Fix result of Farbar Recovery Scan Tool (x64) Version: 03.10.2018 01
Ran by Rachid (04-10-2018 13:35:38) Run:1
Running from C:\Users\Rachid\Desktop
Loaded Profiles: Rachid (Available Profiles: Rachid)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start

CreateRestorePoint:

CloseProcesses:

Hosts:

Task: {1E16066A-75F2-45C4-90FE-4F4D01736270} - System32\Tasks\WIN-statsAdmin => C:\Users\martin\AppData\Local\Microsoft\WinU\~ljcroqv.exe <==== ATTENTION

Task: {6D78B532-F504-456D-9ABF-FBB33F02E33D} - System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => C:\Users\martin\AppData\Roaming\~zrvgdtu.exe <==== ATTENTION

Task: {8C349831-0D81-4BDB-9C36-36259B4E69DF} - System32\Tasks\WIN-statsSystem => C:\Users\martin\AppData\Local\Microsoft\WinU\~lqygjch.exe

Task: {E4C451BC-417E-42CC-A6A7-2964DF30856C} - System32\Tasks\WIN-fIGbfFfEGCfFGEGbfCfE => C:\Users\martin\AppData\Roaming\~tyejovm.exe <==== ATTENTION

IE trusted site: HKU\S-1-5-21-2016610000-2819915159-2942361396-1000\...\webcompanion.com -> hxxp://webcompanion.com

HKLM\...\Run: [Format Factory] => Cmd.exe /c start WScript.exe /e:VBScript.Encode C:\Users\martin\AppData\Roaming\Video.3gp <==== ATTENTION

HKU\S-1-5-21-2016610000-2819915159-2942361396-1000\...\Run: [Format Factory] => Cmd.exe /c start WScript.exe /e:VBScript.Encode C:\Users\martin\AppData\Roaming\Video.3gp <==== ATTENTION

HKU\S-1-5-21-2016610000-2819915159-2942361396-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

2017-09-10 09:10 - 2017-09-10 09:10 - 000000000 ____D C:\Users\martin\AppData\Local\Tempzxpsigncbd27a32f2cda288

2017-09-10 09:10 - 2017-09-10 09:10 - 000000000 ____D C:\Users\martin\AppData\Local\Tempzxpsignaab1fede04518a3d

2017-09-10 09:10 - 2017-09-10 09:10 - 000000000 ____D C:\Users\martin\AppData\Local\Tempzxpsign251970df6c8a4833

2017-09-10 08:45 - 2017-09-10 08:45 - 000000000 ____D C:\Users\martin\AppData\Local\Tempzxpsignadebefd6d82824c1

2017-09-10 08:44 - 2017-09-10 08:44 - 000000000 ____D C:\Users\martin\AppData\Local\Tempzxpsign9ac659f3571e9880

2017-09-10 08:44 - 2017-09-10 08:44 - 000000000 ____D C:\Users\martin\AppData\Local\Tempzxpsign8469af0d6793d02f

2017-08-02 17:24 - 2017-08-02 17:25 - 000740416 _____ (Oracle Corporation) C:\Users\martin\AppData\Local\Temp\jre-8u144-windows-au.exe

2017-06-08 22:57 - 2017-08-29 20:03 - 025532416 _____ () C:\Users\martin\AppData\Local\Temp\SkypeSetup.exe

2017-08-04 19:15 - 2017-08-04 19:17 - 030950664 _____ () C:\Users\martin\AppData\Local\Temp\vlc-2.2.6-win32.exe

RemoveProxy:

EmptyTemp:

cmd: ipconfig /flushdns

end
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E16066A-75F2-45C4-90FE-4F4D01736270}" => not found
"C:\Windows\System32\Tasks\WIN-statsAdmin" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-statsAdmin" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D78B532-F504-456D-9ABF-FBB33F02E33D}" => not found
"C:\Windows\System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-GGfIfEGCfEGbGffIfCfEGC" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C349831-0D81-4BDB-9C36-36259B4E69DF}" => not found
"C:\Windows\System32\Tasks\WIN-statsSystem" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-statsSystem" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4C451BC-417E-42CC-A6A7-2964DF30856C}" => not found
"C:\Windows\System32\Tasks\WIN-fIGbfFfEGCfFGEGbfCfE" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-fIGbfFfEGCfFGEGbfCfE" => not found
"HKU\S-1-5-21-2016610000-2819915159-2942361396-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com" => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Format Factory" => not found
"HKU\S-1-5-21-2016610000-2819915159-2942361396-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Format Factory" => not found
"HKU\S-1-5-21-2016610000-2819915159-2942361396-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => not found
ibtsiva => service not found.
"C:\Users\martin\AppData\Local\Tempzxpsigncbd27a32f2cda288" => not found
"C:\Users\martin\AppData\Local\Tempzxpsignaab1fede04518a3d" => not found
"C:\Users\martin\AppData\Local\Tempzxpsign251970df6c8a4833" => not found
"C:\Users\martin\AppData\Local\Tempzxpsignadebefd6d82824c1" => not found
"C:\Users\martin\AppData\Local\Tempzxpsign9ac659f3571e9880" => not found
"C:\Users\martin\AppData\Local\Tempzxpsign8469af0d6793d02f" => not found
"C:\Users\martin\AppData\Local\Temp\jre-8u144-windows-au.exe" => not found
"C:\Users\martin\AppData\Local\Temp\SkypeSetup.exe" => not found
"C:\Users\martin\AppData\Local\Temp\vlc-2.2.6-win32.exe" => not found

========= RemoveProxy: =========

"HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3007850542-525220635-3221810868-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL" => removed successfully
"HKU\S-1-5-21-3007850542-525220635-3221810868-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3007850542-525220635-3221810868-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9770247 B
Java, Flash, Steam htmlcache => 538 B
Windows/system/drivers => 259962 B
Edge => 0 B
Chrome => 424886646 B
Firefox => 17325550 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 284775 B
systemprofile32 => 6570006 B
LocalService => 132244 B
NetworkService => 66708 B
Rachid => 10355363 B

RecycleBin => 158532 B
EmptyTemp: => 456.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:37:39 ====