Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-02-2014 Ran by Basia i Tomek at 2014-02-17 21:48:10 Run:1 Running from C:\Users\tomas_000\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&ts=1392484028&from=ild&uid=ST1000LM024XHN-M101MBB_S2SMJ9BD930989&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1392484028&from=ild&uid=ST1000LM024XHN-M101MBB_S2SMJ9BD930989 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=1392484028&from=ild&uid=ST1000LM024XHN-M101MBB_S2SMJ9BD930989 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1392484028&from=ild&uid=ST1000LM024XHN-M101MBB_S2SMJ9BD930989&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1392484028&from=ild&uid=ST1000LM024XHN-M101MBB_S2SMJ9BD930989&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = FF Homepage: hxxp://www.awesomehp.com/?type=hp&ts=1392484028&from=ild&uid=ST1000LM024XHN-M101MBB_S2SMJ9BD930989 HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe HKLM-x32\...\Run: [EaseUS EPM tray] - C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe Unlock: HKLM\SYSTEM\CurrentControlSet\Services\sptd S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X] C:\Program Files (x86)\Mobogenie C:\Program Files (x86)\SupTab C:\ProgramData\WPM C:\Users\tomas_000\.android C:\Users\tomas_000\daemonprocess.txt C:\Users\tomas_000\AppData\Local\cache C:\Users\tomas_000\AppData\Local\Mobogenie C:\Users\tomas_000\Documents\Mobogenie C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ***************** HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. Firefox homepage deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon => Value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\EaseUS EPM tray => Value deleted successfully. "HKLM\SYSTEM\CurrentControlSet\Services\sptd" => Key unlocked successfully. sptd => Service deleted successfully. C:\Program Files (x86)\Mobogenie => Moved successfully. C:\Program Files (x86)\SupTab => Moved successfully. C:\ProgramData\WPM => Moved successfully. C:\Users\tomas_000\.android => Moved successfully. C:\Users\tomas_000\daemonprocess.txt => Moved successfully. C:\Users\tomas_000\AppData\Local\cache => Moved successfully. C:\Users\tomas_000\AppData\Local\Mobogenie => Moved successfully. C:\Users\tomas_000\Documents\Mobogenie => Moved successfully. C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP => Moved successfully. ========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ==== End of Fixlog ====