Fix result of Farbar Recovery Scan Tool (x64) Version:08-10-2015 Ran by customer (2015-10-11 21:17:56) Run:1 Running from C:\Users\customer\Desktop Loaded Profiles: customer (Available Profiles: customer) Boot Mode: Normal ============================================== fixlist content: ***************** CreateRestorePoint: Winsock: Catalog9-x64 01 C:\Windows\system32\CatWSPrx64.dll No File Winsock: Catalog9-x64 02 C:\Windows\system32\CatWSPrx64.dll No File Winsock: Catalog9-x64 03 C:\Windows\system32\CatWSPrx64.dll No File Winsock: Catalog9-x64 04 C:\Windows\system32\CatWSPrx64.dll No File Winsock: Catalog9-x64 15 C:\Windows\system32\CatWSPrx64.dll No File BHO-x32: No Name -> {6A88117E-D66A-4E52-8F3D-4569D0238F38} -> No File FF user.js: detected! => C:\Users\customer\AppData\Roaming\Mozilla\Firefox\Profiles\4qndcy04.default\user.js [2015-09-19] 2015-09-19 20:04 - 2015-09-19 20:04 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} 2015-09-19 09:43 - 2015-09-19 09:43 - 00000388 _____ C:\Windows\Tasks\REGSERVO.job 2015-09-19 09:43 - 2015-09-19 09:43 - 00000000 ____D C:\ProgramData\REGSERVO64 Task: C:\Windows\Tasks\REGSERVO.job => C:\Program Files\REGSERVO\REGSERVO.exe-t C:\Program Files\REGSERVO\REGSERVO.exe <==== ATTENTION C:\Program Files\REGSERVO HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CatWSPrx => ""="service" Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f RemoveProxy: CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: ipconfig /flushdns CMD: netsh winsock reset catalog CMD: netsh int ip reset c:\resetlog.txt CMD: ipconfig /release CMD: ipconfig /renew CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset EmptyTemp: CMD: bitsadmin /reset /allusers ***************** Restore point was successfully created. "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001" => key removed successfully "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002" => key removed successfully "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000003" => key removed successfully "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000004" => key removed successfully "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000015" => key removed successfully "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A88117E-D66A-4E52-8F3D-4569D0238F38}" => key removed successfully HKCR\Wow6432Node\CLSID\{6A88117E-D66A-4E52-8F3D-4569D0238F38} => key not found. C:\Users\customer\AppData\Roaming\Mozilla\Firefox\Profiles\4qndcy04.default\user.js => moved successfully C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} => moved successfully C:\Windows\Tasks\REGSERVO.job => moved successfully C:\ProgramData\REGSERVO64 => moved successfully C:\Windows\Tasks\REGSERVO.job => not found. "C:\Program Files\REGSERVO" => File/Folder not found. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\CatWSPrx" => key removed successfully ========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f ========= The operation completed successfully. ========= End of Reg: ========= ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully HKU\S-1-5-21-2723336936-3563734776-362871568-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\S-1-5-21-2723336936-3563734776-362871568-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully ========= End of RemoveProxy: ========= ========= netsh advfirewall reset ========= Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 10107 Ok. ========= End of CMD: ========= ========= netsh advfirewall set allprofiles state ON ========= Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 10107 Ok. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= ========= netsh winsock reset catalog ========= Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 10107 Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= netsh int ip reset c:\resetlog.txt ========= Reseting Global, OK! Reseting Interface, OK! Restart the computer to complete this action. ========= End of CMD: ========= ========= ipconfig /release ========= Windows IP Configuration No operation can be performed on Local Area Connection while it has its media disconnected. Wireless LAN adapter Wireless Network Connection: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::fd91:b94f:6890:99c6%13 Default Gateway . . . . . . . . . : Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : ZoomTown.com Tunnel adapter isatap.{D44E23BA-F679-4AD2-8DB7-81EBAE375EAE}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 11: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter isatap.ZoomTown.com: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : ========= End of CMD: ========= ========= ipconfig /renew ========= Windows IP Configuration No operation can be performed on Local Area Connection while it has its media disconnected. Wireless LAN adapter Wireless Network Connection: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::fd91:b94f:6890:99c6%13 IPv4 Address. . . . . . . . . . . : 192.168.0.8 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1 Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : ZoomTown.com Tunnel adapter isatap.{D44E23BA-F679-4AD2-8DB7-81EBAE375EAE}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 11: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter isatap.ZoomTown.com: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : ========= End of CMD: ========= ========= netsh int ipv4 reset ========= Reseting Interface, OK! Restart the computer to complete this action. ========= End of CMD: ========= ========= netsh int ipv6 reset ========= Reseting Interface, OK! Restart the computer to complete this action. ========= End of CMD: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.5.7601 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. 0 out of 0 jobs canceled. ========= End of CMD: ========= EmptyTemp: => 715.1 MB temporary data Removed. The system needed a reboot.. ==== End of Fixlog 21:20:02 ====