Fix result of Farbar Recovery Scan Tool (x64) Version: 13-07-2016 02
Ran by Michal (2016-07-15 17:16:47) Run:1
Running from C:\Users\Michal\Downloads
Loaded Profiles: Michal (Available Profiles: Michal)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-2786685492-2715245155-4169903166-1001\...\Run: [GoogleChromeAutoLaunch_DA6047B3B86664256918EFEC7695FF7C] => C:\Users\Michal\AppData\Local\Chromium\Application\chrome.exe [667136 2015-08-11] (The Chromium Authors)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
Task: {0B03F36F-5670-49FA-B021-843B691F1629} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {6B464D65-73C8-468B-B3EB-B502CF0E2A0B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {7DE5B2F8-CDEA-43C3-86EE-941B1C8C6C9C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {9817673C-9679-4B35-9631-0CE0771E2380} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A6902DE0-3715-47E4-9579-CF3DB856BBFF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A813CD6D-494A-4803-9B3D-1EBC7E136EED} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {BAA6ED81-2B71-4B1E-9EB9-304F456BE1FD} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {BE835AEB-3DDB-406F-B64C-C0BF6E8F9C20} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C56F5816-D5B6-4BFA-8254-A644DB9A88A7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {CCD771C1-45BA-47AA-988D-3425FCD81801} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D1CEEB37-DC7F-4291-B53D-6E89668C8C87} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EC591612-659B-4572-8261-59469F0AD277} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Tcpip\..\Interfaces\{622ce1b9-1a88-4744-b292-769129e61f49}: [DhcpNameServer] 150.212.1.3
IE trusted site: HKU\S-1-5-21-2786685492-2715245155-4169903166-1001\...\hola.org -> hxxp://hola.org
SearchScopes: HKLM -> DefaultScope {CE9351DF-0B9F-416D-B488-242CC4CE8BFE} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ab8f7d5b&q={searchTerms}
SearchScopes: HKLM -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-32b9a2ed&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2786685492-2715245155-4169903166-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ab8f7d5b&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2786685492-2715245155-4169903166-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-ab8f7d5b&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2786685492-2715245155-4169903166-1001 -> {29BAC421-4446-4903-91EE-19B37FE9EEAF} URL = hxxps://uk.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-2786685492-2715245155-4169903166-1001 -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-32b9a2ed&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FF DefaultSearchEngine: Search Provided by Bing
FF SelectedSearchEngine: Search Provided by Bing
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
StartMenuInternet: FIREFOX.EXE - firefox.exe
DeleteKey: HKU\.DEFAULT\Software\MozillaPlugins
Reg: reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /f
Reg: reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /ve /t REG_SZ /d Bing /f
Reg: reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v URL /t REG_SZ /d "http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" /f
C:\ProgramData\mntemp
C:\ProgramData\Temp
C:\Users\Michal\AppData\Local\{9A42AC1E-BEEA-C0A6-D372-E54EF71A19D6}
C:\Users\Michal\AppData\Local\Chromium
C:\Users\Michal\AppData\Local\Google
C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo Web Start.lnk
C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk
C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium
C:\Users\Michal\Downloads\Photoscape-12505-dp.exe
C:\Windows\System32\drivers\mfeelamk.sys
CMD: netsh advfirewall reset
EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-2786685492-2715245155-4169903166-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_DA6047B3B86664256918EFEC7695FF7C => value removed successfully
mfeelamk => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B03F36F-5670-49FA-B021-843B691F1629}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B03F36F-5670-49FA-B021-843B691F1629}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B464D65-73C8-468B-B3EB-B502CF0E2A0B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B464D65-73C8-468B-B3EB-B502CF0E2A0B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7DE5B2F8-CDEA-43C3-86EE-941B1C8C6C9C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DE5B2F8-CDEA-43C3-86EE-941B1C8C6C9C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9817673C-9679-4B35-9631-0CE0771E2380}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9817673C-9679-4B35-9631-0CE0771E2380}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6902DE0-3715-47E4-9579-CF3DB856BBFF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6902DE0-3715-47E4-9579-CF3DB856BBFF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A813CD6D-494A-4803-9B3D-1EBC7E136EED}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A813CD6D-494A-4803-9B3D-1EBC7E136EED}" => key removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Customer Feedback Program 64 35" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BAA6ED81-2B71-4B1E-9EB9-304F456BE1FD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAA6ED81-2B71-4B1E-9EB9-304F456BE1FD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE835AEB-3DDB-406F-B64C-C0BF6E8F9C20}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE835AEB-3DDB-406F-B64C-C0BF6E8F9C20}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C56F5816-D5B6-4BFA-8254-A644DB9A88A7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C56F5816-D5B6-4BFA-8254-A644DB9A88A7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CCD771C1-45BA-47AA-988D-3425FCD81801}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCD771C1-45BA-47AA-988D-3425FCD81801}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D1CEEB37-DC7F-4291-B53D-6E89668C8C87}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1CEEB37-DC7F-4291-B53D-6E89668C8C87}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC591612-659B-4572-8261-59469F0AD277}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC591612-659B-4572-8261-59469F0AD277}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{622ce1b9-1a88-4744-b292-769129e61f49}\\DhcpNameServer => value removed successfully
"HKU\S-1-5-21-2786685492-2715245155-4169903166-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d4fee3d1-1014-4db8-a824-573bf9ab51c7}" => key removed successfully
HKCR\CLSID\{d4fee3d1-1014-4db8-a824-573bf9ab51c7} => key not found. 
HKU\S-1-5-21-2786685492-2715245155-4169903166-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-2786685492-2715245155-4169903166-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. 
"HKU\S-1-5-21-2786685492-2715245155-4169903166-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{29BAC421-4446-4903-91EE-19B37FE9EEAF}" => key removed successfully
HKCR\CLSID\{29BAC421-4446-4903-91EE-19B37FE9EEAF} => key not found. 
"HKU\S-1-5-21-2786685492-2715245155-4169903166-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d4fee3d1-1014-4db8-a824-573bf9ab51c7}" => key removed successfully
HKCR\CLSID\{d4fee3d1-1014-4db8-a824-573bf9ab51c7} => key not found. 
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
Firefox DefaultSearchEngine removed successfully
Firefox SelectedSearchEngine removed successfully
HKLM\Software\Mozilla\Firefox\Extensions\\sp@avast.com => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\sp@avast.com => value removed successfully
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => value restored successfully
HKU\.DEFAULT\Software\MozillaPlugins => could not remove at first attempt (ErrorCode: C0000121), see next line.
HKU\.DEFAULT\Software\MozillaPlugins => key removed successfully

========= reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /f =========

The operation completed successfully.


========= End of Reg: =========


========= reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /ve /t REG_SZ /d Bing /f =========

The operation completed successfully.


========= End of Reg: =========


========= reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /v URL /t REG_SZ /d "http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" /f =========

The operation completed successfully.


========= End of Reg: =========

C:\ProgramData\mntemp => moved successfully
C:\ProgramData\Temp => moved successfully
C:\Users\Michal\AppData\Local\{9A42AC1E-BEEA-C0A6-D372-E54EF71A19D6} => moved successfully
C:\Users\Michal\AppData\Local\Chromium => moved successfully
C:\Users\Michal\AppData\Local\Google => moved successfully
C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo Web Start.lnk => moved successfully
C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk => moved successfully
C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium => moved successfully
C:\Users\Michal\Downloads\Photoscape-12505-dp.exe => moved successfully
C:\Windows\System32\drivers\mfeelamk.sys => moved successfully

========= netsh advfirewall reset =========

Ok.


========= End ofCMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14517880 B
Java, Flash, Steam htmlcache => 540 B
Windows/system/drivers => 303275 B
Edge => 1837 B
Chrome => 0 B
Firefox => 159798918 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 818 B
NetworkService => 27992736 B
Michal => 14293996 B

RecycleBin => 0 B
EmptyTemp: => 206.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:17:12 ====