Fix result of Farbar Recovery Scan Tool (x64) Version:17-12-2015
Ran by LCK (2015-12-18 23:19:43) Run:1
Running from C:\Users\LCK\Desktop
Loaded Profiles: LCK (Available Profiles: LCK & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
Task: {868A63A1-8CB5-4753-99B6-C7392120AF86} - System32\Tasks\FusesFountainsV2 => Rundll32.exe CoalitionerRamblers.dll,main 7 1 <==== ATTENTION
Task: {BEB6F7EE-E84C-42EC-998C-5EC29BC1ED64} - System32\Tasks\{A8057B96-2E90-4475-A24C-5880E8148EAE} => pcalua.exe -a C:\Users\LCK\Downloads\FIFA00\3DSetup\3DSetup.exe -d C:\Users\LCK\Downloads\FIFA00\3DSetup
Task: {C56EFF53-5D88-40C9-85DD-DDCF10498360} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
HKU\S-1-5-21-3300732354-3664789897-2884040049-1001\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-3300732354-3664789897-2884040049-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3300732354-3664789897-2884040049-1001\...\MountPoints2: {747a59c9-7adf-11e5-8255-d0509963832c} - "I:\setup.exe"
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
GroupPolicyScripts: Restriction <======= ATTENTION
S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
DeleteKey: HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
DeleteKey: HKCU\Software\dobreprogramy
RemoveDirectory: C:\AdwCleaner
RemoveDirectory: C:\Users\LCK\AppData\Local\FusesFountains
RemoveDirectory: C:\Users\LCK\AppData\Local\Google
C:\Users\LCK\Downloads\*-dp*.exe
C:\Users\LCK\AppData\Local\*.*
C:\Windows\SysWOW64\*.tmp
CMD: netsh advfirewall reset
EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{868A63A1-8CB5-4753-99B6-C7392120AF86}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{868A63A1-8CB5-4753-99B6-C7392120AF86}" => key removed successfully
C:\Windows\System32\Tasks\FusesFountainsV2 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FusesFountainsV2" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEB6F7EE-E84C-42EC-998C-5EC29BC1ED64}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEB6F7EE-E84C-42EC-998C-5EC29BC1ED64}" => key removed successfully
C:\Windows\System32\Tasks\{A8057B96-2E90-4475-A24C-5880E8148EAE} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A8057B96-2E90-4475-A24C-5880E8148EAE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C56EFF53-5D88-40C9-85DD-DDCF10498360}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C56EFF53-5D88-40C9-85DD-DDCF10498360}" => key removed successfully
C:\Windows\System32\Tasks\AutoPico Daily Restart => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => key removed successfully
HKU\S-1-5-21-3300732354-3664789897-2884040049-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ASRockXTU => value removed successfully
HKU\S-1-5-21-3300732354-3664789897-2884040049-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => value removed successfully
"HKU\S-1-5-21-3300732354-3664789897-2884040049-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{747a59c9-7adf-11e5-8255-d0509963832c}" => key removed successfully
HKCR\CLSID\{747a59c9-7adf-11e5-8255-d0509963832c} => key not found. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending" => key removed successfully
HKCR\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => key not found. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced" => key removed successfully
HKCR\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => key not found. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing" => key removed successfully
HKCR\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => key not found. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending" => key removed successfully
HKCR\Wow6432Node\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => key not found. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced" => key removed successfully
HKCR\Wow6432Node\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => key not found. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing" => key removed successfully
HKCR\Wow6432Node\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => key not found. 
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
AxtuDrv => service removed successfully
HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I => key removed successfully
HKCU\Software\dobreprogramy => key removed successfully
"C:\AdwCleaner" => removed successfully.
"C:\Users\LCK\AppData\Local\FusesFountains" => removed successfully.
"C:\Users\LCK\AppData\Local\Google" => removed successfully.

=========== "C:\Users\LCK\Downloads\*-dp*.exe" ==========

C:\Users\LCK\Downloads\HD-Tune-12177-dp.exe => moved successfully

========= End -> "C:\Users\LCK\Downloads\*-dp*.exe" ========


=========== "C:\Users\LCK\AppData\Local\*.*" ==========

C:\Users\LCK\AppData\Local\ars.cache => moved successfully
C:\Users\LCK\AppData\Local\census.cache => moved successfully
C:\Users\LCK\AppData\Local\housecall.guid.cache => moved successfully
C:\Users\LCK\AppData\Local\IconCache.db => moved successfully
C:\Users\LCK\AppData\Local\sponge.last.runtime.cache => moved successfully

========= End -> "C:\Users\LCK\AppData\Local\*.*" ========


=========== "C:\Windows\SysWOW64\*.tmp" ==========

C:\Windows\SysWOW64\tmp8B80.tmp => moved successfully
C:\Windows\SysWOW64\tmp8B81.tmp => moved successfully
C:\Windows\SysWOW64\tmpCE58.tmp => moved successfully

========= End -> "C:\Windows\SysWOW64\*.tmp" ========


=========  netsh advfirewall reset =========

Ok.


========= End of CMD: =========

EmptyTemp: => 592.5 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 23:20:03 ====