Fix result of Farbar Recovery Scan Tool (x64) Version: 11-08-2016 01
Ran by Kamil (2016-08-17 18:04:27) Run:1
Running from C:\Users\Kamil\Downloads
Loaded Profiles: Kamil (Available Profiles: Kamil)
Boot Mode: Safe Mode (minimal)
==============================================

fixlist content:
*****************
CloseProcesses:
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-09] (Malwarebytes)
R1 UCGuard; C:\Windows\System32\DRIVERS\ucguard.sys [81792 2016-07-21] (Huorong Borui (Beijing) Technology Co., Ltd.)
Task: {5E5C1B2B-7BDA-4716-BBD3-FC620F4951DB} - System32\Tasks\{CFF5B5C9-5465-4D05-8F1A-EC22F8CD8C98} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.15.0.102&amp;LastError=404
Task: {9E9E5257-C292-4D1F-8892-CD112DA36514} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v "EaseUS Cleanup" /f
Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v "EaseUS EPM tray" /f
C:\Program Files (x86)\Ploqdomzok
C:\Program Files (x86)\s1d8202
C:\Program Files (x86)\sbqh
C:\ProgramData\Malwarebytes
C:\Users\Kamil\IP_Log_Data.js
C:\Users\Kamil\AppData\Local\Driver_LOM_8161Present.flag
C:\Users\Kamil\AppData\Roaming\EeIQKCHSHPgVUTdGdPR
C:\Users\Kamil\AppData\Roaming\EeIQKCHSHPgVUTdGdPRYN.cmd
C:\Users\Kamil\AppData\Roaming\KSAaDJSIHghQ
C:\Users\Kamil\AppData\Roaming\ClassicShell
C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Serious Sam HD - The Second Encounter
C:\Users\Kamil\Documents\Euro Truck Simulator 2\readme.rtf.lnk
C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
C:\WINDOWS\system32\Drivers\ucguard.sys
C:\WINDOWS\system32\Drivers\etc\hp.bak
C:\WINDOWS\SysWOW64\kz.exe
Hosts:
EmptyTemp:
*****************

Processes closed successfully.
MBAMSwissArmy => service removed successfully
UCGuard => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E5C1B2B-7BDA-4716-BBD3-FC620F4951DB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E5C1B2B-7BDA-4716-BBD3-FC620F4951DB}" => key removed successfully
C:\WINDOWS\System32\Tasks\{CFF5B5C9-5465-4D05-8F1A-EC22F8CD8C98} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CFF5B5C9-5465-4D05-8F1A-EC22F8CD8C98}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E9E5257-C292-4D1F-8892-CD112DA36514}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E9E5257-C292-4D1F-8892-CD112DA36514}" => key removed successfully
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => key removed successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\sp@avast.com => value removed successfully

========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v "EaseUS Cleanup" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v "EaseUS EPM tray" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========

C:\Program Files (x86)\Ploqdomzok => moved successfully
C:\Program Files (x86)\s1d8202 => moved successfully
C:\Program Files (x86)\sbqh => moved successfully
C:\ProgramData\Malwarebytes => moved successfully
C:\Users\Kamil\IP_Log_Data.js => moved successfully
C:\Users\Kamil\AppData\Local\Driver_LOM_8161Present.flag => moved successfully
C:\Users\Kamil\AppData\Roaming\EeIQKCHSHPgVUTdGdPR => moved successfully
C:\Users\Kamil\AppData\Roaming\EeIQKCHSHPgVUTdGdPRYN.cmd => moved successfully
C:\Users\Kamil\AppData\Roaming\KSAaDJSIHghQ => moved successfully
C:\Users\Kamil\AppData\Roaming\ClassicShell => moved successfully
C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Serious Sam HD - The Second Encounter => moved successfully
C:\Users\Kamil\Documents\Euro Truck Simulator 2\readme.rtf.lnk => moved successfully
C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys => moved successfully
C:\WINDOWS\system32\Drivers\ucguard.sys => moved successfully
C:\WINDOWS\system32\Drivers\etc\hp.bak => moved successfully
C:\WINDOWS\SysWOW64\kz.exe => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17827214 B
Java, Flash, Steam htmlcache => 292434395 B
Windows/system/drivers => 12440 B
Edge => 70656 B
Chrome => 0 B
Firefox => 221598309 B
Opera => 323728800 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 8978 B
NetworkService => 0 B
Kamil => 323725173 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:04:36 ====