Fix result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Ekospol (30-12-2016 11:01:32) Run:1
Running from C:\Users\Ekospol\Documents\b3
Loaded Profiles: Ekospol (Available Profiles: Ekospol & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
ShellExecuteHooks: No Name - {B9320EEE-AB3C-11E6-BA01-64006A5CFC23} - C:\Users\Ekospol\AppData\Roaming\Jaberge\Ckesuge.dll -> No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
FF ProfilePath: C:\Users\Ekospol\AppData\Roaming\Mozilla\Firefox\Profiles\h44knnl7.default [not found]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
C:\ProgramData\935z56777t378
C:\Program Files (x86)\Bonjour
C:\ProgramData\pconfig.dat
Task: {FD37BF45-290B-424F-B4EE-9FB365A99DEA} - System32\Tasks\935z56777t378 => Rundll32.exe "C:\ProgramData\935z56777t378\935z56777t378.dll",drvGetDefaultCommConfig <==== ATTENTION
C:\windows\TEMP

EmptyTemp:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B9320EEE-AB3C-11E6-BA01-64006A5CFC23} => value removed successfully
"HKCR\CLSID\{B9320EEE-AB3C-11E6-BA01-64006A5CFC23}" => key removed successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
C:\Users\Ekospol\AppData\Roaming\Mozilla\Firefox\Profiles\h44knnl7.default => path removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\ProgramData\935z56777t378 => moved successfully
C:\Program Files (x86)\Bonjour => moved successfully
C:\ProgramData\pconfig.dat => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{FD37BF45-290B-424F-B4EE-9FB365A99DEA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD37BF45-290B-424F-B4EE-9FB365A99DEA}" => key removed successfully
C:\windows\System32\Tasks\935z56777t378 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\935z56777t378" => key removed successfully

"C:\windows\TEMP" folder move:

Could not move "C:\windows\TEMP" => Scheduled to move on reboot.


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 33730098 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 334844 B
Edge => 0 B
Chrome => 101985867 B
Firefox => 308454638 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 1326508 B
systemprofile32 => 33058 B
LocalService => 0 B
NetworkService => 13590 B
Ekospol => 68116972 B
Guest => 26517 B

RecycleBin => 894617 B
EmptyTemp: => 499.1 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 30-12-2016 11:07:01)

"C:\windows\TEMP" => Could not move

==== End of Fixlog 11:07:06 ====