Post by christina on Jul 27, 2015 23:14:47 GMT -8
Fix result of Farbar Recovery Scan Tool (x64) Version:26-07-2015
Ran by Christina at 2015-07-28 19:10:20 Run:2
Running from C:\Users\Christina\Desktop
Loaded Profiles: Christina (Available Profiles: roobarb & Christina & Amelia & Levi & Guest)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
[-HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}]
[-HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{994A4DA1-1FFD-44CD-8C90-6CE0D1331EA7}]
[-HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\PERFORMERSOFT\PC Performer]
[-HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\PERFORMERSOFT LLC\Video Performer]
[-HKU\S-1-5-21-312760304-1295043521-704437419-1002\SOFTWARE\APPDATALOW\SOFTWARE\GenericAddon]
REG: reg delete HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS /v speedtest199@BestOffers /f
C:\Users\roobarb\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers
REG: reg delete HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS /v freegames197@BestOffers /f
C:\Users\roobarb\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers
REG: reg add "HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN" /v Search Bar /d www.google.com /f
REG: reg add "HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL" /v Default /d www.google.com /f
C:\Program Files (x86)\Common Files\Config
C:\Users\roobarb\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers
C:\Users\roobarb\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers
C:\Users\Public\4A921F6103834B23B0A5E776BCB04E40\setup.exe
C:\Users\Public\9D5627C518574E4D8B6FF9F7F6400812\setup.exe
C:\Windows\Installer\MSI6A51.tmp
C:\Windows\Installer\MSI85DB.tmp
C:\Program Files (x86)\Common Files\Config\ver.xml
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
CMD: bitsadmin /reset /allusers
RemoveProxy:
EmptyTemp:
Reboot:
end
*****************
Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => key not found.
HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} => key not found.
HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{994A4DA1-1FFD-44CD-8C90-6CE0D1331EA7} => key removed successfully
HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\PERFORMERSOFT\PC Performer => key not found.
HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\PERFORMERSOFT LLC\Video Performer => key not found.
HKU\S-1-5-21-312760304-1295043521-704437419-1002\SOFTWARE\APPDATALOW\SOFTWARE\GenericAddon => key removed successfully
========= reg delete HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS /v speedtest199@BestOffers /f =========
ERROR: The system was unable to find the specified registry key or value.
========= End of Reg: =========
C:\Users\roobarb\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers => moved successfully.
========= reg delete HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS /v freegames197@BestOffers /f =========
ERROR: The system was unable to find the specified registry key or value.
========= End of Reg: =========
C:\Users\roobarb\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers => moved successfully.
========= reg add "HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN" /v Search Bar /d www.google.com /f =========
ERROR: Invalid syntax.
Type "REG ADD /?" for usage.
========= End of Reg: =========
========= reg add "HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL" /v Default /d www.google.com /f =========
ERROR: The parameter is incorrect.
========= End of Reg: =========
C:\Program Files (x86)\Common Files\Config => moved successfully.
"C:\Users\roobarb\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers" => File/Folder not found.
"C:\Users\roobarb\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers" => File/Folder not found.
C:\Users\Public\4A921F6103834B23B0A5E776BCB04E40\setup.exe => moved successfully.
C:\Users\Public\9D5627C518574E4D8B6FF9F7F6400812\setup.exe => moved successfully.
C:\Windows\Installer\MSI6A51.tmp => moved successfully.
C:\Windows\Installer\MSI85DB.tmp => moved successfully.
"C:\Program Files (x86)\Common Files\Config\ver.xml" => File/Folder not found.
========= ipconfig /flushdns =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
========= netsh advfirewall reset =========
Ok.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state on =========
Ok.
========= End of CMD: =========
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
The operation completed successfully.
========= End of Reg: =========
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
The operation completed successfully.
========= End of Reg: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
{41564B42-6138-470D-99AC-BAEB66BFF5AC} canceled.
1 out of 1 jobs canceled.
========= End of CMD: =========
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-312760304-1295043521-704437419-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-312760304-1295043521-704437419-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
========= End of RemoveProxy: =========
EmptyTemp: => 131.5 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 19:10:35 ====
Ran by Christina at 2015-07-28 19:10:20 Run:2
Running from C:\Users\Christina\Desktop
Loaded Profiles: Christina (Available Profiles: roobarb & Christina & Amelia & Levi & Guest)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
[-HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}]
[-HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{994A4DA1-1FFD-44CD-8C90-6CE0D1331EA7}]
[-HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\PERFORMERSOFT\PC Performer]
[-HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\PERFORMERSOFT LLC\Video Performer]
[-HKU\S-1-5-21-312760304-1295043521-704437419-1002\SOFTWARE\APPDATALOW\SOFTWARE\GenericAddon]
REG: reg delete HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS /v speedtest199@BestOffers /f
C:\Users\roobarb\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers
REG: reg delete HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS /v freegames197@BestOffers /f
C:\Users\roobarb\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers
REG: reg add "HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN" /v Search Bar /d www.google.com /f
REG: reg add "HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL" /v Default /d www.google.com /f
C:\Program Files (x86)\Common Files\Config
C:\Users\roobarb\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers
C:\Users\roobarb\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers
C:\Users\Public\4A921F6103834B23B0A5E776BCB04E40\setup.exe
C:\Users\Public\9D5627C518574E4D8B6FF9F7F6400812\setup.exe
C:\Windows\Installer\MSI6A51.tmp
C:\Windows\Installer\MSI85DB.tmp
C:\Program Files (x86)\Common Files\Config\ver.xml
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
CMD: bitsadmin /reset /allusers
RemoveProxy:
EmptyTemp:
Reboot:
end
*****************
Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => key not found.
HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} => key not found.
HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{994A4DA1-1FFD-44CD-8C90-6CE0D1331EA7} => key removed successfully
HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\PERFORMERSOFT\PC Performer => key not found.
HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\PERFORMERSOFT LLC\Video Performer => key not found.
HKU\S-1-5-21-312760304-1295043521-704437419-1002\SOFTWARE\APPDATALOW\SOFTWARE\GenericAddon => key removed successfully
========= reg delete HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS /v speedtest199@BestOffers /f =========
ERROR: The system was unable to find the specified registry key or value.
========= End of Reg: =========
C:\Users\roobarb\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers => moved successfully.
========= reg delete HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS /v freegames197@BestOffers /f =========
ERROR: The system was unable to find the specified registry key or value.
========= End of Reg: =========
C:\Users\roobarb\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers => moved successfully.
========= reg add "HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN" /v Search Bar /d www.google.com /f =========
ERROR: Invalid syntax.
Type "REG ADD /?" for usage.
========= End of Reg: =========
========= reg add "HKU\S-1-5-21-312760304-1295043521-704437419-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL" /v Default /d www.google.com /f =========
ERROR: The parameter is incorrect.
========= End of Reg: =========
C:\Program Files (x86)\Common Files\Config => moved successfully.
"C:\Users\roobarb\AppData\Roaming\Mozilla\Extensions\freegames197@BestOffers" => File/Folder not found.
"C:\Users\roobarb\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers" => File/Folder not found.
C:\Users\Public\4A921F6103834B23B0A5E776BCB04E40\setup.exe => moved successfully.
C:\Users\Public\9D5627C518574E4D8B6FF9F7F6400812\setup.exe => moved successfully.
C:\Windows\Installer\MSI6A51.tmp => moved successfully.
C:\Windows\Installer\MSI85DB.tmp => moved successfully.
"C:\Program Files (x86)\Common Files\Config\ver.xml" => File/Folder not found.
========= ipconfig /flushdns =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
========= netsh advfirewall reset =========
Ok.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state on =========
Ok.
========= End of CMD: =========
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
The operation completed successfully.
========= End of Reg: =========
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
The operation completed successfully.
========= End of Reg: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
{41564B42-6138-470D-99AC-BAEB66BFF5AC} canceled.
1 out of 1 jobs canceled.
========= End of CMD: =========
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-312760304-1295043521-704437419-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-312760304-1295043521-704437419-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
========= End of RemoveProxy: =========
EmptyTemp: => 131.5 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 19:10:35 ====