Fix result of Farbar Recovery Scan Tool (x64) Version: 30-10-2016
Ran by Michal (02-11-2016 16:05:31) Run:3
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-606056733-3967136355-1948296624-1001\...\Run: [asegovvilx] => explorer "hxxp://granena.ru/?utm_source=uoua03n&utm_content=e739009bccd5f1e6d71a91bff5994529&utm_term=D257281A092DF882157CB8DAE03961DF&utm_d=20161018" <===== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
HKU\S-1-5-21-606056733-3967136355-1948296624-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-606056733-3967136355-1948296624-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://granena.ru/?utm_content=31b5cebd524a9af6c7a772dca81815e9&utm_source=startpm&utm_term=D257281A092DF882157CB8DAE03961DF&utm_d=20161018
HKU\S-1-5-21-606056733-3967136355-1948296624-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?bcutc=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-606056733-3967136355-1948296624-1001 -> DefaultScope {A06ED961-D98F-4CF9-A89B-80AB11DB149C} URL = hxxp://go-search.ru/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-606056733-3967136355-1948296624-1001 -> {A06ED961-D98F-4CF9-A89B-80AB11DB149C} URL = hxxp://go-search.ru/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-606056733-3967136355-1948296624-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
FF NewTab: Mozilla\Firefox\Profiles\ayofdylg.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\ayofdylg.default -> GoSearch
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\ayofdylg.default -> GoSearch
FF SearchPlugin: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\ayofdylg.default\searchplugins\GoSearch.xml [2016-10-26]
U0 aswVmm; no ImagePath
Task: {3EAB42E3-6BC1-47AA-BDDF-FC2702DFB867} - System32\Tasks\SafeZone scheduled Autoupdate 1475686227 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
ShortcutWithArgument: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> url,FileProtocolHandler "hxxp://www.mail.ru/cnt/20775012?gp=811008"
FirewallRules: [{D22D4E39-3890-49C4-AD05-CFBFEFA1B0DB}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{1AB6B571-E217-4DD9-8D45-4F91EA674C64}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
2016-10-02 14:10 - 2016-10-26 15:04 - 00000000 ____D C:\WINDOWS\System32\Tasks\R@1n-KMS
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-606056733-3967136355-1948296624-1001\Software\Microsoft\Windows\CurrentVersion\Run\\asegovvilx => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. 
HKU\S-1-5-21-606056733-3967136355-1948296624-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-606056733-3967136355-1948296624-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-606056733-3967136355-1948296624-1001\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully
HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found. 
HKU\S-1-5-21-606056733-3967136355-1948296624-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-606056733-3967136355-1948296624-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A06ED961-D98F-4CF9-A89B-80AB11DB149C}" => key removed successfully
HKCR\CLSID\{A06ED961-D98F-4CF9-A89B-80AB11DB149C} => key not found. 
"HKU\S-1-5-21-606056733-3967136355-1948296624-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found. 
Firefox "newtab" removed successfully
Firefox DefaultSearchEngine removed successfully
Firefox SelectedSearchEngine removed successfully
C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\ayofdylg.default\searchplugins\GoSearch.xml => moved successfully
aswVmm => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3EAB42E3-6BC1-47AA-BDDF-FC2702DFB867}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EAB42E3-6BC1-47AA-BDDF-FC2702DFB867}" => key removed successfully
C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1475686227 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SafeZone scheduled Autoupdate 1475686227" => key removed successfully
C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk => Shortcut argument removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D22D4E39-3890-49C4-AD05-CFBFEFA1B0DB} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1AB6B571-E217-4DD9-8D45-4F91EA674C64} => value removed successfully
C:\WINDOWS\System32\Tasks\R@1n-KMS => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7198314 B
Java, Flash, Steam htmlcache => 165797335 B
Windows/system/drivers => 42242 B
Edge => 208612282 B
Chrome => 0 B
Firefox => 75017369 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 8100 B
Michal => 12804896 B

RecycleBin => 0 B
EmptyTemp: => 447.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:05:38 ====