Fix result of Farbar Recovery Scan Tool (x86) Version:27-09-2015 01 Ran by Gncomputers (2015-09-28 02:42:01) Run:1 Running from C:\Users\Gncomputers\Downloads Loaded Profiles: Gncomputers (Available Profiles: Gncomputers & Guest) Boot Mode: Normal ============================================== fixlist content: ***************** CreateRestorePoint: GroupPolicy: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION BHO: No Name -> {B9F4DC10-7E40-403A-A5EA-383548FB0AEF} -> No File BHO: No Name -> {CBB84B88-3E21-414B-B170-6E9315762E65} -> No File BHO: No Name -> {E8C15560-18F5-4DD6-827F-0FFB78A2C824} -> No File Handler: WSISAllmytubechrome - No CLSID Value - FF user.js: detected! => C:\Users\Gncomputers\AppData\Roaming\Mozilla\Firefox\Profiles\c9gad0gc.default-1442953932501\user.js [2015-09-23] CHR HKLM\...\Chrome\Extension: [ngidnflhjnpcfbcbmmkcfpniopmpgoga] - C:\ProgramData\Codecv\ngidnflhjnpcfbcbmmkcfpniopmpgoga.crx 2015-09-24 09:31 - 2015-03-12 18:57 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB 2015-09-23 03:51 - 2015-03-06 02:02 - 00000000 ____D C:\ProgramData\{3b2dc8c5-e032-cfc2-3b2d-dc8c5e032317} 2015-09-23 03:44 - 2015-06-14 15:51 - 00000000 ____D C:\ProgramData\{4e943bd8-1f1a-0ab1-4e94-43bd81f1ef60} 2015-09-23 03:44 - 2013-11-23 21:53 - 00000000 ____D C:\Users\Gncomputers\AppData\Roaming\Ovi 2015-09-23 01:04 - 2015-03-14 02:31 - 00000000 ____D C:\ProgramData\{421dba37-6d47-7680-421d-dba376d4e8dd} 2015-09-23 01:04 - 2015-03-14 02:19 - 00000000 ____D C:\ProgramData\{52760116-c12f-069b-5276-60116c12045b} Task: {99ED8BA7-B099-499C-B935-C3024FB96874} - \DTReg -> No File <==== ATTENTION Task: {E8EBA390-CEA0-4782-8904-1668DB728EE2} - System32\Tasks\{DFC407C1-923E-422C-8AC2-5B90A724A566} => pcalua.exe -a C:\Users\GNCOMP~1\AppData\Local\Temp\U4A7E.tmp\UNT4A7F.tmp.exe -c -uninstall RemoveProxy: EmptyTemp: CMD: bitsadmin /reset /allusers ***************** Restore point was successfully created. C:\Windows\system32\GroupPolicy\Machine => moved successfully C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully "HKLM\SOFTWARE\Policies\Google" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9F4DC10-7E40-403A-A5EA-383548FB0AEF}" => key removed successfully. HKCR\CLSID\{B9F4DC10-7E40-403A-A5EA-383548FB0AEF} => key not found. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CBB84B88-3E21-414B-B170-6E9315762E65}" => key removed successfully. HKCR\CLSID\{CBB84B88-3E21-414B-B170-6E9315762E65} => key not found. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8C15560-18F5-4DD6-827F-0FFB78A2C824}" => key removed successfully. HKCR\CLSID\{E8C15560-18F5-4DD6-827F-0FFB78A2C824} => key not found. "HKCR\PROTOCOLS\Handler\WSISAllmytubechrome" => key removed successfully. C:\Users\Gncomputers\AppData\Roaming\Mozilla\Firefox\Profiles\c9gad0gc.default-1442953932501\user.js => moved successfully "HKLM\SOFTWARE\Google\Chrome\Extensions\ngidnflhjnpcfbcbmmkcfpniopmpgoga" => key removed successfully. C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB => moved successfully C:\ProgramData\{3b2dc8c5-e032-cfc2-3b2d-dc8c5e032317} => moved successfully C:\ProgramData\{4e943bd8-1f1a-0ab1-4e94-43bd81f1ef60} => moved successfully C:\Users\Gncomputers\AppData\Roaming\Ovi => moved successfully C:\ProgramData\{421dba37-6d47-7680-421d-dba376d4e8dd} => moved successfully C:\ProgramData\{52760116-c12f-069b-5276-60116c12045b} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99ED8BA7-B099-499C-B935-C3024FB96874}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99ED8BA7-B099-499C-B935-C3024FB96874}" => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DTReg => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8EBA390-CEA0-4782-8904-1668DB728EE2}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8EBA390-CEA0-4782-8904-1668DB728EE2}" => key removed successfully. C:\Windows\System32\Tasks\{DFC407C1-923E-422C-8AC2-5B90A724A566} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DFC407C1-923E-422C-8AC2-5B90A724A566}" => key removed successfully. ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully. HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully. HKU\S-1-5-21-2123204161-853072409-3690002975-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully. HKU\S-1-5-21-2123204161-853072409-3690002975-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully. ========= End of RemoveProxy: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.5.7601 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. Unable to cancel {6DFE7A5C-40CF-40D0-B182-A1EF6B28F0C2}. Unable to cancel {178C384A-7DCC-4C51-817F-71B6572C541A}. Unable to cancel {BA76F118-0A62-4064-A6BE-A8FF2AC57D84}. Unable to cancel {611CB38A-99DE-4AC7-8DD9-109809333F70}. Unable to cancel {5B0E9654-C409-4968-A2C0-482E8BB4125B}. Unable to cancel {F4553835-1552-4F5C-9C1A-BD7AFEB4DBF9}. Unable to cancel {B6A346F3-6D5D-4F4E-A354-915EF6B87A92}. {CA946F7C-4F78-494E-959C-CA6DA30B2A0E} canceled. {374ADBD2-980B-4267-834E-7E5F8BBEFED4} canceled. {654FD14B-1E8C-45F2-AEE7-4446F7CD31BB} canceled. {5A807184-6099-4F2F-B01E-CC2E661B434B} canceled. {2825E06C-E4DC-4A2F-B232-66E931D75DDB} canceled. {78509C60-48CB-4C1E-B3A3-E88437994CD0} canceled. 6 out of 13 jobs canceled. ========= End of CMD: ========= EmptyTemp: => 333.4 MB temporary data Removed. The system needed a reboot. ==== End of Fixlog 02:43:49 ====