Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-12-2014
Ran by Pablo at 2014-12-19 10:58:55 Run:1
Running from C:\Users\Pablo\Desktop\New folder
Loaded Profile: Pablo (Available profiles: Pablo)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
Task: {0EF10738-7760-45E4-8CCE-5BB7606EC8AF} - System32\Tasks\WinSTAT => C:\ProgramData\WinSTAT\WinSTAT.exe <==== ATTENTION
Task: {84B61353-7DD3-4F39-9675-0265689AD0A0} - System32\Tasks\{CE828525-04B0-4600-9323-58920530827C} => pcalua.exe -a C:\Users\Pablo\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=smt
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-803990909-3303059268-1033452581-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=st9500325as_s2w7qa51xxxxs2w7qa51
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=st9500325as_s2w7qa51xxxxs2w7qa51
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=st9500325as_s2w7qa51xxxxs2w7qa51
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-803990909-3303059268-1033452581-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=st9500325as_s2w7qa51xxxxs2w7qa51&ts=1418954443
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=st9500325as_s2w7qa51xxxxs2w7qa51&ts=1418954443
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=st9500325as_s2w7qa51xxxxs2w7qa51&ts=1418954443
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=st9500325as_s2w7qa51xxxxs2w7qa51&ts=1418954443
SearchScopes: HKU\S-1-5-21-803990909-3303059268-1033452581-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL =
SearchScopes: HKU\S-1-5-21-803990909-3303059268-1033452581-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
CHR HomePage: Default -> hxxp://search.bearshare.com/
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
C:\Program Files\AVAST Software
C:\Program Files (x86)\Elex-tech
C:\Program Files (x86)\Temp
C:\ProgramData\AVAST Software
C:\ProgramData\WinSTAT
C:\Users\Pablo\AppData\Roaming\AVAST Software
C:\Windows\avastSS.scr
C:\Windows\system32\log
C:\Windows\system32\vbox
C:\Windows\SysWOW64\vbox
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows® Statistics Service" /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
Folder: C:\Users\Pablo\AppData\Roaming\Opera Software\Opera Stable\Extensions
CMD: type "C:\Users\Pablo\AppData\Roaming\Opera Software\Opera Stable\Preferences"
CMD: dir /a "C:\Program Files"
CMD: dir /a "C:\Program Files (x86)"
CMD: dir /a C:\ProgramData
CMD: dir /a C:\Users\Pablo\AppData\Local
CMD: dir /a C:\Users\Pablo\AppData\LocalLow
CMD: dir /a C:\Users\Pablo\AppData\Roaming
EmptyTemp:

*****************

Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0EF10738-7760-45E4-8CCE-5BB7606EC8AF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EF10738-7760-45E4-8CCE-5BB7606EC8AF}" => Key deleted successfully.
C:\Windows\System32\Tasks\WinSTAT => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinSTAT" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{84B61353-7DD3-4F39-9675-0265689AD0A0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84B61353-7DD3-4F39-9675-0265689AD0A0}" => Key deleted successfully.
C:\Windows\System32\Tasks\{CE828525-04B0-4600-9323-58920530827C} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CE828525-04B0-4600-9323-58920530827C}" => Key deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
"HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-803990909-3303059268-1033452581-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-803990909-3303059268-1033452581-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}" => Key deleted successfully.
"HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF}" => Key not found.
"HKU\S-1-5-21-803990909-3303059268-1033452581-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}" => Key deleted successfully.
"HKCR\CLSID\{0191A6B0-1154-4C22-9182-23A95BBE92D9}" => Key not found.
"HKU\S-1-5-21-803990909-3303059268-1033452581-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}" => Key deleted successfully.
"HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF}" => Key not found.
Chrome HomePage deleted successfully.
AppMgmt => Service deleted successfully.
catchme => Service deleted successfully.
MBAMSwissArmy => Service deleted successfully.
C:\Program Files\AVAST Software => Moved successfully.
C:\Program Files (x86)\Elex-tech => Moved successfully.
C:\Program Files (x86)\Temp => Moved successfully.
C:\ProgramData\AVAST Software => Moved successfully.
C:\ProgramData\WinSTAT => Moved successfully.
C:\Users\Pablo\AppData\Roaming\AVAST Software => Moved successfully.
C:\Windows\avastSS.scr => Moved successfully.
C:\Windows\system32\log => Moved successfully.
C:\Windows\system32\vbox => Moved successfully.
C:\Windows\SysWOW64\vbox => Moved successfully.

========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite" /f =========

The operation completed successfully.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows® Statistics Service" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f =========

The operation completed successfully.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f =========

The operation completed successfully.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f =========

The operation completed successfully.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

ERROR: The system was unable to find the specified registry key or value.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

The operation completed successfully.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

The operation completed successfully.


========= End of Reg: =========


========================= Folder: C:\Users\Pablo\AppData\Roaming\Opera Software\Opera Stable\Extensions ========================

Directory Not Found

=========  type "C:\Users\Pablo\AppData\Roaming\Opera Software\Opera Stable\Preferences" =========


========= End of CMD: =========


=========  dir /a "C:\Program Files" =========


========= End of CMD: =========


=========  dir /a "C:\Program Files (x86)" =========


========= End of CMD: =========


=========  dir /a C:\ProgramData =========


========= End of CMD: =========


=========  dir /a C:\Users\Pablo\AppData\Local =========


========= End of CMD: =========


=========  dir /a C:\Users\Pablo\AppData\LocalLow =========


========= End of CMD: =========


=========  dir /a C:\Users\Pablo\AppData\Roaming =========


========= End of CMD: =========

EmptyTemp: => Removed 27.1 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====