Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2014 04
Ran by ja at 2014-01-20 13:16:44 Run:1
Running from C:\Users\ja\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1385655594&from=mlv&uid=HITACHIXHTS545050B9A300_090925PB4404Q7J3HYRAX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://aartemis.com/?type=hp&ts=1385655594&from=mlv&uid=HITACHIXHTS545050B9A300_090925PB4404Q7J3HYRAX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://aartemis.com/?type=hp&ts=1385655594&from=mlv&uid=HITACHIXHTS545050B9A300_090925PB4404Q7J3HYRAX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1385655594&from=mlv&uid=HITACHIXHTS545050B9A300_090925PB4404Q7J3HYRAX&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://aartemis.com/?type=sc&ts=1385655594&from=mlv&uid=HITACHIXHTS545050B9A300_090925PB4404Q7J3HYRAX
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.aartemis.com/web/?type=ds&ts=1385655594&from=mlv&uid=HITACHIXHTS545050B9A300_090925PB4404Q7J3HYRAX&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.aartemis.com/web/?type=ds&ts=1385655594&from=mlv&uid=HITACHIXHTS545050B9A300_090925PB4404Q7J3HYRAX&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKCU\...\Run: [AVG-Secure-Search-Update_1213b] - C:\Users\ja\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=93b5c27c683447d3b31f2104e4b34f2e-29a7b43a2bad10a75e950a17395c49975e1a602d /CMPID=1213b
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
C:\Program Files (x86)\Mobogenie
C:\Program Files (x86)\MyPC Backup
C:\Users\ja\daemonprocess.txt
C:\Users\ja\AppData\Local\Lollipop
C:\Users\ja\AppData\Local\Mobogenie
C:\Users\ja\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
C:\Users\ja\AppData\Roaming\Scripts
C:\Users\ja\AppData\Roaming\Systweak
*****************

HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\AVG-Secure-Search-Update_1213b => Value deleted successfully.
esgiguard => Service deleted successfully.
C:\Program Files (x86)\Mobogenie => Moved successfully.
C:\Program Files (x86)\MyPC Backup => Moved successfully.
C:\Users\ja\daemonprocess.txt => Moved successfully.
C:\Users\ja\AppData\Local\Lollipop => Moved successfully.
C:\Users\ja\AppData\Local\Mobogenie => Moved successfully.
C:\Users\ja\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} => Moved successfully.
C:\Users\ja\AppData\Roaming\Scripts => Moved successfully.
C:\Users\ja\AppData\Roaming\Systweak => Moved successfully.

==== End of Fixlog ====