Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-02-2014 01 Ran by Hubert at 2014-02-13 18:39:51 Run:1 Running from C:\Documents and Settings\Hubert\Moje dokumenty\Pobieranie Boot Mode: Normal ============================================== Content of fixlist: ***************** HKLM\...\Run: [NWEReboot] - [X] HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe HKLM\...\Policies\Explorer: [NoCDBurning] 0 HKU\S-1-5-21-299502267-1035525444-1177238915-1003\...\Run: [Badoo Desktop] - C:\Documents and Settings\All Users\Dane aplikacji\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe HKU\S-1-5-21-299502267-1035525444-1177238915-1003\...\Run: [NextLive] - C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Hubert\Dane aplikacji\newnext.me\nengine.dll",EntryPoint -m l HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=128 SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {27F68CFD-0F10-42C8-BD3F-F92A1E95944E} URL = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100474&mntrId=4c1a2f0b00000000000000241d2b6d91 SearchScopes: HKCU - {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://badoo.com/startpage/?source=bsb&q={searchTerms} SearchScopes: HKCU - {9C558FFB-DF1C-4545-9611-8E10174DD7F9} URL = http://websearch.ask.com/redirect?client=ie&tb=VD&o=14778&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=VX&apn_dtid=YYYYYYYYPL&apn_uid=63772DCA-0346-4945-93DE-5E23F54993EE&apn_sauid=AD82888A-073D-4068-9FEA-3CD6D69BFD14 BHO: greattsAvEr - {0CD9561A-8DC4-2E5D-D151-13A033DC0F3B} - C:\Program Files\greattsAvEr\RInt8.dll () BHO: YoutubeAdblocker - {62A67AFE-0B72-2E83-B072-062CE5BC4E46} - C:\Program Files\YoutubeAdblocker\vktF2.dll () Toolbar: HKCU - No Name - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No File DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml CHR Extension: (YTTBookMMark) - C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\mmcccllnlcfemdmfmlllhbccmlghammm [2014-01-28] S2 Update FindRight; "C:\Program Files\FindRight\updateFindRight.exe" [X] S3 Ca2001v; System32\Drivers\Ca2001v.sys [X] S3 RT61; system32\DRIVERS\RT61.sys [X] S3 StarOpen; No ImagePath C:\Program Files\greattsAvEr C:\Program Files\FindRight C:\Program Files\YoutubeAdblocker C:\Documents and Settings\All Users\Dane aplikacji\a3e3a92aef77a455 C:\Documents and Settings\All Users\Dane aplikacji\greattsAvEr C:\Documents and Settings\All Users\Dane aplikacji\InstallMate C:\Documents and Settings\All Users\Dane aplikacji\YoutubeAdblocker C:\Documents and Settings\Administrator C:\Documents and Settings\Hubert\Dane aplikacji\newnext.me C:\Documents and Settings\Hubert\Menu Start\Programy\Mobogenie C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Comodo C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Mobogenie C:\Documents and Settings\Gość C:\Documents and Settings\SUPPORT_388945a0 C:\Documents and Settings\Pomocnik Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ***************** HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NWEReboot => Value deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon => Value deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoCDBurning => Value deleted successfully. HKU\S-1-5-21-299502267-1035525444-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Badoo Desktop => Value deleted successfully. HKU\S-1-5-21-299502267-1035525444-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive => Value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{27F68CFD-0F10-42C8-BD3F-F92A1E95944E} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{27F68CFD-0F10-42C8-BD3F-F92A1E95944E} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{8A244612-A1F7-11E0-95C0-E71F4824019B} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9C558FFB-DF1C-4545-9611-8E10174DD7F9} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{9C558FFB-DF1C-4545-9611-8E10174DD7F9} => Key not found. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0CD9561A-8DC4-2E5D-D151-13A033DC0F3B} => Key deleted successfully. HKCR\CLSID\{0CD9561A-8DC4-2E5D-D151-13A033DC0F3B} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62A67AFE-0B72-2E83-B072-062CE5BC4E46} => Key deleted successfully. HKCR\CLSID\{62A67AFE-0B72-2E83-B072-062CE5BC4E46} => Key deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} => Value deleted successfully. HKCR\CLSID\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} => Key not found. HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{68282C51-9459-467B-95BF-3C0E89627E55} => Key deleted successfully. HKCR\CLSID\{68282C51-9459-467B-95BF-3C0E89627E55} => Key deleted successfully. C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml => Moved successfully. C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\mmcccllnlcfemdmfmlllhbccmlghammm => Moved successfully. Update FindRight => Service deleted successfully. Ca2001v => Service deleted successfully. RT61 => Service deleted successfully. StarOpen => Service deleted successfully. C:\Program Files\greattsAvEr => Moved successfully. C:\Program Files\FindRight => Moved successfully. C:\Program Files\YoutubeAdblocker => Moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\a3e3a92aef77a455 => Moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\greattsAvEr => Moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\InstallMate => Moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\YoutubeAdblocker => Moved successfully. C:\Documents and Settings\Administrator => Moved successfully. C:\Documents and Settings\Hubert\Dane aplikacji\newnext.me => Moved successfully. C:\Documents and Settings\Hubert\Menu Start\Programy\Mobogenie => Moved successfully. C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Comodo => Moved successfully. C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Mobogenie => Moved successfully. C:\Documents and Settings\Gość => Moved successfully. C:\Documents and Settings\SUPPORT_388945a0 => Moved successfully. C:\Documents and Settings\Pomocnik => Moved successfully. ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukończona pomyślnie ========= End of Reg: ========= ==== End of Fixlog ====