Fix result of Farbar Recovery Scan Tool (x64) Version:21-10-2015 01 Ran by User (2015-10-24 13:07:39) Run:1 Running from C:\Users\User\Downloads Loaded Profiles: User (Available Profiles: User) Boot Mode: Normal ============================================== fixlist content: ***************** CreateRestorePoint: HKU\S-1-5-21-2886134629-1133402904-436001001-1000\...\Run: [733715270] => regsvr32.exe "C:\Users\User\AppData\Local\IazoBsoh\WejUqge.dll" BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File S2 BITS; %SystemRoot%\System32\qmgr.dll [X] S3 BS3137338052; \??\C:\Users\User\AppData\Local\Temp\NTFS.sys [X] 2015-10-21 10:47 - 2015-10-21 10:47 - 00004096 _____ C:\ProgramData\4FmzteqKDDF4.dll 2015-10-21 10:45 - 2015-10-21 10:45 - 00004096 _____ C:\ProgramData\GheT3Z73DDF4.dll 2015-10-20 20:13 - 2015-10-23 12:38 - 03197188 _____ C:\Windows\system32\CFG3137338052 2015-10-20 20:04 - 2015-10-20 20:13 - 00000000 ____D C:\Users\User\AppData\Local\IazoBsoh 2015-10-20 20:02 - 2015-10-20 20:02 - 00000000 ___HD C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8} C:\Users\User\AppData\Local\Temp\NTFS.sys Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f RemoveProxy: CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: ipconfig /flushdns CMD: netsh winsock reset catalog CMD: netsh int ip reset c:\resetlog.txt CMD: ipconfig /release CMD: ipconfig /renew CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset EmptyTemp: CMD: bitsadmin /reset /allusers ***************** Error: (0) Failed to create a restore point. HKU\S-1-5-21-2886134629-1133402904-436001001-1000\Software\Microsoft\Windows\CurrentVersion\Run\\733715270 => value removed successfully "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" => key removed successfully HKCR\Wow6432Node\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => key not found. BITS => service removed successfully BS3137338052 => service removed successfully "C:\ProgramData\4FmzteqKDDF4.dll" => not found. "C:\ProgramData\GheT3Z73DDF4.dll" => not found. C:\Windows\system32\CFG3137338052 => moved successfully C:\Users\User\AppData\Local\IazoBsoh => moved successfully C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8} => moved successfully "C:\Users\User\AppData\Local\Temp\NTFS.sys" => not found. ========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f ========= The operation completed successfully. ========= End of Reg: ========= ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully HKU\S-1-5-21-2886134629-1133402904-436001001-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\S-1-5-21-2886134629-1133402904-436001001-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully ========= End of RemoveProxy: ========= ========= netsh advfirewall reset ========= Ok. ========= End of CMD: ========= ========= netsh advfirewall set allprofiles state ON ========= Ok. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= ========= netsh winsock reset catalog ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= netsh int ip reset c:\resetlog.txt ========= Reseting Global, OK! Reseting Interface, OK! Restart the computer to complete this action. ========= End of CMD: ========= ========= ipconfig /release ========= Windows IP Configuration No operation can be performed on Local Area Connection while it has its media disconnected. Wireless LAN adapter Wireless Network Connection: Connection-specific DNS Suffix . : IPv6 Address. . . . . . . . . . . : 2602:304:cf2b:5749:342a:d4cb:7b7f:d4b7 Temporary IPv6 Address. . . . . . : 2602:304:cf2b:5749:341f:44c6:5041:f0e9 Link-local IPv6 Address . . . . . : fe80::342a:d4cb:7b7f:d4b7%12 Default Gateway . . . . . . . . . : fe80::220c:c8ff:fed4:ea13%12 Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 9: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter isatap.{2F5879EA-34F6-41A1-9AB1-F6A8FAAEADAA}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter isatap.{0AA94162-280E-43BD-AEBF-43803AE7C882}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : ========= End of CMD: ========= ========= ipconfig /renew ========= Windows IP Configuration No operation can be performed on Local Area Connection while it has its media disconnected. Wireless LAN adapter Wireless Network Connection: Connection-specific DNS Suffix . : IPv6 Address. . . . . . . . . . . : 2602:304:cf2b:5749:342a:d4cb:7b7f:d4b7 Temporary IPv6 Address. . . . . . : 2602:304:cf2b:5749:341f:44c6:5041:f0e9 Link-local IPv6 Address . . . . . : fe80::342a:d4cb:7b7f:d4b7%12 IPv4 Address. . . . . . . . . . . : 192.168.1.139 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : fe80::220c:c8ff:fed4:ea13%12 192.168.1.254 Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 9: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter isatap.{2F5879EA-34F6-41A1-9AB1-F6A8FAAEADAA}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter isatap.{0AA94162-280E-43BD-AEBF-43803AE7C882}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : ========= End of CMD: ========= ========= netsh int ipv4 reset ========= Reseting Interface, OK! Restart the computer to complete this action. ========= End of CMD: ========= ========= netsh int ipv6 reset ========= Reseting Interface, OK! Restart the computer to complete this action. ========= End of CMD: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.5.7601 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. Unable to connect to BITS - 0x80070003 The system cannot find the path specified. ========= End of CMD: ========= EmptyTemp: => 1.2 GB temporary data Removed. The system needed a reboot. ==== End of Fixlog 13:09:20 ====