Fix result of Farbar Recovery Scan Tool (x64) Version: 27-07-2016
Ran by mentol (2016-08-10 20:31:38) Run:6
Running from C:\Users\mentol\Desktop\skan
Loaded Profiles: mentol (Available Profiles: mentol)
Boot Mode: Normal
==============================================

fixlist content:
*****************
loseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-3502765815-1476509878-803485157-1000\...\Run: [mentol] => explorer.exe hxxp://kb-ribaki.org <===== ATTENTION
Task: {0806F485-DF2B-4BAD-9389-EF7AA8F707FE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-08-10] (AVAST Software)
Task: {237D854E-51D4-47A6-A7D2-12C6EEC9D6B8} - \mentol -> No File <==== ATTENTION
Task: {73593C5D-0497-4BE6-8BE6-60741742347E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3502765815-1476509878-803485157-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3502765815-1476509878-803485157-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3502765815-1476509878-803485157-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={1707ADCF-42A9-4ACD-9C05-7B80B920D146}&mid=3015cc824ed947cc88e46d16b21eab62-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0516pi&pr=fr&d=2016-08-02%2018:29:24&v=4.3.2.18&pid=wtu&sg=&sap=hp
CHR HomePage: Default -> hxxp://www.oursurfing.com/?type=sy&ts=1435597077&z=8afcf42752125a84e138084g5zac3w0w7t7m1e5m1w&from=smt&uid=ST500DM002-1BD142_Z6E4GE59XXXXZ6E4GE59
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=M486E8DD3-338A-4D2F-8481-5A54586888CF&SearchSource=55&CUI=&UM=5&UP=SP5B546ED7-912D-4C4B-9B30-ED04FEBB673E&SSPV=","hxxp://www.oursurfing.com/?type=hp&ts=1435597040&z=af967304df28f82b50eaf49gbz7c5wcwbtbmaeaccb&from=smt&uid=ST500DM002-1BD142_Z6E4GE59XXXXZ6E4GE59","hxxp://www.oursurfing.com/?type=hppp&ts=1435597077&z=8afcf42752125a84e138084g5zac3w0w7t7m1e5m1w&from=smt&uid=ST500DM002-1BD142_Z6E4GE59XXXXZ6E4GE59"
DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FAH.lnk
DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update Notifier.lnk
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software
DeleteKey: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main
C:\Windows\pss\FAH.lnk.CommonStartup
C:\Windows\pss\Update Notifier.lnk.CommonStartup
C:\Windows\system32\Drivers\MBAMSwissArmy.sys
C:\Windows\system32\Drivers\mbamchameleon.sys
C:\Windows\SysWOW64\prod-pgm.vpx
C:\Windows\SysWOW64\servers.def
C:\Windows\SysWOW64\servers.def.lkg
C:\Windows\SysWOW64\servers.def.vpx
RemoveDirectory: C:\AdwCleaner
RemoveDirectory: C:\$AVG
RemoveDirectory: C:\SUPERDelete
RemoveDirectory: C:\KVRT_Data
RemoveDirectory: C:\Qoobox
RemoveDirectory: C:\Program Files (x86)\Windows Loader
RemoveDirectory: C:\Program Files\Common Files\AV\avast! Antivirus
RemoveDirectory: C:\ProgramData\Avg
RemoveDirectory: C:\ProgramData\HitmanPro
RemoveDirectory: C:\ProgramData\Malwarebytes
RemoveDirectory: C:\ProgramData\Malwarebytes' Anti-Malware (portable)
RemoveDirectory: C:\ProgramData\MFAData
RemoveDirectory: C:\Users\Default\AppData\Roaming\TuneUp Software
RemoveDirectory: C:\Users\mentol\AppData\Local\Avg
RemoveDirectory: C:\Users\mentol\AppData\Local\AvgSetupLog
RemoveDirectory: C:\Users\mentol\AppData\Local\MFAData
RemoveDirectory: C:\Users\mentol\AppData\Roaming\AVG
RemoveDirectory: C:\Users\mentol\AppData\Roaming\TuneUp Software
RemoveDirectory: C:\Windows\System32\Tasks\AVAST Software
EmptyTemp:
*****************

loseProcesses: => Error: No automatic fix found for this entry.
Restore point was successfully created.
HKU\S-1-5-21-3502765815-1476509878-803485157-1000\Software\Microsoft\Windows\CurrentVersion\Run\\mentol => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{0806F485-DF2B-4BAD-9389-EF7AA8F707FE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0806F485-DF2B-4BAD-9389-EF7AA8F707FE}" => key removed successfully
C:\Windows\System32\Tasks\AVAST Software\Avast settings backup => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Avast settings backup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{237D854E-51D4-47A6-A7D2-12C6EEC9D6B8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{237D854E-51D4-47A6-A7D2-12C6EEC9D6B8}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\mentol => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{73593C5D-0497-4BE6-8BE6-60741742347E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73593C5D-0497-4BE6-8BE6-60741742347E}" => key removed successfully
C:\Windows\System32\Tasks\avast! Emergency Update => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avast! Emergency Update" => key removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. 
catchme => service removed successfully
VGPU => service removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-3502765815-1476509878-803485157-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-3502765815-1476509878-803485157-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-3502765815-1476509878-803485157-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
Chrome HomePage => removed successfully
Chrome StartupUrls => removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FAH.lnk => key removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update Notifier.lnk => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software => key removed successfully
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main => could not remove at first attempt (ErrorCode: C0000121), see next line.
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main => key removed successfully
C:\Windows\pss\FAH.lnk.CommonStartup => moved successfully
C:\Windows\pss\Update Notifier.lnk.CommonStartup => moved successfully
C:\Windows\system32\Drivers\MBAMSwissArmy.sys => moved successfully
C:\Windows\system32\Drivers\mbamchameleon.sys => moved successfully
C:\Windows\SysWOW64\prod-pgm.vpx => moved successfully
C:\Windows\SysWOW64\servers.def => moved successfully
C:\Windows\SysWOW64\servers.def.lkg => moved successfully
C:\Windows\SysWOW64\servers.def.vpx => moved successfully
"C:\AdwCleaner" => removed successfully.
"C:\$AVG" => removed successfully.
"C:\SUPERDelete" => removed successfully.
"C:\KVRT_Data" => removed successfully.
"C:\Qoobox" => removed successfully.
"C:\Program Files (x86)\Windows Loader" => removed successfully.
"C:\Program Files\Common Files\AV\avast! Antivirus" => removed successfully.
"C:\ProgramData\Avg" => removed successfully.
"C:\ProgramData\HitmanPro" => removed successfully.
"C:\ProgramData\Malwarebytes" => removed successfully.
"C:\ProgramData\Malwarebytes' Anti-Malware (portable)" => removed successfully.
"C:\ProgramData\MFAData" => removed successfully.
"C:\Users\Default\AppData\Roaming\TuneUp Software" => removed successfully.
"C:\Users\mentol\AppData\Local\Avg" => removed successfully.
"C:\Users\mentol\AppData\Local\AvgSetupLog" => removed successfully.
"C:\Users\mentol\AppData\Local\MFAData" => removed successfully.
"C:\Users\mentol\AppData\Roaming\AVG" => removed successfully.
"C:\Users\mentol\AppData\Roaming\TuneUp Software" => removed successfully.
"C:\Windows\System32\Tasks\AVAST Software" => removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5692223 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 4457 B
Edge => 0 B
Chrome => 420430651 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
mentol => 61338617 B

RecycleBin => 0 B
EmptyTemp: => 472.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:31:55 ====