Fix result of Farbar Recovery Scan Tool (x64) Version: 19-08-2017
Ran by Bart (19-08-2017 14:50:55) Run:1
Running from C:\Users\Bart\Desktop
Loaded Profiles: Bart (Available Profiles: Bart)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
Task: {5A533448-197A-452B-855A-B45A9D814314} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{4E423159-21E8-43C9-97A5-723E542E003C}.exe <==== ATTENTION
Task: {E693DC6B-53FE-405B-8471-025C5B293491} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {FECC5E8A-E5A7-465F-AF14-7C205080B453} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{CD2B490C-969E-4769-9274-C0802A66C55E}.exe <==== ATTENTION
Task: C:\Windows\Tasks\A0EECDFC-B485-47CA-8AE4-6DB2B0B2691F.job => C:\Program Files (x86)\YueAckU\j45lXIS.dll <==== ATTENTION
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{4E423159-21E8-43C9-97A5-723E542E003C}.exe <==== ATTENTION
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{CD2B490C-969E-4769-9274-C0802A66C55E}.exe <==== ATTENTION
C:\Program Files (x86)\YourFileDownloader
C:\Program Files (x86)\YueAckU
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4238196658-422620013-1050771535-1000\...\Run: [Devisdmo] => C:\Users\Bart\AppData\Roaming\aeev-1-0\espsrv.exe
HKU\S-1-5-21-4238196658-422620013-1050771535-1000\...\Run: [Deviound] => C:\Users\Bart\AppData\Roaming\aeev-1-0\expsroxy.exe
HKU\S-1-5-21-4238196658-422620013-1050771535-1000\...\Run: [svchostwn] => "%SystemRoot%\System32\WScript.exe" "C:\Users\Bart\AppData\Roaming\svchost store files\start64.vbs" //B "%1" %*
HKU\S-1-5-21-4238196658-422620013-1050771535-1000\...\Run: [svchostws] => "%SystemRoot%\System32\WScript.exe" "C:\Users\Bart\AppData\Roaming\svchost local files\start.vbs" //B "%1" %*
AppInit_DLLs: C:\ProgramData\Hotfresh\Toughsoft.dll => C:\ProgramData\Hotfresh\Toughsoft.dll [343552 2017-08-06] ()
Startup: C:\Users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchostwn.vbs [2017-08-09] ()
Startup: C:\Users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchostws.vbs [2017-08-07] ()
C:\Users\Bart\AppData\Roaming\aeev-1-0
C:\Users\Bart\AppData\Roaming\svchost store files
C:\Users\Bart\AppData\Roaming\svchost local files
C:\ProgramData\Hotfresh
C:\Users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchostwn.vbs
C:\Users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchostws.vbs
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Tcpip\..\Interfaces\{96CC1913-6F1B-4B3E-AC07-9DFA56944743}: [NameServer] 82.163.142.8,95.211.158.136
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYvGyvSgUEGR396YOlls81sgcivlf5qUvj6-5-iMFM2KOjiNYR2bp5xIfptIf8ApJs0nPJ_Blx9dAg7k7qZVWDfy8rPSbpncwqu9nWq_t6kyYRtHAAmJSehyWC3w2n2FilVHl5thp5PFSu4yIxAnSmGR8IXlw,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
SearchScopes: HKU\S-1-5-21-4238196658-422620013-1050771535-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={A7837AA3-2B92-4216-A713-670611466DBC}&mid=850056166ce147d0bfc6316fe5f6b463-3201bf0c8793f208631c6fe875066179091793a7&lang=pl&ds=xn011&pr=sa&d=2012-11-30 12:37:40&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4238196658-422620013-1050771535-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
SearchScopes: HKU\S-1-5-21-4238196658-422620013-1050771535-1000 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoGk3GzeHhcr-ccYvGyvSgUEGR396YOlls81sgcivlf5qUvj6-5-iMFM2KOjiNYR2bp5xIfptIf8ApJs0nPJ_Blx9dAg7k7qZVWDfy8rPSbpncwqu9nWq_t6kyYRtHAAmJSehyWC3w2n2FilVHl5thp5PFSu4yIxAnSmGR8IXlw,,&q={searchTerms}
BHO: No Name -> {C0D38E5A-7CF8-4105-8FE8-31B81443A114} -> No File
BHO: No Name -> {F4F34E6A-5C2C-AF27-DA53-C43B16B839D6} -> No File
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: No Name -> {dcfb5bfe-1f58-4b1d-96a7-3c7bbae51b36} -> No File
Toolbar: HKU\S-1-5-21-4238196658-422620013-1050771535-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
S4 backlh; C:\ProgramData\Logic Cramble\set.exe [3780096 2017-08-07] () [File not signed] <==== ATTENTION
R2 RjlvBUc0gHzE Updater; C:\Program Files (x86)\RjlvBUc0gHzE Updater\RjlvBUc0gHzE Updater.exe [313344 2017-08-06] () [File not signed]
S2 Hotfresh; C:\ProgramData\\Hotfresh\\Hotfresh.exe shuz -f "C:\ProgramData\\Hotfresh\\Hotfresh.dat" -l -a
C:\ProgramData\Logic Cramble
C:\Program Files (x86)\RjlvBUc0gHzE Updater
C:\ProgramData\\Hotfresh\
C:\ProgramData\Hotfresh
C:\ProgramData\Hotfreshs
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61120 2014-04-05] (StdLib)
2017-08-07 12:43 - 2017-08-07 12:43 - 000604928 _____ (Reimage) C:\Users\Bart\Downloads\ReimageRepair (1).exe
2017-08-07 11:00 - 2017-08-07 16:37 - 000000140 _____ C:\Windows\Reimage.ini
2017-08-07 11:00 - 2017-08-07 11:00 - 000604928 _____ (Reimage) C:\Users\Bart\Downloads\ReimageRepair.exe
2017-08-06 18:57 - 2017-08-06 18:57 - 000000000 ____D C:\Program Files (x86)\Nine
2017-08-06 18:54 - 2017-08-07 14:34 - 000000000 ____D C:\Program Files (x86)\YueAckU
2017-08-06 18:54 - 2017-08-07 14:34 - 000000000 ____D C:\Program Files (x86)\YtuAskU2
2017-08-06 18:54 - 2017-08-07 14:34 - 000000000 ____D C:\Program Files (x86)\YpuAskUn
2017-08-06 18:54 - 2017-08-07 14:34 - 000000000 ____D C:\Program Files (x86)\YeuAskIE
2017-08-06 18:54 - 2017-08-07 14:34 - 000000000 ____D C:\Program Files (x86)\FastDataX
2017-08-06 18:54 - 2017-08-06 18:54 - 000000000 ____D C:\ProgramData\71ade274-1d13-0
2017-08-06 18:54 - 2017-08-06 18:54 - 000000000 ____D C:\ProgramData\71ade274-1a77-1
2017-08-06 18:53 - 2017-08-06 18:53 - 000000000 ____D C:\ProgramData\4e31fc97-08f5-1
2017-08-06 18:53 - 2017-08-06 18:53 - 000000000 ____D C:\ProgramData\4e31fc97-04a1-0
017-08-06 18:49 - 2017-08-07 12:38 - 000015606 _____ C:\Windows\SysWOW64\findit.xml
2017-08-06 18:49 - 2017-08-06 18:49 - 007324160 _____ () C:\Users\Bart\AppData\Local\agent.dat
2017-08-06 18:49 - 2017-08-06 18:49 - 001899067 _____ () C:\Users\Bart\AppData\Local\Beta-Bam.tst
2017-07-02 10:57 - 2017-07-02 10:57 - 000000000 ____H () C:\Users\Bart\AppData\Local\BIT8812.tmp
2017-08-06 18:49 - 2017-08-06 18:49 - 000070800 _____ () C:\Users\Bart\AppData\Local\Config.xml
2017-08-06 18:48 - 2017-08-06 18:49 - 000016512 _____ () C:\Users\Bart\AppData\Local\InstallationConfiguration.xml
2017-08-06 18:48 - 2017-08-06 18:48 - 000140800 _____ () C:\Users\Bart\AppData\Local\installer.dat
2017-08-06 18:49 - 2017-08-06 18:49 - 001895382 _____ () C:\Users\Bart\AppData\Local\Instrong.bin
2017-08-06 18:49 - 2017-08-06 18:49 - 000018432 _____ () C:\Users\Bart\AppData\Local\Main.dat
2017-08-06 18:49 - 2017-08-06 18:49 - 000005568 _____ () C:\Users\Bart\AppData\Local\md.xml
2017-08-06 18:49 - 2017-08-06 18:49 - 000126464 _____ () C:\Users\Bart\AppData\Local\noah.dat
2017-08-06 18:48 - 2017-08-07 12:38 - 001847296 _____ () C:\Users\Bart\AppData\Local\po.db
2017-08-06 18:49 - 2017-08-06 18:49 - 000278510 _____ () C:\Users\Bart\AppData\Local\Quotesantax.tst
DeleteKey: HKCU\Software\Mozilla
DeleteKey: HKCU\Software\MozillaPlugins
DeleteKey: HKLM\SOFTWARE\Mozilla
DeleteKey: HKLM\SOFTWARE\MozillaPlugins
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Mozilla
DeleteKey: HKLM\SOFTWARE\Wow6432Node\mozilla.org
DeleteKey: HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
C:\Users\Bart\AppData\Local\Mozilla
C:\Users\Bart\AppData\Roaming\Mozilla
C:\Users\Bart\AppData\Roaming\Profiles
C:\Program Files (x86)\Google
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
C:\Users\Bart\AppData\Local\Google
DeleteKey: HKCU\Software\Google
DeleteKey: HKLM\SOFTWARE\Google
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Google
CMD: ipconfig /flushdns
CMD: netsh advfirewall reset
CMD: dir /a "C:\Program Files"
CMD: dir /a "C:\Program Files (x86)"
CMD: dir /a "C:\Program Files\Common Files\System"
CMD: dir /a "C:\Program Files (x86)\Common Files\System"
CMD: dir /a C:\ProgramData
CMD: dir /a C:\Users\Bart\AppData\Local
CMD: dir /a C:\Users\Bart\AppData\LocalLow
CMD: dir /a C:\Users\Bart\AppData\Roaming
EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5A533448-197A-452B-855A-B45A9D814314} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A533448-197A-452B-855A-B45A9D814314} => key removed successfully
C:\Windows\System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-Secure-Search-Update_JUNE2013_HP_rmv => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E693DC6B-53FE-405B-8471-025C5B293491} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E693DC6B-53FE-405B-8471-025C5B293491} => key removed successfully
C:\Windows\System32\Tasks\YourFile DownloaderUpdate => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YourFile DownloaderUpdate => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FECC5E8A-E5A7-465F-AF14-7C205080B453} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FECC5E8A-E5A7-465F-AF14-7C205080B453} => key removed successfully
C:\Windows\System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-Secure-Search-Update_JUNE2013_TB_rmv => key removed successfully
C:\Windows\Tasks\A0EECDFC-B485-47CA-8AE4-6DB2B0B2691F.job => moved successfully
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => moved successfully
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => moved successfully
"C:\Program Files (x86)\YourFileDownloader" => not found.
C:\Program Files (x86)\YueAckU => moved successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key removed successfully
HKU\S-1-5-21-4238196658-422620013-1050771535-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Devisdmo => value removed successfully
HKU\S-1-5-21-4238196658-422620013-1050771535-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Deviound => value removed successfully
HKU\S-1-5-21-4238196658-422620013-1050771535-1000\Software\Microsoft\Windows\CurrentVersion\Run\\svchostwn => value removed successfully
HKU\S-1-5-21-4238196658-422620013-1050771535-1000\Software\Microsoft\Windows\CurrentVersion\Run\\svchostws => value removed successfully
"C:\ProgramData\Hotfresh\Toughsoft.dll" => Value data removed successfully.
C:\Users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchostwn.vbs => moved successfully
C:\Users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchostws.vbs => moved successfully
C:\Users\Bart\AppData\Roaming\aeev-1-0 => moved successfully
C:\Users\Bart\AppData\Roaming\svchost store files => moved successfully
C:\Users\Bart\AppData\Roaming\svchost local files => moved successfully
C:\ProgramData\Hotfresh => moved successfully
"C:\Users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchostwn.vbs" => not found.
"C:\Users\Bart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchostws.vbs" => not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => key removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{96CC1913-6F1B-4B3E-AC07-9DFA56944743}\\NameServer => value removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\ielnksrch => key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => key not found. 
HKU\S-1-5-21-4238196658-422620013-1050771535-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => key removed successfully
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found. 
HKU\S-1-5-21-4238196658-422620013-1050771535-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => key removed successfully
HKLM\Software\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => key not found. 
HKU\S-1-5-21-4238196658-422620013-1050771535-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} => key removed successfully
HKLM\Software\Classes\CLSID\{ielnksrch} => key not found. 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} => key removed successfully
HKLM\Software\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} => key not found. 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4F34E6A-5C2C-AF27-DA53-C43B16B839D6} => key removed successfully
HKLM\Software\Classes\CLSID\{F4F34E6A-5C2C-AF27-DA53-C43B16B839D6} => key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dcfb5bfe-1f58-4b1d-96a7-3c7bbae51b36} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{dcfb5bfe-1f58-4b1d-96a7-3c7bbae51b36} => key not found. 
HKU\S-1-5-21-4238196658-422620013-1050771535-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value removed successfully
HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => key not found. 
HKLM\System\CurrentControlSet\Services\backlh => key removed successfully
backlh => service removed successfully
HKLM\System\CurrentControlSet\Services\RjlvBUc0gHzE Updater => key removed successfully
RjlvBUc0gHzE Updater => service removed successfully
HKLM\System\CurrentControlSet\Services\Hotfresh => key removed successfully
Hotfresh => service removed successfully
C:\ProgramData\Logic Cramble => moved successfully
C:\Program Files (x86)\RjlvBUc0gHzE Updater => moved successfully
"C:\ProgramData\\Hotfresh" => not found.
"C:\ProgramData\Hotfresh" => not found.
C:\ProgramData\Hotfreshs => moved successfully
wStLibG64 => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\wStLibG64 => key removed successfully
wStLibG64 => service removed successfully
C:\Users\Bart\Downloads\ReimageRepair (1).exe => moved successfully
C:\Windows\Reimage.ini => moved successfully
C:\Users\Bart\Downloads\ReimageRepair.exe => moved successfully
C:\Program Files (x86)\Nine => moved successfully
"C:\Program Files (x86)\YueAckU" => not found.
C:\Program Files (x86)\YtuAskU2 => moved successfully
C:\Program Files (x86)\YpuAskUn => moved successfully
C:\Program Files (x86)\YeuAskIE => moved successfully
C:\Program Files (x86)\FastDataX => moved successfully
C:\ProgramData\71ade274-1d13-0 => moved successfully
C:\ProgramData\71ade274-1a77-1 => moved successfully
C:\ProgramData\4e31fc97-08f5-1 => moved successfully
C:\ProgramData\4e31fc97-04a1-0 => moved successfully
017-08-06 18:49 - 2017-08-07 12:38 - 000015606 _____ C:\Windows\SysWOW64\findit.xml => Error: No automatic fix found for this entry.
C:\Users\Bart\AppData\Local\agent.dat => moved successfully
C:\Users\Bart\AppData\Local\Beta-Bam.tst => moved successfully
C:\Users\Bart\AppData\Local\BIT8812.tmp => moved successfully
C:\Users\Bart\AppData\Local\Config.xml => moved successfully
C:\Users\Bart\AppData\Local\InstallationConfiguration.xml => moved successfully
C:\Users\Bart\AppData\Local\installer.dat => moved successfully
C:\Users\Bart\AppData\Local\Instrong.bin => moved successfully
C:\Users\Bart\AppData\Local\Main.dat => moved successfully
C:\Users\Bart\AppData\Local\md.xml => moved successfully
C:\Users\Bart\AppData\Local\noah.dat => moved successfully
C:\Users\Bart\AppData\Local\po.db => moved successfully
C:\Users\Bart\AppData\Local\Quotesantax.tst => moved successfully
HKCU\Software\Mozilla => key not found. 
HKCU\Software\MozillaPlugins => key removed successfully
HKLM\SOFTWARE\Mozilla => key removed successfully
HKLM\SOFTWARE\MozillaPlugins => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Mozilla => key removed successfully
HKLM\SOFTWARE\Wow6432Node\mozilla.org => key not found. 
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins => key removed successfully
"C:\Users\Bart\AppData\Local\Mozilla" => not found.
C:\Users\Bart\AppData\Roaming\Mozilla => moved successfully
"C:\Users\Bart\AppData\Roaming\Profiles" => not found.
C:\Program Files (x86)\Google => moved successfully
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome" => not found.
C:\Users\Bart\AppData\Local\Google => moved successfully
HKCU\Software\Google => key removed successfully
HKLM\SOFTWARE\Google => key not found. 
HKLM\SOFTWARE\Wow6432Node\Google => key removed successfully

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= netsh advfirewall reset =========

Ok.


========= End of CMD: =========


========= dir /a "C:\Program Files" =========

 Volume in drive C has no label.
 Volume Serial Number is E05F-0CF6

 Directory of C:\Program Files

2017-08-18  18:00    <DIR>          .
2017-08-18  18:00    <DIR>          ..
2012-11-29  21:40    <DIR>          ATI
2012-11-29  21:41    <DIR>          ATI Technologies
2017-08-07  14:03    <DIR>          AVAST Software
2016-01-06  22:35    <DIR>          Canon
2016-01-06  22:30    <DIR>          CanonBJ
2016-02-11  16:37    <DIR>          Common Files
2009-07-14  06:54               174 desktop.ini
2013-03-28  12:50    <DIR>          DIFX
2013-09-04  08:20    <DIR>          DivX
2017-03-16  15:08    <DIR>          DVD Maker
2017-08-19  14:17    <DIR>          Internet Explorer
2017-08-18  18:00    <DIR>          Malwarebytes
2011-04-12  10:28    <DIR>          Microsoft Games
2013-04-17  21:51    <DIR>          Microsoft Office
2017-06-14  14:53    <DIR>          Microsoft Silverlight
2009-07-14  07:32    <DIR>          MSBuild
2017-08-18  18:05    <DIR>          Opera
2014-12-15  00:16    <DIR>          Opera x64
2009-07-14  07:32    <DIR>          Reference Assemblies
2009-07-14  07:09    <DIR>          Uninstall Information
2013-07-12  09:21    <DIR>          Windows Defender
2016-05-12  06:47    <DIR>          Windows Journal
2011-04-12  10:17    <DIR>          Windows Mail
2016-10-14  10:06    <DIR>          Windows Media Player
2009-07-14  07:32    <DIR>          Windows NT
2011-04-12  10:17    <DIR>          Windows Photo Viewer
2010-11-21  05:31    <DIR>          Windows Portable Devices
2011-04-12  10:17    <DIR>          Windows Sidebar
2017-08-07  17:02    <DIR>          WinRAR
               1 File(s)            174 bytes
              30 Dir(s)  28˙059˙025˙408 bytes free

========= End of CMD: =========


========= dir /a "C:\Program Files (x86)" =========

 Volume in drive C has no label.
 Volume Serial Number is E05F-0CF6

 Directory of C:\Program Files (x86)

2017-08-19  14:51    <DIR>          .
2017-08-19  14:51    <DIR>          ..
2016-01-06  22:15    <DIR>          Adobe
2012-12-03  15:46    <DIR>          Ahead
2012-12-26  01:28    <DIR>          ALLMediaServer
2012-12-26  01:28    <DIR>          ALLPlayer
2012-11-29  21:41    <DIR>          AMD APP
2012-11-29  21:41    <DIR>          AMD AVT
2012-11-29  21:40    <DIR>          ATI Technologies
2016-01-06  22:36    <DIR>          Canon
2017-08-06  18:49    <DIR>          Common Files
2015-10-16  22:20    <DIR>          Conduit
2013-01-06  00:58    <DIR>          Coupons
2009-07-14  06:54               174 desktop.ini
2013-09-04  08:20    <DIR>          DivX
2013-09-03  13:29    <DIR>          DownLite
2017-08-06  19:09    <DIR>          EnjoyWiFi
2013-08-29  22:53    <DIR>          GOG.com
2014-06-10  19:41    <DIR>          hosts
2014-12-15  00:14    <DIR>          HP
2017-05-08  11:50    <DIR>          InstallShield Installation Information
2017-08-19  14:17    <DIR>          Internet Explorer
2012-11-29  22:30    <DIR>          K-Lite Codec Pack
2015-09-26  15:38    <DIR>          LG Electronics
2013-04-20  04:58    <DIR>          Microsoft
2013-07-09  11:18    <DIR>          Microsoft Office
2017-06-14  14:53    <DIR>          Microsoft Silverlight
2013-04-17  21:53    <DIR>          Microsoft Visual Studio
2013-04-17  21:51    <DIR>          Microsoft Visual Studio 8
2013-04-18  15:46    <DIR>          Microsoft Works
2013-04-17  21:53    <DIR>          Microsoft.NET
2013-09-28  10:42    <DIR>          Mozilla Firefox
2013-04-17  21:53    <DIR>          MSBuild
2013-03-10  11:45    <DIR>          MSECache
2015-09-28  00:28    <DIR>          MSXML 4.0
2012-12-26  01:28    <DIR>          NapiProjekt
2013-03-28  12:50    <DIR>          PC Connectivity Solution
2009-07-14  07:32    <DIR>          Reference Assemblies
2012-11-30  13:38    <DIR>          SopCast
2009-07-14  06:57    <DIR>          Uninstall Information
2013-07-12  09:21    <DIR>          Windows Defender
2011-04-12  10:17    <DIR>          Windows Mail
2016-10-14  10:06    <DIR>          Windows Media Player
2009-07-14  07:32    <DIR>          Windows NT
2011-04-12  10:17    <DIR>          Windows Photo Viewer
2010-11-21  05:31    <DIR>          Windows Portable Devices
2011-04-12  10:17    <DIR>          Windows Sidebar
               1 File(s)            174 bytes
              46 Dir(s)  28˙058˙963˙968 bytes free

========= End of CMD: =========


========= dir /a "C:\Program Files\Common Files\System" =========

 Volume in drive C has no label.
 Volume Serial Number is E05F-0CF6

 Directory of C:\Program Files\Common Files\System

2013-04-18  19:34    <DIR>          .
2013-04-18  19:34    <DIR>          ..
2017-05-11  06:46    <DIR>          ado
2009-07-14  03:40            29˙184 DirectDB.dll
2011-04-12  10:17    <DIR>          en-US
2017-05-11  06:46    <DIR>          msadc
2013-04-18  19:34    <DIR>          Ole DB
2011-10-01  07:45           886˙784 wab32.dll
2009-07-14  03:33         1˙098˙752 wab32res.dll
               3 File(s)      2˙014˙720 bytes
               6 Dir(s)  28˙058˙914˙816 bytes free

========= End of CMD: =========


========= dir /a "C:\Program Files (x86)\Common Files\System" =========

 Volume in drive C has no label.
 Volume Serial Number is E05F-0CF6

 Directory of C:\Program Files (x86)\Common Files\System

2013-04-19  17:28    <DIR>          .
2013-04-19  17:28    <DIR>          ..
2017-05-11  06:46    <DIR>          ado
2009-07-14  03:15            24˙064 DirectDB.dll
2011-04-12  10:17    <DIR>          en-US
2017-05-11  06:46    <DIR>          msadc
2013-04-19  17:28    <DIR>          MSMAPI
2016-02-11  09:23    <DIR>          Ole DB
2011-10-01  06:37           708˙608 wab32.dll
2009-07-14  03:11         1˙098˙752 wab32res.dll
               3 File(s)      1˙831˙424 bytes
               7 Dir(s)  28˙058˙857˙472 bytes free

========= End of CMD: =========


========= dir /a C:\ProgramData =========

 Volume in drive C has no label.
 Volume Serial Number is E05F-0CF6

 Directory of C:\ProgramData

2017-08-19  14:51    <DIR>          .
2017-08-19  14:51    <DIR>          ..
2014-05-02  20:59    <DIR>          5517f37a01699d4d
2016-01-06  22:15    <DIR>          Adobe
2012-11-29  21:41    <DIR>          AMD
2009-07-14  07:08    <JUNCTION>     Application Data [C:\ProgramData]
2012-11-29  23:34    <DIR>          ATI
2017-08-07  14:03    <DIR>          AVAST Software
2014-04-28  11:19    <DIR>          AVG Secure Search
2013-10-21  13:27    <DIR>          Babylon
2012-11-30  11:06    <DIR>          Battle.net
2012-11-30  14:08    <DIR>          Blizzard Entertainment
2015-07-02  23:03    <DIR>          BlueStacksSetup
2015-08-16  11:38    <DIR>          CanonBJ
2016-02-09  11:51    <DIR>          CanonIJPLM
2016-01-06  22:38    <DIR>          CanonIJQuickMenu
2016-01-06  22:35    <DIR>          CanonIJWSpt
2012-11-30  13:37    <DIR>          Common Files
2009-07-14  07:08    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
2013-09-04  08:20    <DIR>          DivX
2009-07-14  07:08    <JUNCTION>     Documents [C:\Users\Public\Documents]
2009-07-14  07:08    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
2013-02-15  09:21    <DIR>          HP
2013-03-28  12:51    <DIR>          IBUpdaterService
2014-05-02  21:03    <DIR>          InstallMate
2015-09-26  14:55    <DIR>          LGMOBILEAX
2017-08-18  18:00    <DIR>          Malwarebytes
2016-01-06  22:16    <DIR>          McAfee
2017-08-07  15:02    <DIR>          Micro Foundation 2
2017-08-06  18:53    <DIR>          Microleaves
2016-11-12  14:29    <DIR>          Microsoft
2017-07-29  01:42    <DIR>          Microsoft Help
2014-05-02  21:03    <DIR>          MiniApp
2017-08-06  18:54               258 ntuser.pol
2014-06-10  20:43    <DIR>          Save! nett
2009-07-14  07:08    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
2017-08-19  14:22    <DIR>          SWCUTemp
2009-07-14  07:08    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
2012-12-26  00:44    <DIR>          WoW Worldwide Software LTD
               1 File(s)            258 bytes
              38 Dir(s)  28˙058˙791˙936 bytes free

========= End of CMD: =========


========= dir /a C:\Users\Bart\AppData\Local =========

 Volume in drive C has no label.
 Volume Serial Number is E05F-0CF6

 Directory of C:\Users\Bart\AppData\Local

2017-08-19  14:51    <DIR>          .
2017-08-19  14:51    <DIR>          ..
2016-01-06  22:17    <DIR>          Adobe
2017-08-06  18:49    <DIR>          AdvinstAnalytics
2012-12-26  01:28    <DIR>          ALLMediaServer
2012-12-26  01:28    <DIR>          ALLPlayer
2012-11-29  20:47    <JUNCTION>     Application Data [C:\Users\Bart\AppData\Local]
2017-08-07  10:54    <DIR>          Apps
2012-11-29  23:34    <DIR>          ATI
2014-04-28  15:19    <DIR>          AVG Secure Search
2016-01-06  22:41    <DIR>          CEF
2014-05-02  20:59    <DIR>          Chromatic Browser
2014-05-02  20:59    <DIR>          Comodo
2012-11-30  13:11    <DIR>          Conduit
2017-08-07  10:56    <DIR>          Deployment
2017-08-07  17:16    <DIR>          Diagnostics
2017-08-19  14:36    <DIR>          ElevatedDiagnostics
2015-07-20  20:46    <DIR>          EmieBrowserModeList
2015-07-20  20:46    <DIR>          EmieSiteList
2015-07-20  20:46    <DIR>          EmieUserList
2017-05-09  08:41           108˙456 GDIPFONTCACHEV1.DAT
2012-11-29  22:40    <DIR>          GHISLER
2012-11-29  20:47    <JUNCTION>     History [C:\Users\Bart\AppData\Local\Microsoft\Windows\History]
2013-01-06  01:02    <DIR>          HP
2017-08-18  18:26         1˙607˙947 IconCache.db
2015-09-26  15:39    <DIR>          LG Electronics
2015-11-17  13:23    <DIR>          Microsoft
2013-11-21  22:46    <DIR>          Microsoft Help
2012-11-29  21:48    <DIR>          Opera
2017-08-07  17:45    <DIR>          Opera Software
2014-05-02  20:58    <DIR>          Packages
2012-11-29  22:27    <DIR>          Programs
2016-02-11  17:12                17 resmon.resmoncfg
2017-08-19  14:24    <DIR>          Spotify
2017-08-19  14:51    <DIR>          Temp
2012-11-29  20:47    <JUNCTION>     Temporary Internet Files [C:\Users\Bart\AppData\Local\Microsoft\Windows\Temporary Internet Files]
2014-05-02  20:59    <DIR>          Torch
2017-08-06  18:49            32˙038 uninstall_temp.ico
2012-11-30  21:45    <DIR>          VirtualStore
2017-07-02  10:56                 0 {BE42B647-6DF2-4C6F-B00F-14AFA7665772}
               5 File(s)      1˙748˙458 bytes
              35 Dir(s)  28˙058˙738˙688 bytes free

========= End of CMD: =========


========= dir /a C:\Users\Bart\AppData\LocalLow =========

 Volume in drive C has no label.
 Volume Serial Number is E05F-0CF6

 Directory of C:\Users\Bart\AppData\LocalLow

2017-08-07  10:22    <DIR>          .
2017-08-07  10:22    <DIR>          ..
2012-12-09  23:00    <DIR>          Adobe
2012-11-30  13:37    <DIR>          AVG Secure Search
2016-01-06  22:35    <DIR>          Canon Easy-WebPrint EX
2016-01-06  22:35    <DIR>          Canon Easy-WebPrint EX2
2012-11-30  12:04    <DIR>          Conduit
2015-07-02  22:07    <DIR>          EmieBrowserModeList
2015-07-02  22:07    <DIR>          EmieSiteList
2015-07-02  22:07    <DIR>          EmieUserList
2013-09-18  15:21    <DIR>          Microsoft
2012-11-30  12:04    <DIR>          Temp
2014-05-02  20:58    <DIR>          {F4F34E6A-5C2C-AF27-DA53-C43B16B839D6}
               0 File(s)              0 bytes
              13 Dir(s)  28˙058˙677˙248 bytes free

========= End of CMD: =========


========= dir /a C:\Users\Bart\AppData\Roaming =========

 Volume in drive C has no label.
 Volume Serial Number is E05F-0CF6

 Directory of C:\Users\Bart\AppData\Roaming

2017-08-19  14:51    <DIR>          .
2017-08-19  14:51    <DIR>          ..
2013-08-29  22:48    <DIR>          3909
2016-01-06  22:38    <DIR>          Adobe
2012-12-03  16:03    <DIR>          Ahead
2012-11-29  23:34    <DIR>          ATI
2017-08-07  14:01    <DIR>          AVAST Software
2012-11-30  12:24    <DIR>          Azureus
2015-08-23  12:31    <DIR>          Canon
2013-09-04  08:20    <DIR>          DivX
2013-09-03  13:25    <DIR>          DownLite
2014-07-17  09:16    <DIR>          Dropbox
2014-07-17  09:16    <DIR>          DropboxMaster
2012-11-29  22:37    <DIR>          GHISLER
2013-01-06  00:58    <DIR>          HpUpdate
2012-11-29  20:47    <DIR>          Identities
2015-09-26  15:42    <DIR>          LG Electronics
2012-11-29  22:27    <DIR>          Macromedia
2011-04-12  10:28    <DIR>          Media Center Programs
2012-11-29  22:30    <DIR>          Media Player Classic
2017-08-06  18:49    <DIR>          Microleaves
2015-11-28  22:04    <DIR>          Microsoft
2012-12-26  01:29    <DIR>          NapiProjekt
2013-03-28  12:53    <DIR>          Nokia
2013-09-03  13:25    <DIR>          OpenCandy
2012-11-29  21:48    <DIR>          Opera
2017-08-07  17:45    <DIR>          Opera Software
2013-03-28  12:52    <DIR>          PC Suite
2013-03-28  12:58    <DIR>          PerformerSoft
2015-11-19  20:09    <DIR>          SecuROM
2017-08-19  14:24    <DIR>          Spotify
2017-08-06  19:02    <DIR>          uTorrent
2012-12-10  15:06    <DIR>          WinRAR
2013-10-21  13:27    <DIR>          YourFileDownloader
               0 File(s)              0 bytes
              34 Dir(s)  28˙058˙554˙368 bytes free

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6036963 B
Java, Flash, Steam htmlcache => 9962 B
Windows/system/drivers => 1818283191 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 98909486 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 78438941 B
systemprofile32 => 8731127 B
LocalService => 132244 B
NetworkService => 380934 B
Bart => 14837940358 B

RecycleBin => 0 B
EmptyTemp: => 15.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:55:13 ====