Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 05-01-2014 Ran by biernak at 2014-01-07 21:03:25 Run:3 Running from C:\Users\biernak\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** () C:\Users\biernak\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe Task: {21D5F77A-8660-464D-9F4D-88BBC74B375B} - System32\Tasks\DSite => C:\Users\biernak\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe [2013-06-04] () Task: C:\Windows\Tasks\DSite.job => C:\Users\biernak\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe HKLM\...\Winlogon: [Userinit] userinit.exe,EXPLORER.EXE HKCU\...\Run: [NextLive] - C:\Windows\system32\rundll32.exe "C:\Users\biernak\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l HKCU\...\Run: [LiveSupport] - "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log AppInit_DLLs: C:\Program Files\GS-Enabler\Assistant.dll [3041792 2014-01-06] () HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dvlottery.state.gov/ HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1389034400&from=wpc&uid=WDCXWD2500BEVS-60UST0_WD-WXC30855510055100 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1389034400&from=wpc&uid=WDCXWD2500BEVS-60UST0_WD-WXC30855510055100 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1389034400&from=wpc&uid=WDCXWD2500BEVS-60UST0_WD-WXC30855510055100&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1389034400&from=wpc&uid=WDCXWD2500BEVS-60UST0_WD-WXC30855510055100&q={searchTerms} SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1389034400&from=wpc&uid=WDCXWD2500BEVS-60UST0_WD-WXC30855510055100&q={searchTerms} SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1389034400&from=wpc&uid=WDCXWD2500BEVS-60UST0_WD-WXC30855510055100&q={searchTerms} SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = Filter: text/html - {EE31AE88-AE7A-4C52-9330-A0A3B3468C02} - C:\Windows\system32\bimfapg.dll No File U1 eabfiltr; NETSVC: dfhbspz -> No Registry Path. C:\Program Files\Mobogenie C:\Program Files\Optimizer Pro C:\Users\biernak\.android C:\Users\biernak\daemonprocess.txt C:\Users\biernak\AppData\Local\cache C:\Users\biernak\AppData\Local\genienext C:\Users\biernak\AppData\Local\Mobogenie C:\Users\biernak\AppData\Roaming\Babylon C:\Users\biernak\AppData\Roaming\Common C:\Users\biernak\AppData\Roaming\DSite C:\Users\biernak\AppData\Roaming\newnext.me C:\Users\biernak\AppData\Roaming\Mozilla Reg: reg add HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot /v AlternateShell /t REG_SZ /d cmd.exe /f CMD: sc config "Multimedia mobilNET. RunOuc" start= demand ***************** C:\Users\biernak\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe => No running process found HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21D5F77A-8660-464D-9F4D-88BBC74B375B} => Key not found. C:\Windows\System32\Tasks\DSite not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite => Key not found. C:\Windows\Tasks\DSite.job not found. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon => Value not found. HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => Value was restored successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive => Value not found. HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\LiveSupport => Value not found. HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found. HKCR\Wow6432Node\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found. HKCR\PROTOCOLS\Filter\text/html => Key not found. HKCR\CLSID\{EE31AE88-AE7A-4C52-9330-A0A3B3468C02} => Key not found. eabfiltr => Service not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs dfhbspz not found. "C:\Program Files\Mobogenie" => File/Directory not found. "C:\Program Files\Optimizer Pro" => File/Directory not found. "C:\Users\biernak\.android" => File/Directory not found. "C:\Users\biernak\daemonprocess.txt" => File/Directory not found. "C:\Users\biernak\AppData\Local\cache" => File/Directory not found. "C:\Users\biernak\AppData\Local\genienext" => File/Directory not found. "C:\Users\biernak\AppData\Local\Mobogenie" => File/Directory not found. "C:\Users\biernak\AppData\Roaming\Babylon" => File/Directory not found. "C:\Users\biernak\AppData\Roaming\Common" => File/Directory not found. "C:\Users\biernak\AppData\Roaming\DSite" directory move: Could not move "C:\Users\biernak\AppData\Roaming\DSite" directory. => Scheduled to move on reboot. C:\Users\biernak\AppData\Roaming\newnext.me => Moved successfully. C:\Users\biernak\AppData\Roaming\Mozilla => Moved successfully. ========= reg add HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot /v AlternateShell /t REG_SZ /d cmd.exe /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= sc config "Multimedia mobilNET. RunOuc" start= demand ========= [SC] ChangeServiceConfig SUKCES ========= End of CMD: ========= => Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-01-07 21:05:59)<= C:\Users\biernak\AppData\Roaming\DSite => Is moved successfully. ==== End of Fixlog ====