Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 05-01-2014 Ran by Dom at 2014-01-06 13:46:27 Run:1 Running from C:\Documents and Settings\Dom\Moje dokumenty\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe HKCU\...\Run: [NextLive] - C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Dom\Dane aplikacji\newnext.me\nengine.dll",EntryPoint -m l HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1387641376&from=cor&uid=ST9250827AS_5RG2ADZZXXXX5RG2ADZZ&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1387641376&from=cor&uid=ST9250827AS_5RG2ADZZXXXX5RG2ADZZ&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://aartemis.com/?type=sc&ts=1387641376&from=cor&uid=ST9250827AS_5RG2ADZZXXXX5RG2ADZZ SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.aartemis.com/web/?type=ds&ts=1387641376&from=cor&uid=ST9250827AS_5RG2ADZZXXXX5RG2ADZZ&q={searchTerms} SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.aartemis.com/web/?type=ds&ts=1387641376&from=cor&uid=ST9250827AS_5RG2ADZZXXXX5RG2ADZZ&q={searchTerms} SearchScopes: HKCU - {6042D612-B224-48EF-999B-F057503B6E9F} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3298566&CUI=UN76018818011639259&UM=2 SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://pl.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION S3 zgdcat; system32\DRIVERS\zgdcat.sys [x] S3 zgdcdiag; system32\DRIVERS\zgdcdiag.sys [x] S3 zgdcmdm; system32\DRIVERS\zgdcmdm.sys [x] S3 zgdcnet; system32\DRIVERS\zgdcnet.sys [x] S3 zgdcnmea; system32\DRIVERS\zgdcnmea.sys [x] S3 dgderdrv; System32\drivers\dgderdrv.sys [x] S3 filtertdidriver; system32\drivers\ewfiltertdidriver.sys [x] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x] S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x] S3 massfilter_lte; \??\C:\WINDOWS\system32\drivers\massfilter_lte.sys [x] C:\Documents and Settings\Dom\Dane aplikacji\aartemis C:\Documents and Settings\All Users\Dane aplikacji\COMODO C:\Program Files\Comodo C:\Documents and Settings\Dom\Dane aplikacji\f-secure C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Mobogenie C:\Documents and Settings\Dom\Moje dokumenty\Mobogenie C:\Program Files\Mobogenie C:\WINDOWS\system32\config\TuneUp.evt C:\Program Files\TuneUp Utilities 2013 C:\Documents and Settings\All Users\Dane aplikacji\F-Secure C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\bitool.dll C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\GLFF.EXE C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\radarsyncrw2013.exe C:\Documents and Settings\Dom\Ustawienia lokalne\Temp*.html ***************** HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon => Value deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive => Value deleted successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6042D612-B224-48EF-999B-F057503B6E9F} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{6042D612-B224-48EF-999B-F057503B6E9F} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A} => Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully. HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found. HKCR\PROTOCOLS\Handler\linkscanner => Key deleted successfully. HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key deleted successfully. HKLM\SOFTWARE\Policies\Google => Key deleted successfully. zgdcat => Service deleted successfully. zgdcdiag => Service deleted successfully. zgdcmdm => Service deleted successfully. zgdcnet => Service deleted successfully. zgdcnmea => Service deleted successfully. dgderdrv => Service deleted successfully. filtertdidriver => Service deleted successfully. hwdatacard => Service deleted successfully. hwusbdev => Service deleted successfully. massfilter_lte => Service deleted successfully. C:\Documents and Settings\Dom\Dane aplikacji\aartemis => Moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\COMODO => Moved successfully. C:\Program Files\Comodo => Moved successfully. C:\Documents and Settings\Dom\Dane aplikacji\f-secure => Moved successfully. C:\Documents and Settings\Dom\Ustawienia lokalne\Dane aplikacji\Mobogenie => Moved successfully. C:\Documents and Settings\Dom\Moje dokumenty\Mobogenie => Moved successfully. C:\Program Files\Mobogenie => Moved successfully. Could not move "C:\WINDOWS\system32\config\TuneUp.evt" => Scheduled to move on reboot. C:\Program Files\TuneUp Utilities 2013 => Moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\F-Secure => Moved successfully. C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\bitool.dll => Moved successfully. C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\GLFF.EXE => Moved successfully. C:\Documents and Settings\Dom\Ustawienia lokalne\Temp\radarsyncrw2013.exe => Moved successfully. Could not move "C:\Documents and Settings\Dom\Ustawienia lokalne\Temp*.html" => Scheduled to move on reboot. => Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-01-06 13:48:26)<= "C:\WINDOWS\system32\config\TuneUp.evt" => File could not move. C:\Documents and Settings\Dom\Ustawienia lokalne\Temp*.html => Moved successfully. ==== End of Fixlog ====