5C2B5C342A0} canceled.
{E99BD17B-3A91-4C94-8ED2-2FBAC93CA4BA} canceled.
{CB50F690-6B53-4CC9-A102-D3F5DC92E04D} canceled.
{6F40F852-5EEB-4F53-94A2-205DB49E70DE} canceled.
{ADDD6E3D-D564-41D8-AF54-D268144127F3} canceled.
{17374DF5-C745-43D9-BEB2-B74B8439FD58} canceled.
{D9733411-7108-429F-BA94-F4304D4A10FA} canceled.
{0C62AEDE-4806-4F7F-8E59-84864C09A1D2} canceled.
{AAECDDCC-62A2-4D0F-87BC-7F05622380D2} canceled.
16 out of 64 jobs canceled.

========= End of CMD: =========


========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupApproved" /F =========

ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========


========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupApproved" /F =========

The operation completed successfully.


========= End of Reg: =========


========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========

ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========


========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========

The operation completed successfully.


========= End of Reg: =========

EmptyTemp: => 567.7 MB temporary data Removed.


The system needed a reboot.. 

==== End of Fixlog 11:45:32 ====