Fix result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 Ran by Morgana at 2015-06-28 21:40:47 Run:1 Running from E:\ Loaded Profiles: Morgana (Available Profiles: Morgana) Boot Mode: Safe Mode (minimal) ============================================== fixlist content: ***************** Task: {E5357AF0-B974-4F23-8496-CE3A2B1DB77D} - \Bidaily Synchronize Task No Task File <==== ATTENTION C:\Users\Morgana\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1 HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-1818464453-2590412624-2668118778-1001\...\CurrentVersion\Windows: [Load] <===== ATTENTION GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION FF Extension: Digital More - C:\Users\Morgana\AppData\Roaming\Mozilla\Firefox\Profiles\fq9vde4g.default\Extensions\{2f99c32c-506e-4aa6-9392-ea1d3a366b7e}.xpi [2015-04-28] R2 VSSS; C:\Users\Morgana\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [104548224 2015-06-23] (Microsoft Corporation) [File not signed] <==== ATTENTION R4 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X] C:\WINDOWS\Minidump\*.dmp C:\Program Files\HAIBE70K.exe C:\Program Files\WUIBZJHV.exe C:\Program Files\NVOWPSVO.exe C:\Users\Morgana\Downloads\gqerkjxf.exe C:\Program Files\JR4IL9HF.exe 2015-06-25 21:25 - 2015-06-25 21:25 - 01415680 _____ (wj32) C:\Program Files\R8WJ1IEO.exe 2015-06-25 21:09 - 2015-06-25 21:09 - 01415680 _____ (wj32) C:\Program Files\E0YF1FSW.exe C:\Program Files\85WTAJIK.exe 2015-06-25 18:09 - 2015-06-25 18:09 - 01415680 _____ (wj32) C:\Program Files\P2LS65YW.exe 2015-06-25 18:09 - 2015-06-25 18:09 - 01415680 _____ (wj32) C:\Program Files\AWIFSUDC.exe 2015-06-24 10:47 - 2015-06-24 10:47 - 01415680 _____ (wj32) C:\Program Files\5TB4MFNC.exe 2015-06-24 09:56 - 2015-06-24 09:56 - 01415680 _____ (wj32) C:\Program Files\LZ7AN6JY.exe 2015-06-24 09:56 - 2015-06-24 09:56 - 01415680 _____ (wj32) C:\Program Files\B92PS5OH.exe 2015-06-24 09:56 - 2015-06-24 09:56 - 01415680 _____ (wj32) C:\Program Files\B8Z1NKXK.exe 2015-06-24 09:56 - 2015-06-24 09:56 - 01415680 _____ (wj32) C:\Program Files\4CK3LAIW.exe C:\Program Files\F8VJRK5P.exe C:\Program Files\9VSE2TSV.exe 2015-06-23 20:53 - 2015-06-23 20:53 - 01415680 _____ (wj32) C:\Program Files\4MFSBJRB.exe 2015-06-23 20:53 - 2015-06-23 20:53 - 01415680 _____ (wj32) C:\Program Files\46TGAPNS.exe 2015-06-23 19:43 - 2015-06-23 19:43 - 01415680 _____ (wj32) C:\Program Files\9CAC5NKJ.exe 2015-06-23 11:24 - 2015-06-23 11:24 - 01415680 _____ (wj32) C:\Program Files\FIKYM4SM.exe 2015-06-23 11:23 - 2015-06-23 11:23 - 01415680 _____ (wj32) C:\Program Files\0R4HUCEM.exe 2015-06-23 11:21 - 2015-06-23 11:21 - 01415680 _____ (wj32) C:\Program Files\T2AYRKN2.exe EmptyTemp: ***************** "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5357AF0-B974-4F23-8496-CE3A2B1DB77D}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5357AF0-B974-4F23-8496-CE3A2B1DB77D}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bidaily Synchronize Task" => key removed successfully C:\Users\Morgana\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe => moved successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value removed successfully HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value removed successfully HKU\S-1-5-21-1818464453-2590412624-2668118778-1001\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Load => value restored successfully C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully. C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully. "HKLM\SOFTWARE\Policies\Google" => key removed successfully C:\Users\Morgana\AppData\Roaming\Mozilla\Firefox\Profiles\fq9vde4g.default\Extensions\{2f99c32c-506e-4aa6-9392-ea1d3a366b7e}.xpi => moved successfully. VSSS => Service removed successfully KProcessHacker2 => Service not found. C:\WINDOWS\Minidump\*.dmp => moved successfully. C:\Program Files\HAIBE70K.exe => moved successfully. C:\Program Files\WUIBZJHV.exe => moved successfully. C:\Program Files\NVOWPSVO.exe => moved successfully. C:\Users\Morgana\Downloads\gqerkjxf.exe => moved successfully. C:\Program Files\JR4IL9HF.exe => moved successfully. C:\Program Files\R8WJ1IEO.exe => moved successfully. C:\Program Files\E0YF1FSW.exe => moved successfully. C:\Program Files\85WTAJIK.exe => moved successfully. C:\Program Files\P2LS65YW.exe => moved successfully. C:\Program Files\AWIFSUDC.exe => moved successfully. C:\Program Files\5TB4MFNC.exe => moved successfully. C:\Program Files\LZ7AN6JY.exe => moved successfully. C:\Program Files\B92PS5OH.exe => moved successfully. C:\Program Files\B8Z1NKXK.exe => moved successfully. C:\Program Files\4CK3LAIW.exe => moved successfully. C:\Program Files\F8VJRK5P.exe => moved successfully. C:\Program Files\9VSE2TSV.exe => moved successfully. C:\Program Files\4MFSBJRB.exe => moved successfully. C:\Program Files\46TGAPNS.exe => moved successfully. C:\Program Files\9CAC5NKJ.exe => moved successfully. C:\Program Files\FIKYM4SM.exe => moved successfully. C:\Program Files\0R4HUCEM.exe => moved successfully. C:\Program Files\T2AYRKN2.exe => moved successfully. EmptyTemp: => 285.7 MB temporary data Removed. The system needed a reboot.. ==== End of Fixlog 21:41:01 ====