﻿Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-11-2014
Ran by Marek at 2014-11-20 09:53:21 Run:1
Running from C:\Users\Marek\Desktop
Loaded Profile: Marek (Available profiles: Marek & Host & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
() C:\ProgramData\01e58235-010d-43b1-8340-277d43a75321\maintainer.exe
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Marek\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\...\Run: [Facebook Update] => C:\Users\Marek\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-11-02] (Facebook Inc.)
HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\...\Run: [Google Update] => C:\Users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-11-02] (Google Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
SearchScopes: HKLM -> DefaultScope {4F6592CE-180E-42DD-8BDA-FADDA57D03A3} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM -> {4F6592CE-180E-42DD-8BDA-FADDA57D03A3} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {4F6592CE-180E-42DD-8BDA-FADDA57D03A3} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-4079485096-1562105636-3085926805-1002 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-4079485096-1562105636-3085926805-1002 -> {4F6592CE-180E-42DD-8BDA-FADDA57D03A3} URL = 
SearchScopes: HKU\S-1-5-21-4079485096-1562105636-3085926805-1002 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: No Name -> {5054562D-5247-006A-76A7-7A786E7484D7} ->  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKU\S-1-5-21-4079485096-1562105636-3085926805-1002 -> No Name - {5054562D-5247-006A-76A7-7A786E7484D7} -  No File

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Extension: Flash Video Downloader - Full HD Download - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\l2cl43sa.default\Extensions\artur.dubovoy@gmail.com [2014-11-17]
FF Extension: PodoWeb - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\l2cl43sa.default\Extensions\{adb41315-fba7-4b86-be27-b2401a20c8d2}.xpi [2014-11-19]

R2 MaintainerSvc6.89.573444; C:\ProgramData\01e58235-010d-43b1-8340-277d43a75321\maintainer.exe [123632 2014-11-19] ()
S3 AIDA64Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [X]

2014-11-09 13:32 - 2014-11-09 13:32 - 00000000 ____D () C:\Users\Marek\5FDC06BF3D3D43678FFB4FAFCB61972D.TMP
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4079485096-1562105636-3085926805-1002Core.job => C:\Users\Marek\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4079485096-1562105636-3085926805-1002UA.job => C:\Users\Marek\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4079485096-1562105636-3085926805-1002Core.job => C:\Users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4079485096-1562105636-3085926805-1002UA.job => C:\Users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe

C:\ProgramData\01e58235-010d-43b1-8340-277d43a75321
C:\Users\Marek\AppData\Local\Akamai
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
C:\ProgramData\01e58235-010d-43b1-8340-277d43a75321\maintainer.exe => No running process found
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5.5ServiceManager => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value deleted successfully.
HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value deleted successfully.
HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => Key deleted successfully.
"HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => Key deleted successfully.
"HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => Key deleted successfully.
"HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => Key deleted successfully.
"HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncBackedUp" => Key deleted successfully.
"HKCR\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncPending" => Key deleted successfully.
"HKCR\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncRoot" => Key deleted successfully.
"HKCR\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncShared" => Key deleted successfully.
"HKCR\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}" => Key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value deleted successfully.
HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully.
HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4F6592CE-180E-42DD-8BDA-FADDA57D03A3}" => Key deleted successfully.
"HKCR\CLSID\{4F6592CE-180E-42DD-8BDA-FADDA57D03A3}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{4F6592CE-180E-42DD-8BDA-FADDA57D03A3}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{4F6592CE-180E-42DD-8BDA-FADDA57D03A3}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key not found.
HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4F6592CE-180E-42DD-8BDA-FADDA57D03A3}" => Key deleted successfully.
"HKCR\CLSID\{4F6592CE-180E-42DD-8BDA-FADDA57D03A3}" => Key not found.
"HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key deleted successfully.
"HKCR\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5054562D-5247-006A-76A7-7A786E7484D7}" => Key deleted successfully.
"HKCR\CLSID\{5054562D-5247-006A-76A7-7A786E7484D7}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
"HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found.
HKU\S-1-5-21-4079485096-1562105636-3085926805-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5054562D-5247-006A-76A7-7A786E7484D7} => value deleted successfully.
"HKCR\CLSID\{5054562D-5247-006A-76A7-7A786E7484D7}" => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect" => Key deleted successfully.
C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\l2cl43sa.default\Extensions\artur.dubovoy@gmail.com => Moved successfully.
C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\l2cl43sa.default\Extensions\{adb41315-fba7-4b86-be27-b2401a20c8d2}.xpi not found.
MaintainerSvc6.89.573444 => Service deleted successfully.
AIDA64Driver => Service deleted successfully.
C:\Users\Marek\5FDC06BF3D3D43678FFB4FAFCB61972D.TMP => Moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4079485096-1562105636-3085926805-1002Core.job => Moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4079485096-1562105636-3085926805-1002UA.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4079485096-1562105636-3085926805-1002Core.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4079485096-1562105636-3085926805-1002UA.job => Moved successfully.
C:\ProgramData\01e58235-010d-43b1-8340-277d43a75321 => Moved successfully.
C:\Users\Marek\AppData\Local\Akamai => Moved successfully.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
EmptyTemp: => Removed 521.9 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====