Fix result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
Ran by Frank (2016-02-07 14:48:33) Run:1
Running from C:\Users\Frank\Desktop
Loaded Profiles: Frank (Available Profiles: Frank & UpdatusUser & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
SearchScopes: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000 -> DefaultScope {1FFBB18E-5C13-4652-A501-AAB94EEE3AFF} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289663&CUI=UN13004498712706460&UM=2
SearchScopes: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000 -> {1FFBB18E-5C13-4652-A501-AAB94EEE3AFF} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289663&CUI=UN13004498712706460&UM=2
SearchScopes: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
CHR Plugin: (Conduit Chrome Plugin) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.22.0.588_0\plugins/ConduitChromeApiPlugin.dll => No File
CHR Plugin: (Conduit Radio Plugin) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.22.0.588_0\plugins/np-cwmp.dll => No File
CHR Plugin: (Conduit Chrome Plugin) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.22.0.588_0\search/plugins/npConduitNewTabPlugin.dll => No File
CHR Extension: (PriceBlink) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoiidodopnnhiflaflbfeblnojefhigh [2016-01-29]
CHR Extension: (Shoptimate : automatic price comparison) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\bibdombdcdbbnfdjkaajfgnfhlapibde [2015-10-08]
CHR Extension: (PriceZombie Price Tracker & Price Comparison) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\gppjmcjmigdbfnpilblnogepgpolhcho [2015-07-19]
CHR Extension: (CouponDetector) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\niopdihicikkienjcdgjgcoadnohmofa [2013-06-20] [UpdateUrl: hxxp://toolbar.couponcabin.com.s3.amazonaws.com/updates.xml] <==== ATTENTION
CHR Extension: (WhiteSmoke New) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi [2015-02-27] [UpdateUrl: hxxp://autoupdate.chromewebtb.conduit-services.com/sb/?productId=CT3289847&extensionData=\u003Cextension_data>] <==== ATTENTION
CHR Extension: (InternetHelper3.1) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nemfjadlboooiffmcelkafilagddogim [2015-02-27] [UpdateUrl: hxxp://autoupdate.chromewebtb.conduit-services.com/sb/?productId=CT3289663&extensionData=\u003Cextension_data>] <==== ATTENTION
CHR HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - <no Path/update_url>
CHR HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - <no Path/update_url>
2016-01-23 11:49 - 2016-01-23 11:49 - 00000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2016-01-23 11:49 - 2016-01-23 11:49 - 00000000 ____D C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA}
2015-01-21 17:12 - 2015-01-21 17:12 - 0000064 _____ () C:\Users\Frank\AppData\Local\e20c610b2a4f1ac126101348f502a05e
Task: {5BB1A6C3-C384-49BF-B0A8-093F899ED1DB} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION
Task: {8D96AAC7-1AEC-445C-A984-BEAE907C5DCE} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION
Task: {A15FADD9-A8F9-40B0-B3A7-B36B829A65AE} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers

*****************

Restore point was successfully created.
HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1FFBB18E-5C13-4652-A501-AAB94EEE3AFF}" => key removed successfully
HKCR\CLSID\{1FFBB18E-5C13-4652-A501-AAB94EEE3AFF} => key not found. 
"HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => key removed successfully
HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => key not found. 
C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.22.0.588_0\plugins/ConduitChromeApiPlugin.dll => not found.
C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.22.0.588_0\plugins/np-cwmp.dll => not found.
C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.22.0.588_0\search/plugins/npConduitNewTabPlugin.dll => not found.
C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoiidodopnnhiflaflbfeblnojefhigh => moved successfully
C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\bibdombdcdbbnfdjkaajfgnfhlapibde => moved successfully
C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\gppjmcjmigdbfnpilblnogepgpolhcho => moved successfully
C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\niopdihicikkienjcdgjgcoadnohmofa <==== ATTENTION => not found
C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi <==== ATTENTION => not found
C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nemfjadlboooiffmcelkafilagddogim <==== ATTENTION => not found
"HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\SOFTWARE\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi" => key removed successfully
"HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\SOFTWARE\Google\Chrome\Extensions\nemfjadlboooiffmcelkafilagddogim" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nemfjadlboooiffmcelkafilagddogim" => key removed successfully
C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690} => moved successfully
C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA} => moved successfully
C:\Users\Frank\AppData\Local\e20c610b2a4f1ac126101348f502a05e => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5BB1A6C3-C384-49BF-B0A8-093F899ED1DB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BB1A6C3-C384-49BF-B0A8-093F899ED1DB}" => key removed successfully
C:\WINDOWS\System32\Tasks\ProPCCleaner_Popup => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Popup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8D96AAC7-1AEC-445C-A984-BEAE907C5DCE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D96AAC7-1AEC-445C-A984-BEAE907C5DCE}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Check for updates => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A15FADD9-A8F9-40B0-B3A7-B36B829A65AE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A15FADD9-A8F9-40B0-B3A7-B36B829A65AE}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Scan the system => key not found. 

========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.



========= End of Reg: =========


========= RemoveProxy: =========

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========


=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.8.10586 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========

EmptyTemp: => 68.7 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 14:49:40 ====