Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018 Ran by Norma (11-04-2018 08:28:27) Run:1 Running from C:\Users\Norma\Desktop Loaded Profiles: Norma (Available Profiles: Norma) Boot Mode: Normal ============================================== fixlist content: ***************** start CloseProcesses: CreateRestorePoint: HKLM-x32\...\Run: [] => [X] CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION URLSearchHook: HKU\S-1-5-21-2524362192-1030358035-3349164945-1001 - (No Name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No File SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes:HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2524362192-1030358035-3349164945-1001 -> {C7D11109-9DB6-4F16-BF00-D3877CF4895A} URL = BHO: No Name -> {BAC72C85-CEC6-4B86-AF06-FA20C259FAB8} -> No File BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File BHO-x32: No Name -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> No File Toolbar: HKU\S-1-5-21-2524362192-1030358035-3349164945-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKU\S-1-5-21-2524362192-1030358035-3349164945-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File Toolbar: HKU\S-1-5-21-2524362192-1030358035-3349164945-1001 -> No Name - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - No File Toolbar: HKU\S-1-5-21-2524362192-1030358035-3349164945-1001 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?tpid=ORJ&o=100000031&pf=V5&p2=%5ETV%5EOSJ000%5EYY%5EUS&gct=&itbv=12.10.3.24&doi=2014-02-04&apn_uid=74D8080F-3096-45F9-A138-67D67895FCF2&apn_ptnrs=%5ETV&apn_dtid=%5EOSJ000%5EYY%5EUS&apn_dbr=ie_8.0.7601.17514&psv=&trgb=ALL&q={searchTerms} CHR DefaultSearchKeyword: Default -> ask search AlternateDataStreams: C:\Users\Norma\Desktop\Facebook.website:TASKICON_0news-1751121550 [2302] AlternateDataStreams: C:\Users\Norma\Desktop\Facebook.website:TASKICON_1messages-431041656 [2302] AlternateDataStreams: C:\Users\Norma\Desktop\Facebook.website:TASKICON_2events-250898981 [2302] AlternateDataStreams: C:\Users\Norma\Desktop\Facebook.website:TASKICON_3friends-215113587 [2302] AlternateDataStreams: C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_0news-1751121550 [2302] AlternateDataStreams: C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_1messages-431041656 [2302] AlternateDataStreams: C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_2events-250898981 [2302] AlternateDataStreams: C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_3friends-215113587 [2302] CMD: bitsadmin /reset /allusers CMD: netsh winsock reset catalog CMD: ipconfig /flushdns Emptytemp: ***************** Processes closed successfully. Restore point was successfully created. "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully "HKLM\SOFTWARE\Policies\Google" => removed successfully "HKU\S-1-5-21-2524362192-1030358035-3349164945-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}" => removed successfully "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found SearchScopes:HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = => Error: No automatic fix found for this entry. "HKU\S-1-5-21-2524362192-1030358035-3349164945-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C7D11109-9DB6-4F16-BF00-D3877CF4895A}" => removed successfully HKLM\Software\Classes\CLSID\{C7D11109-9DB6-4F16-BF00-D3877CF4895A} => not found "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}" => removed successfully HKLM\Software\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8} => not found "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}" => removed successfully HKLM\Software\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} => not found "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}" => removed successfully HKLM\Software\Wow6432Node\Classes\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} => not found "HKU\S-1-5-21-2524362192-1030358035-3349164945-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068}" => removed successfully HKLM\Software\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => not found "HKU\S-1-5-21-2524362192-1030358035-3349164945-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => removed successfully HKLM\Software\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => not found "HKU\S-1-5-21-2524362192-1030358035-3349164945-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}" => removed successfully HKLM\Software\Classes\CLSID\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} => not found "HKU\S-1-5-21-2524362192-1030358035-3349164945-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}" => removed successfully HKLM\Software\Classes\CLSID\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} => not found "Chrome DefaultSearchURL" => removed successfully "Chrome DefaultSearchKeyword" => removed successfully C:\Users\Norma\Desktop\Facebook.website => ":TASKICON_0news-1751121550" ADS removed successfully C:\Users\Norma\Desktop\Facebook.website => ":TASKICON_1messages-431041656" ADS removed successfully C:\Users\Norma\Desktop\Facebook.website => ":TASKICON_2events-250898981" ADS removed successfully C:\Users\Norma\Desktop\Facebook.website => ":TASKICON_3friends-215113587" ADS removed successfully C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website => ":TASKICON_0news-1751121550" ADS removed successfully C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website => ":TASKICON_1messages-431041656" ADS removed successfully C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website => ":TASKICON_2events-250898981" ADS removed successfully C:\Users\Norma\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website => ":TASKICON_3friends-215113587" ADS removed successfully ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.5.7601 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. {1D7AB6A8-106E-4615-AA83-5121DCF445DA} canceled. 1 out of 1 jobs canceled. ========= End of CMD: ========= ========= netsh winsock reset catalog ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 65531616 B Java, Flash, Steam htmlcache => 15799 B Windows/system/drivers => 8005648 B Edge => 0 B Chrome => 290279216 B Firefox => 454834139 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 66228 B Public => 0 B ProgramData => 0 B systemprofile => 4520487 B systemprofile32 => 50582389 B LocalService => 132244 B NetworkService => 66240 B Norma => 196137815 B RecycleBin => 3153 B EmptyTemp: => 1 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 08:35:29 ====