Fix result of Farbar Recovery Scan Tool (x64) Version: 08-10-2017Ran by BODION

1. Fix result of Farbar Recovery Scan Tool (x64) Version: 08-10-2017
2. Ran by BODIONGAN (10-10-2017 22:35:09) Run:2
3. Running from C:\Users\BODIONGAN\Dropbox\Desktop\solution
4. Loaded Profiles: BODIONGAN (Available Profiles: BODIONGAN & ed)
5. Boot Mode: Normal
6. ==============================================
7.  
8. fixlist content:
9. *****************
10. CloseProcesses:
11. CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
12. CHR DefaultSearchKeyword: Default -> Yahoo
13. CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
14. CHR Extension: (Movies Toolbar) - C:\Users\BODIONGAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajhegnoacmkmglfacmbbhpoadcdkh [2017-05-23] [UpdateUrl: hxxp://apnmedia.ask.com/media/toolbar/everest/partners/SVI2-DTX/YY/update.xml] <==== ATTENTION
15. CHR Extension: (Movies Toolbar) - C:\Users\BODIONGAN\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aaaajhegnoacmkmglfacmbbhpoadcdkh [2016-10-06] [UpdateUrl: hxxp://apnmedia.ask.com/media/toolbar/everest/partners/SVI2-DTX/YY/update.xml] <==== ATTENTION
16. CHR Extension: (Yahoo Web) - C:\Users\BODIONGAN\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\eedgghdcpmmmilkmfpnklknlenbiolec [2016-10-06]
17. CHR Extension: (Yahoo Web) - C:\Users\BODIONGAN\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2016-10-06]
18. CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\BODIONGAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx <not found>
19. CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\BODIONGAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma.crx <not found>
20. CHR HKLM-x32\...\Chrome\Extension: [aaaajhegnoacmkmglfacmbbhpoadcdkh] - C:\Users\BODIONGAN\AppData\Local\savevidmoviestoolbarha\GC\toolbar.crx [2013-08-29]
21. CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
22. CHR HKLM-x32\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\BODIONGAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx <not found>
23. FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
24. FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\BODIONGAN\AppData\Roaming\Mozilla\Firefox\Profiles\jhkwzk4n.default\extensions\detgdp@gmail.com => not found
25. FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
26. BHO: DownnloaD keeeeperi -> {EEB8706C-601F-C069-799C-BF02A7AF8031} -> No File
27. HKU\S-1-5-21-1980599891-4258201064-1316590169-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ph.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
28. SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
29. SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
30. SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=0&systemid=405&v=u11205-241&apn_uid=2130223631114446&apn_dtid=BND405&o=APN10647&apn_ptnrs=AG8&q={searchTerms}
31. SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=25&systemid=406&v=a13251-241&apn_uid=2130223631114446&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
32. SearchScopes: HKLM-x32 -> DefaultScope value is missing
33. SearchScopes: HKU\S-1-5-21-1980599891-4258201064-1316590169-1000 -> DefaultScope {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
34. SearchScopes: HKU\S-1-5-21-1980599891-4258201064-1316590169-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
35. SearchScopes: HKU\S-1-5-21-1980599891-4258201064-1316590169-1000 -> {89871ED8-082F-4EF9-8DBB-A6C86040DEAA} URL = hxxps://ph.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
36. HKU\S-1-5-21-1980599891-4258201064-1316590169-1000\...\MountPoints2: I - I:\Setup.exe /s
37. HKU\S-1-5-21-1980599891-4258201064-1316590169-1000\...\MountPoints2: {17879d87-d974-11e6-83db-00acc484b9fa} - D:\Setup.exe /s
38. HKU\S-1-5-21-1980599891-4258201064-1316590169-1000\...\MountPoints2: {17879daf-d974-11e6-83db-00acc484b9fa} - I:\Setup.exe /s
39. HKU\S-1-5-21-1980599891-4258201064-1316590169-1000\...\MountPoints2: {c8bae772-44ff-11e3-a83b-f46d04d9d562} - I:\Autorun.exe
40. HKU\S-1-5-21-1980599891-4258201064-1316590169-1000\...\MountPoints2: {cb3fc0f2-6018-11e4-81c0-f46d04d9d562} - D:\AutoRun.exe
41. FirewallRules: [{10309980-C7C1-4512-A1A5-7A3E08351338}] => (Allow) C:\Users\BODIONGAN\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe
42. FirewallRules: [{D37DDD03-A589-4890-B78E-7570BB15C2B9}] => (Allow) C:\Users\BODIONGAN\AppData\Local\iLivid\iLivid.exe
43. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-10-04]
44. ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.)
45. FirewallRules: [{F8D1576A-0897-4EF6-B543-B01359367812}] => (Allow) C:\Users\BODIONGAN\AppData\Local\iLivid\iLivid.exe
46. EmptyTemp:
47. *****************
48.  
49. Processes closed successfully.
50. Chrome DefaultSearchURL => removed successfully
51. Chrome DefaultSearchKeyword => removed successfully
52. Chrome DefaultSuggestURL => removed successfully
53. CHR Extension: (Movies Toolbar) - C:\Users\BODIONGAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajhegnoacmkmglfacmbbhpoadcdkh [2017-05-23] [UpdateUrl: hxxp://apnmedia.ask.com/media/toolbar/everest/partners/SVI2-DTX/YY/update.xml] <==== ATTENTION => Error: No automatic fix found for this entry.
54. CHR Extension: (Movies Toolbar) - C:\Users\BODIONGAN\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aaaajhegnoacmkmglfacmbbhpoadcdkh [2016-10-06] [UpdateUrl: hxxp://apnmedia.ask.com/media/toolbar/everest/partners/SVI2-DTX/YY/update.xml] <==== ATTENTION => Error: No automatic fix found for this entry.
55. CHR Extension: (Yahoo Web) - C:\Users\BODIONGAN\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\eedgghdcpmmmilkmfpnklknlenbiolec [2016-10-06] => Error: No automatic fix found for this entry.
56. CHR Extension: (Yahoo Web) - C:\Users\BODIONGAN\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2016-10-06] => Error: No automatic fix found for this entry.
57. HKLM\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh => key removed successfully
58. HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma => key removed successfully
59. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaajhegnoacmkmglfacmbbhpoadcdkh => key removed successfully
60. C:\Users\BODIONGAN\AppData\Local\savevidmoviestoolbarha\GC\toolbar.crx => moved successfully
61. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eedgghdcpmmmilkmfpnklknlenbiolec => key removed successfully
62. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh => key removed successfully
63. HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully
64. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\detgdp@gmail.com => value removed successfully
65. HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully
66. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEB8706C-601F-C069-799C-BF02A7AF8031} => key removed successfully
67. HKLM\Software\Classes\CLSID\{EEB8706C-601F-C069-799C-BF02A7AF8031} => key removed successfully
68. HKU\S-1-5-21-1980599891-4258201064-1316590169-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
69. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
70. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key removed successfully
71. HKLM\Software\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
72. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} => key removed successfully
73. HKLM\Software\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} => key not found.
74. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => key removed successfully
75. HKLM\Software\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => key not found.
76. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
77. HKU\S-1-5-21-1980599891-4258201064-1316590169-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
78. HKU\S-1-5-21-1980599891-4258201064-1316590169-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{85A60A59-D3D8-468F-B598-FB4393789EF4} => key removed successfully
79. HKLM\Software\Classes\CLSID\{85A60A59-D3D8-468F-B598-FB4393789EF4} => key not found.
80. HKU\S-1-5-21-1980599891-4258201064-1316590169-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{89871ED8-082F-4EF9-8DBB-A6C86040DEAA} => key removed successfully
81. HKLM\Software\Classes\CLSID\{89871ED8-082F-4EF9-8DBB-A6C86040DEAA} => key not found.
82. HKU\S-1-5-21-1980599891-4258201064-1316590169-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I => key removed successfully
83. HKU\S-1-5-21-1980599891-4258201064-1316590169-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{17879d87-d974-11e6-83db-00acc484b9fa} => key removed successfully
84. HKLM\Software\Classes\CLSID\{17879d87-d974-11e6-83db-00acc484b9fa} => key not found.
85. HKU\S-1-5-21-1980599891-4258201064-1316590169-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{17879daf-d974-11e6-83db-00acc484b9fa} => key removed successfully
86. HKLM\Software\Classes\CLSID\{17879daf-d974-11e6-83db-00acc484b9fa} => key not found.
87. HKU\S-1-5-21-1980599891-4258201064-1316590169-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c8bae772-44ff-11e3-a83b-f46d04d9d562} => key removed successfully
88. HKLM\Software\Classes\CLSID\{c8bae772-44ff-11e3-a83b-f46d04d9d562} => key not found.
89. HKU\S-1-5-21-1980599891-4258201064-1316590169-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb3fc0f2-6018-11e4-81c0-f46d04d9d562} => key removed successfully
90. HKLM\Software\Classes\CLSID\{cb3fc0f2-6018-11e4-81c0-f46d04d9d562} => key not found.
91. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{10309980-C7C1-4512-A1A5-7A3E08351338} => value removed successfully
92. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D37DDD03-A589-4890-B78E-7570BB15C2B9} => value removed successfully
93. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => moved successfully
94. C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe => moved successfully
95. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F8D1576A-0897-4EF6-B543-B01359367812} => value removed successfully
96.  
97. =========== EmptyTemp: ==========
98.  
99. BITS transfer queue => 8388608 B
100. DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14390148 B
101. Java, Flash, Steam htmlcache => 343 B
102. Windows/system/drivers => 3844 B
103. Edge => 0 B
104. Chrome => 190448406 B
105. Firefox => 0 B
106. Opera => 0 B
107.  
108. Temp, IE cache, history, cookies, recent:
109. Users => 0 B
110. Default => 0 B
111. Public => 0 B
112. ProgramData => 0 B
113. systemprofile => 0 B
114. systemprofile32 => 0 B
115. LocalService => 0 B
116. NetworkService => 5314 B
117. BODIONGAN => 11620164 B
118. weeee => 0 B
119. ed => 0 B
120.  
121. RecycleBin => 303104 B
122. EmptyTemp: => 214.7 MB temporary data Removed.
123.  
124. ================================
125.  
126.  
127. The system needed a reboot.
128.  
129. ==== End of Fixlog 22:35:36 ====