Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-01-2014 Ran by PanIWladca at 2014-01-10 20:44:21 Run:1 Running from E:\Users\PanIWladca\Desktop\Nowy folder (6) Boot Mode: Normal ============================================== Content of fixlist: ***************** HKLM-x32\...\Run: [mobilegeni daemon] - E:\Program Files (x86)\Mobogenie\DaemonProcess.exe HKCU\...\Run: [ChomikBox] - E:\Program Files (x86)\ChomikBox\chomikbox.exe HKCU\...\Run: [NextLive] - E:\Windows\SysWOW64\rundll32.exe "E:\Users\PanIWladca\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l MountPoints2: {46b2235c-8181-11e2-98c8-001fd03e32e0} - G:\FXRoute.exe StartMenuInternet: IEXPLORE.EXE - E:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Plugin-x32: @live.heroesandgenerals.com/npretox - E:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - E:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION S3 EagleX64; \??\E:\Windows\system32\drivers\EagleX64.sys [x] S3 X6va015; \??\E:\Windows\SysWOW64\Drivers\X6va015 [x] S3 xhunter1; \??\E:\Windows\xhunter1.sys [x] E:\Program Files (x86)\Mobogenie E:\Users\PanIWladca\.android E:\Users\PanIWladca\daemonprocess.txt E:\Users\PanIWladca\AppData\Local\cache E:\Users\PanIWladca\AppData\Local\genienext E:\Users\PanIWladca\AppData\Local\Mobogenie E:\Users\PanIWladca\AppData\Roaming\newnext.me E:\Users\PanIWladca\Pictures\Documents\Mobogenie Reg: reg add HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot /v AlternateShell /t REG_SZ /d cmd.exe /f CMD: netsh advfirewall reset ***************** HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon => Value deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ChomikBox => Value deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive => Value deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b2235c-8181-11e2-98c8-001fd03e32e0} => Key deleted successfully. HKCR\CLSID\{46b2235c-8181-11e2-98c8-001fd03e32e0} => Key not found. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully. HKLM\Software\Wow6432Node\MozillaPlugins\@live.heroesandgenerals.com/npretox => Key deleted successfully. E:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll not found. HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin => Key deleted successfully. E:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found. HKLM\SOFTWARE\Policies\Google => Key deleted successfully. EagleX64 => Service deleted successfully. X6va015 => Service deleted successfully. xhunter1 => Service deleted successfully. E:\Program Files (x86)\Mobogenie => Moved successfully. E:\Users\PanIWladca\.android => Moved successfully. E:\Users\PanIWladca\daemonprocess.txt => Moved successfully. E:\Users\PanIWladca\AppData\Local\cache => Moved successfully. E:\Users\PanIWladca\AppData\Local\genienext => Moved successfully. E:\Users\PanIWladca\AppData\Local\Mobogenie => Moved successfully. E:\Users\PanIWladca\AppData\Roaming\newnext.me => Moved successfully. E:\Users\PanIWladca\Pictures\Documents\Mobogenie => Moved successfully. ========= reg add HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot /v AlternateShell /t REG_SZ /d cmd.exe /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= netsh advfirewall reset ========= Ok. ========= End of CMD: ========= ==== End of Fixlog ====