﻿Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-02-2015
Ran by hal at 2015-02-18 13:33:56 Run:1
Running from C:\Users\Serifus\Desktop
Loaded Profiles: hal (Available profiles: balcom & hal)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-3883227779-2708345459-3382469968-1164\...\Run: [] => [X]
HKU\S-1-5-21-3883227779-2708345459-3382469968-1164\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-3883227779-2708345459-3382469968-1164\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6480664 2014-09-25] (Piriform Ltd)
HKU\S-1-5-21-3883227779-2708345459-3382469968-1164\...\MountPoints2: E - E:\SETUP.EXE
HKU\S-1-5-21-3883227779-2708345459-3382469968-1164\...\MountPoints2: F - F:\SETUP.EXE

HKU\S-1-5-21-3883227779-2708345459-3382469968-1164\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3883227779-2708345459-3382469968-1164 -> {4F711480-00A7-4072-BD0B-D306F8E1B083} URL = 
SearchScopes: HKU\S-1-5-21-3883227779-2708345459-3382469968-1164 -> {C2DC31E2-7F36-4EED-8B85-9C450130ED3E} URL = 
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @java.com/DTPlugin -> C:\Program Files (x86)\Java\jre6\bin\npDeployJava1.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HKU\S-1-5-21-3883227779-2708345459-3382469968-1164\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx [Not Found]

2015-02-17 13:48 - 2015-02-17 13:49 - 00112640 _____ (forum.viry.cz) C:\Users\Serifus\Desktop\FRSTLauncher.exe
2015-02-13 13:57 - 2015-02-13 16:04 - 00000000 ____D () C:\AdwCleaner
2015-02-13 13:56 - 2015-02-13 13:56 - 02112512 _____ () C:\Users\Serifus\Desktop\adwcleaner_4.110.exe
2015-02-13 09:51 - 2015-02-13 09:56 - 00000000 ____D () C:\Program Files\trend micro
2015-02-13 09:51 - 2015-02-13 09:51 - 01222144 _____ () C:\Users\Serifus\Desktop\RSITx64.exe
2015-02-13 09:51 - 2015-02-13 09:51 - 00000000 ____D () C:\rsit

Task: {3E906106-C9C5-4CD3-BC7C-E73B231AD24A} - System32\Tasks\{BFBDA62A-32AE-4461-824F-6DA1BF42FE8B} => pcalua.exe -a C:\Users\Serifus\Desktop\USBp950_drv_setup.exe -d C:\Users\Serifus\Desktop
Task: {74240E5E-1841-4BB4-B847-B96EA9C6CB3D} - System32\Tasks\{18E07C80-7581-4A16-9361-6F0CFE51BF8C} => pcalua.exe -a C:\Users\Serifus\Desktop\Web_IQTL_8_1_8115_29000592_AA\Setup.exe -d C:\Users\Serifus\Desktop\Web_IQTL_8_1_8115_29000592_AA
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\Temp:8927A071
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value deleted successfully.
HKU\S-1-5-21-3883227779-2708345459-3382469968-1164\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-3883227779-2708345459-3382469968-1164\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe => value deleted successfully.
HKU\S-1-5-21-3883227779-2708345459-3382469968-1164\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
"HKU\S-1-5-21-3883227779-2708345459-3382469968-1164\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E" => Key deleted successfully.
"HKU\S-1-5-21-3883227779-2708345459-3382469968-1164\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => Key deleted successfully.
"HKU\S-1-5-21-3883227779-2708345459-3382469968-1164\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-3883227779-2708345459-3382469968-1164\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4F711480-00A7-4072-BD0B-D306F8E1B083}" => Key deleted successfully.
HKCR\CLSID\{4F711480-00A7-4072-BD0B-D306F8E1B083} => Key not found. 
"HKU\S-1-5-21-3883227779-2708345459-3382469968-1164\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C2DC31E2-7F36-4EED-8B85-9C450130ED3E}" => Key deleted successfully.
HKCR\CLSID\{C2DC31E2-7F36-4EED-8B85-9C450130ED3E} => Key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found. 
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKU\S-1-5-21-3883227779-2708345459-3382469968-1164\SOFTWARE\Google\Chrome\Extensions\cnnbdaahphjgdgfhliignpepgnbnfomp" => Key deleted successfully.
C:\Users\Serifus\Desktop\FRSTLauncher.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Serifus\Desktop\adwcleaner_4.110.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Serifus\Desktop\RSITx64.exe => Moved successfully.
C:\rsit => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E906106-C9C5-4CD3-BC7C-E73B231AD24A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E906106-C9C5-4CD3-BC7C-E73B231AD24A}" => Key deleted successfully.
C:\Windows\System32\Tasks\{BFBDA62A-32AE-4461-824F-6DA1BF42FE8B} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BFBDA62A-32AE-4461-824F-6DA1BF42FE8B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74240E5E-1841-4BB4-B847-B96EA9C6CB3D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74240E5E-1841-4BB4-B847-B96EA9C6CB3D}" => Key deleted successfully.
C:\Windows\System32\Tasks\{18E07C80-7581-4A16-9361-6F0CFE51BF8C} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{18E07C80-7581-4A16-9361-6F0CFE51BF8C}" => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\ProgramData\Temp => ":8927A071" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 876.8 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 13:34:49 ====