Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2015 Ran by Robert at 2015-01-24 11:18:55 Run:1 Running from C:\Users\Robert\Desktop\SKAN Loaded Profiles: Robert (Available profiles: Robert) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: CreateRestorePoint: R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [464384 2015-01-17] (SysTool PasSame LIMITED) [File not signed] S1 ccnfd_1_10_0_6; system32\drivers\ccnfd_1_10_0_6.sys [X] S3 MSICDSetup; \??\G:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\G:\NTIOLib_X64.sys [X] CHR StartupUrls: Default -> "hxxp://myhome.vi-view.com/?type=hp&ts=1421534747&from=cor&uid=ST500DM002-1BD142_Z3TRA7MMXXXXZ3TRA7MM" HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://myhome.vi-view.com/web/?type=ds&ts=1421534747&from=cor&uid=ST500DM002-1BD142_Z3TRA7MMXXXXZ3TRA7MM&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://myhome.vi-view.com/web/?type=ds&ts=1421534747&from=cor&uid=ST500DM002-1BD142_Z3TRA7MMXXXXZ3TRA7MM&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-806157391-4031164684-680537714-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms} HKU\S-1-5-21-806157391-4031164684-680537714-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006 HKU\S-1-5-21-806157391-4031164684-680537714-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006 SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-806157391-4031164684-680537714-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-806157391-4031164684-680537714-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://myhome.vi-view.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST500DM002-1BD142_Z3TRA7MMXXXXZ3TRA7MM&ts=1421534795&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-806157391-4031164684-680537714-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://myhome.vi-view.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST500DM002-1BD142_Z3TRA7MMXXXXZ3TRA7MM&ts=1421534795&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-806157391-4031164684-680537714-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://myhome.vi-view.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST500DM002-1BD142_Z3TRA7MMXXXXZ3TRA7MM&ts=1421534795&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-806157391-4031164684-680537714-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms} BHO-x32: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> No File BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File C:\Program Files (x86)\XTab C:\ProgramData\IHProtectUpDate C:\ProgramData\WindowsMangerProtect C:\Users\Robert\AppData\Roaming\vi-view C:\Users\Robert\Documents\PC Speed Maximizer EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. WindowsMangerProtect => Service deleted successfully. ccnfd_1_10_0_6 => Service deleted successfully. MSICDSetup => Service deleted successfully. NTIOLib_1_0_C => Service deleted successfully. Chrome StartupUrls deleted successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKU\S-1-5-21-806157391-4031164684-680537714-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKU\S-1-5-21-806157391-4031164684-680537714-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKU\S-1-5-21-806157391-4031164684-680537714-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => Key deleted successfully. HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => Key not found. HKU\S-1-5-21-806157391-4031164684-680537714-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. "HKU\S-1-5-21-806157391-4031164684-680537714-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully. HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. "HKU\S-1-5-21-806157391-4031164684-680537714-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}" => Key deleted successfully. HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => Key not found. "HKU\S-1-5-21-806157391-4031164684-680537714-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}" => Key deleted successfully. HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => Key not found. "HKU\S-1-5-21-806157391-4031164684-680537714-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => Key deleted successfully. HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => Key not found. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}" => Key deleted successfully. HKCR\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} => Key not found. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully. HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully. HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found. C:\Program Files (x86)\XTab => Moved successfully. C:\ProgramData\IHProtectUpDate => Moved successfully. C:\ProgramData\WindowsMangerProtect => Moved successfully. C:\Users\Robert\AppData\Roaming\vi-view => Moved successfully. C:\Users\Robert\Documents\PC Speed Maximizer => Moved successfully. EmptyTemp: => Removed 72.7 MB temporary data. The system needed a reboot. ==== End of Fixlog 11:19:06 ====