Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Amin (24-05-2019 14:27:11) Run:3
Running from C:\Users\paul\Desktop
Loaded Profiles: Amin (Available Profiles: Amin)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
CHR DefaultSearchURL: Profile 3 -> hxxps://uk.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Profile 3 -> Yahoo
CHR DefaultSuggestURL: Profile 3 -> hxxps://uk.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
2019-05-20 10:06 - 2019-05-20 10:06 - 000264320 ____C (ExpressVPN) C:\Users\paul\AppData\Local\Temp\ExpressVpn.Client.Setup.Helper.exe
Task: {457D7BE4-AEE1-4178-80EE-7E492469AC77} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
ShortcutWithArgument: C:\Users\paul\Desktop\J - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"
ShortcutWithArgument: C:\Users\paul\Desktop\simon - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\paul\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
C:\Windows\Temp\*.*
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Policies\Google => not found
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => not found
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
"C:\Users\paul\AppData\Local\Temp\ExpressVpn.Client.Setup.Helper.exe" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{457D7BE4-AEE1-4178-80EE-7E492469AC77} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.
C:\Users\paul\Desktop\J - Chrome.lnk => Shortcut argument removed successfully
C:\Users\paul\Desktop\simon - Chrome.lnk => Shortcut argument removed successfully
C:\Users\paul\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk => Shortcut argument removed successfully
=========== "C:\Windows\Temp\*.*" ==========
C:\Windows\Temp\BitDefender Threat Scanner.dmp => moved successfully
C:\Windows\Temp\MpCmdRun.log => moved successfully
========= End -> "C:\Windows\Temp\*.*" ========
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-05-2019 14:29:02)
Result of scheduled keys to remove after reboot:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{457D7BE4-AEE1-4178-80EE-7E492469AC77} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.
==== End of Fixlog 14:29:02 ====