Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by damien (29-01-2018 11:16:19) Run:1
Running from C:\Users\damien\Desktop
Loaded Profiles: damien &  (Available Profiles: damien)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction
HKU\S-1-5-21-848293732-2887674399-2536609968-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01282018143323504\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
HKU\S-1-5-21-848293732-2887674399-2536609968-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01282018143537438\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
HKU\S-1-5-21-848293732-2887674399-2536609968-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01282018143904239\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
Startup: C:\Users\damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bankamerica.lnk [2018-01-20]
ShortcutTarget: bankamerica.lnk -> C:\Program Files (x86)\Pages\landowners.exe (No File)
Startup: C:\Users\damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bankamericabankamerica.lnk [2018-01-20]
ShortcutTarget: bankamericabankamerica.lnk -> C:\Program Files (x86)\mosey\commend.exe (No File)
BootExecute: autocheck autochk * sdnclean64.exe
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25D546D6-7F92-4046-9BC7-48E605F07E7C} 
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{25D546D6-7F92-4046-9BC7-48E605F07E7C} 
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3ECE63E6-E5CC-42C8-AD12-080267A265D3} 
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3ECE63E6-E5CC-42C8-AD12-080267A265D3} 
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{972225E8-306C-4B22-8860-29840C269286} 
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{972225E8-306C-4B22-8860-29840C269286} 
C:\Windows\System32\Tasks\Avira\System Speedup\SpeedupSysTray
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DDEF38C-6CD1-47F7-B341-D88AAAF4ABB1} 
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{9DDEF38C-6CD1-47F7-B341-D88AAAF4ABB1} 
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFD1DA29-A5C3-4E86-B501-B233EBB79DB7} 
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{CFD1DA29-A5C3-4E86-B501-B233EBB79DB7} 
C:\Windows\System32\Tasks\Avira\System Speedup\TestScheduler
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} <== Reinstall Software WinRAR32
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} <== Reinstall Software WinRAR32
C:\WINDOWS\Installer\5321c12.msi
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
EmptyTemp:

*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
HKU\S-1-5-21-848293732-2887674399-2536609968-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01282018143323504\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd) => Error: No automatic fix found for this entry.
HKU\S-1-5-21-848293732-2887674399-2536609968-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01282018143537438\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd) => Error: No automatic fix found for this entry.
HKU\S-1-5-21-848293732-2887674399-2536609968-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01282018143904239\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd) => Error: No automatic fix found for this entry.
C:\Users\damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bankamerica.lnk => moved successfully
C:\Program Files => FRST is scripted not to move this directory.
C:\Users\damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bankamericabankamerica.lnk => moved successfully
C:\Program Files => FRST is scripted not to move this directory.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25D546D6-7F92-4046-9BC7-48E605F07E7C} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{25D546D6-7F92-4046-9BC7-48E605F07E7C} => key not found
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3ECE63E6-E5CC-42C8-AD12-080267A265D3}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3ECE63E6-E5CC-42C8-AD12-080267A265D3} => key not found
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{972225E8-306C-4B22-8860-29840C269286}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{972225E8-306C-4B22-8860-29840C269286} => key not found
C:\Windows\System32\Tasks\Avira\System Speedup\SpeedupSysTray => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DDEF38C-6CD1-47F7-B341-D88AAAF4ABB1}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{9DDEF38C-6CD1-47F7-B341-D88AAAF4ABB1} => key not found
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFD1DA29-A5C3-4E86-B501-B233EBB79DB7}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{CFD1DA29-A5C3-4E86-B501-B233EBB79DB7} => key not found
C:\Windows\System32\Tasks\Avira\System Speedup\TestScheduler => moved successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32" => removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} <== Reinstall Software WinRAR32 => key not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32" => removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} <== Reinstall Software WinRAR32 => key not found
C:\WINDOWS\Installer\5321c12.msi => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => key not found
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => key not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => key not found

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 38375612 B
Java, Flash, Steam htmlcache => 1302 B
Windows/system/drivers => 196532 B
Edge => 10856 B
Chrome => 41755280 B
Firefox => 387282584 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 7680 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 67242 B
NetworkService => 0 B
damien => 3940223 B
defaultuser1 => 7680 B

RecycleBin => 0 B
EmptyTemp: => 457.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:21:23 ====