Fix result of Farbar Recovery Scan Tool (x86) Version: 29-06-2016 Ran by Del (2016-07-01 16:00:59) Run:1 Running from C:\Users\Del\Desktop Loaded Profiles: Del (Available Profiles: Del & Yvonne) Boot Mode: Normal ============================================== fixlist content: ***************** HKLM\...\Run: [SpeedZooka Scheduler] => C:\Program Files\SpeedZooka\SpeedZookaScheduler.exe HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation) HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] <==== ATTENTION AppInit_DLLs: C:\PROGRA~1\Sophos\SOPHOS~1\sophos_detoured.dll => No File AppInit_DLLs: LL => No File SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF HKU\S-1-5-21-2568410734-3031030142-1223416489-1001\...\Firefox\Extensions: [7go02@7go.com] - C:\Users\Del\AppData\Roaming\Mozilla\Extensions\7go02@7go.com R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation) S2 Seagate Sync Service; "C:\Program Files\Seagate\Sync\SeaSyncServices.exe" [X] S3 WsDrvInst; "C:\Program Files\Wondershare\MobileTrans\DriverInstall.exe" [X] R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation) R3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2011-05-31] (RealVNC Ltd.) Task: {2BD69B71-B84A-4531-BF0D-2B5FED4B4043} - System32\Tasks\SpeedFixToolPro_Popup => C:\Program Files\Speed Fix Tool Pro\Splash.exe Task: {E66F3A92-1D1D-4E42-9FAE-4AB2A6B6436C} - System32\Tasks\SpeedFixToolPro_Start => C:\Program Files\Speed Fix Tool Pro\SpeedFixToolPro.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe AlternateDataStreams: C:\Users\Del\Desktop\passport Y.jpeg:3or4kl4x13tuuug3Byamue2s4b [87] AlternateDataStreams: C:\Users\Yvonne\Desktop\specs.jpeg:3or4kl4x13tuuug3Byamue2s4b [87] C:\Windows\System32\VNCpm.dll REG: reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows" /s CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" ***************** HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpeedZooka Scheduler => value removed successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MSC => value not found. HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32\\Default => value restored successfully "C:\PROGRA~1\Sophos\SOPHOS~1\sophos_detoured.dll" => Value data removed successfully.. "LL" => Value data removed successfully.. HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully. HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully. HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully. HKU\S-1-5-21-2568410734-3031030142-1223416489-1001\Software\Mozilla\Firefox\Extensions\\7go02@7go.com => value removed successfully. MsMpSvc => service not found. NisSrv => service not found. Seagate Sync Service => service removed successfully. WsDrvInst => service removed successfully. MpFilter => service not found. vncmirror => Unable to stop service. vncmirror => service removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BD69B71-B84A-4531-BF0D-2B5FED4B4043}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BD69B71-B84A-4531-BF0D-2B5FED4B4043}" => key removed successfully. C:\Windows\System32\Tasks\SpeedFixToolPro_Popup => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpeedFixToolPro_Popup" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E66F3A92-1D1D-4E42-9FAE-4AB2A6B6436C}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E66F3A92-1D1D-4E42-9FAE-4AB2A6B6436C}" => key removed successfully. C:\Windows\System32\Tasks\SpeedFixToolPro_Start => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpeedFixToolPro_Start" => key removed successfully. C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully "C:\Users\Del\Desktop\passport Y.jpeg" => ":3or4kl4x13tuuug3Byamue2s4b" ADS not found. "C:\Users\Yvonne\Desktop\specs.jpeg" => ":3or4kl4x13tuuug3Byamue2s4b" ADS not found. C:\Windows\System32\VNCpm.dll => moved successfully ========= reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows" /s ========= HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows IconServiceLib REG_SZ IconCodecService.dll DdeSendTimeout REG_DWORD 0x0 DesktopHeapLogging REG_DWORD 0x1 GDIProcessHandleQuota REG_DWORD 0x2710 ShutdownWarningDialogTimeout REG_DWORD 0xffffffff USERNestedWindowLimit REG_DWORD 0x32 USERPostMessageLimit REG_DWORD 0x2710 USERProcessHandleQuota REG_DWORD 0x2710 (Default) REG_SZ mnmsrvc DeviceNotSelectedTimeout REG_SZ 15 Spooler REG_SZ yes TransmissionRetryTimeout REG_SZ 90 RequireSignedAppInit_DLLs REG_DWORD 0x1 AppInit_DLLs REG_SZ LoadAppInit_DLLs REG_DWORD 0x1 ========= End of Reg: ========= ========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" ========= ========= End of CMD: ========= The system needed a reboot. ==== End of Fixlog 16:01:28 ====