Fix result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018 Ran by Daga (04-03-2018 19:48:03) Run:1 Running from F:\ Loaded Profiles: Daga (Available Profiles: Daga & Mateusz) Boot Mode: Normal ============================================== fixlist content: ***************** CloseProcesses: ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File Task: {DC903D2F-56F4-4A5C-89B3-D0A85C4F7EA6} - System32\Tasks\Optimize Thumbnail Cache Files => wscript.exe //nologo //E:jscript //B "C:\ProgramData\InstallShield\Update\isuspm.ini" <==== ATTENTION Task: {FB5E85EC-E708-42F4-A0B6-758E07DF3E66} - System32\Tasks\InstallShield® Update Service Scheduler => C:\Program Files (x86)\Common Files\InstallShield\Update\ISUSPM.exe [2017-10-07] (InstallShield®) File: C:\ProgramData\InstallShield\Update\isuspm.ini File: C:\Program Files (x86)\Common Files\InstallShield\Update\ISUSPM.exe VirusTotal: C:\ProgramData\InstallShield\Update\isuspm.ini VirusTotal: C:\Program Files (x86)\Common Files\InstallShield\Update\ISUSPM.exe HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION RemoveProxy: Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: ***************** Processes closed successfully. "HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC903D2F-56F4-4A5C-89B3-D0A85C4F7EA6}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC903D2F-56F4-4A5C-89B3-D0A85C4F7EA6}" => removed successfully C:\WINDOWS\System32\Tasks\Optimize Thumbnail Cache Files => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Thumbnail Cache Files" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FB5E85EC-E708-42F4-A0B6-758E07DF3E66}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB5E85EC-E708-42F4-A0B6-758E07DF3E66}" => removed successfully C:\WINDOWS\System32\Tasks\InstallShield® Update Service Scheduler => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\InstallShield® Update Service Scheduler" => removed successfully ========================= File: C:\ProgramData\InstallShield\Update\isuspm.ini ======================== C:\ProgramData\InstallShield\Update\isuspm.ini File not signed MD5: 5587BD55CA9068368A9074491C90E21B Creation and modification date: 2018-02-25 11:07 - 2017-10-07 22:01 Size: 000008944 Attributes: ----A Company Name: Internal Name: Original Name: Product: Description: File Version: Product Version: Copyright: VirusTotal: 0 ====== End of File: ====== ========================= File: C:\Program Files (x86)\Common Files\InstallShield\Update\ISUSPM.exe ======================== C:\Program Files (x86)\Common Files\InstallShield\Update\ISUSPM.exe File not signed MD5: 5AF558B541A88697D25063B30C55A536 Creation and modification date: 2018-02-25 11:07 - 2017-10-07 21:57 Size: 000394368 Attributes: ----A Company Name: InstallShield® Internal Name: ISUSPM.exe Original Name: ISUSPM.exe Product: Update Service Scheduler Description: InstallShield® Update Service Scheduler File Version: 20.0.0.6 Product Version: 20.0.0.6 Copyright: Copyright © InstallShield® 2014. All rights reserved. VirusTotal: 0 ====== End of File: ====== VirusTotal: C:\ProgramData\InstallShield\Update\isuspm.ini => https://www.virustotal.com/file/796dc2d3b0316a13a2e065ba54cf4c60e212dfee66900a37073de2ba33964033/analysis/1519904469/ VirusTotal: C:\Program Files (x86)\Common Files\InstallShield\Update\ISUSPM.exe => https://www.virustotal.com/file/3586de4b42fd861d933f97d6ab06264af05469c3d6ddd1412f87c3f297eae833/analysis/1520036069/ "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => removed successfully ========= RemoveProxy: ========= "HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxySettingsPerUser" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\" => removed successfully "HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable" => removed successfully "HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully "HKU\S-1-5-21-3912383615-3260148415-1536492470-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKU\S-1-5-21-3912383615-3260148415-1536492470-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully ========= End of RemoveProxy: ========= ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} ========= ========= End of Powershell: ========= =========== EmptyTemp: ========== BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 312998577 B Java, Flash, Steam htmlcache => 2225 B Windows/system/drivers => 66575210 B Edge => 1692711 B Chrome => 70347411 B Firefox => 36956704 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 128 B LocalService => 0 B NetworkService => 15432820 B Daga => 2289074911 B Mateusz => 130293770 B RecycleBin => 274920 B EmptyTemp: => 2.7 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 20:00:40 ====