Fix result of Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by Matti24a at 2015-06-25 19:38:26 Run:1
Running from D:\download\anty
Loaded Profiles: Matti24a (Available Profiles: Matti24a)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
CloseProcesses:
R2 VSSS; C:\Users\Matti24a\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [98895424 2015-06-23] (Microsoft Corporation) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [X]
S2 AntiVirSchedulerService; "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" [X]
S2 AntiVirService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" [X]
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [X]
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
Task: {9A92D790-85D6-4EFF-A127-581114CE4915} - System32\Tasks\{520B5D5F-55BF-4452-B9CF-66CED3C82534} => pcalua.exe -a "D:\download\CH341SER Windows.EXE" -d D:\download
Task: {A7B013D9-5B9A-4BFC-921C-135DB504EF5B} - System32\Tasks\{F826BDDD-2A1A-410E-BA01-78E673AF0A34} => pcalua.exe -a F:\download\plugins\ts3overlay\InstallHook.exe -d F:\download\plugins\ts3overlay
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
C:\Program Files\*.exe
C:\Program Files\kprocesshacker.sys
C:\Program Files\Common Files\Bitdefender
C:\Program Files (x86)\mozilla firefox\plugins
C:\ProgramData\1434299707.bdinstall.bin
C:\ProgramData\bdch
C:\ProgramData\BDLogging
C:\Users\Matti24a\AppData\Local\Avg2015
C:\Users\Matti24a\AppData\Local\bdch
C:\Users\Matti24a\AppData\Local\MFAData
C:\Users\Matti24a\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe
C:\Users\Matti24a\AppData\Roaming\QuickScan
C:\Windows\SysWOW64\bdsandboxuiskin32.dll
C:\Windows\system32\bdsandboxuiskin32.dll
C:\Windows\system32\BDSandBoxUISkin.dll
C:\Windows\system32\BDSandBoxUH.dll
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Google /f
Hosts:
EmptyTemp:
*****************

Processes closed successfully.
VSSS => Service removed successfully
AntiVirMailService => Service removed successfully
AntiVirSchedulerService => Service removed successfully
AntiVirService => Service removed successfully
AntiVirWebService => Service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\InstallerLauncher => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A92D790-85D6-4EFF-A127-581114CE4915}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A92D790-85D6-4EFF-A127-581114CE4915}" => key removed successfully
C:\Windows\System32\Tasks\{520B5D5F-55BF-4452-B9CF-66CED3C82534} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{520B5D5F-55BF-4452-B9CF-66CED3C82534}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7B013D9-5B9A-4BFC-921C-135DB504EF5B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7B013D9-5B9A-4BFC-921C-135DB504EF5B}" => key removed successfully
C:\Windows\System32\Tasks\{F826BDDD-2A1A-410E-BA01-78E673AF0A34} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F826BDDD-2A1A-410E-BA01-78E673AF0A34}" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
C:\Program Files\*.exe => moved successfully.
"C:\Program Files\kprocesshacker.sys" => File/Folder not found.
C:\Program Files\Common Files\Bitdefender => moved successfully.
C:\Program Files (x86)\mozilla firefox\plugins => moved successfully.
C:\ProgramData\1434299707.bdinstall.bin => moved successfully.
C:\ProgramData\bdch => moved successfully.
C:\ProgramData\BDLogging => moved successfully.
C:\Users\Matti24a\AppData\Local\Avg2015 => moved successfully.
C:\Users\Matti24a\AppData\Local\bdch => moved successfully.
C:\Users\Matti24a\AppData\Local\MFAData => moved successfully.
C:\Users\Matti24a\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe => moved successfully.
C:\Users\Matti24a\AppData\Roaming\QuickScan => moved successfully.
C:\Windows\SysWOW64\bdsandboxuiskin32.dll => moved successfully.
C:\Windows\system32\bdsandboxuiskin32.dll => moved successfully.
C:\Windows\system32\BDSandBoxUISkin.dll => moved successfully.
C:\Windows\system32\BDSandBoxUH.dll => moved successfully.

========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Wow6432Node\Google /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 399.8 MB temporary data Removed.


The system needed a reboot.. 

==== End of Fixlog 19:38:28 ====