Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:09-06-2014 03
Ran by Właściciele at 2014-06-10 22:29:55 Run:1
Running from C:\Users\Właściciele\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw.sys [52824 2014-06-06] (StdLib)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2013-09-25] ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
Task: {3B60F5BF-286A-4D16-91AC-0D562D4046D8} - System32\Tasks\PC Fresh => C:\Program Files\PC Fresh\PC Fresh.exe [2012-02-20] (Ascora GmbH)
Task: {45754286-C5AC-436D-870C-4E3CF90A3127} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {D226600D-9DB0-4825-BDF2-FB1FDC5FC9E4} - System32\Tasks\4788 => Wscript.exe C:\Users\WACICI~1\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {FFA03CC5-C89A-452B-A999-BF01CCB04A9D} - System32\Tasks\Digital Sites => C:\Users\Właściciele\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\WACICI~1\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Fresh.job => C:\Program Files\PC Fresh\PC Fresh.exe
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKU\S-1-5-21-2911960754-627070767-2633746932-1000\...\Run: [HW_OPENEYE_OUC_blueconnect] => C:\Program Files\blueconnect\UpdateDog\ouc.exe [116064 2011-03-26] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-2911960754-627070767-2633746932-1000\...\Run: [NextLive] => C:\Windows\system32\rundll32.exe "C:\Users\Właściciele\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-2911960754-627070767-2633746932-1000\...\Run: [dgvnbsi] => regsvr32.exe "C:\ProgramData\dgvnbsi.dat"
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.oversearch.info/?pid=34&r=2013/09/21&hid=9341803433448381243&lg=EN&cc=PL&unqvl=36
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.oversearch.info/?pid=34&r=2013/09/21&hid=9341803433448381243&lg=EN&cc=PL&unqvl=36
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.oversearch.info/?l=1&q={searchTerms}&pid=34&r=2013/09/21&hid=9341803433448381243&lg=EN&cc=PL&unqvl=36
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://startsear.ch/?src=sp&aff=51&cf=127628fc-3c83-11e2-a55b-e18eca7b13b2&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://startsear.ch/?src=sp&aff=51&cf=127628fc-3c83-11e2-a55b-e18eca7b13b2&q={searchTerms}
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.oversearch.info/?l=1&q={searchTerms}&pid=34&r=2013/09/21&hid=9341803433448381243&lg=EN&cc=PL&unqvl=36
SearchScopes: HKCU - {D1DD79B4-EBB9-4D5B-B4F9-0EB87A2D5F09} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=446F05E2-5A36-4986-9BFB-4D18D5EB21CF&apn_sauid=74589724-0539-4075-B529-CEB65887B572
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Właściciele\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2013-09-04]
C:\Program Files\mozilla firefox
C:\Program Files\SavEELOTs
C:\ProgramData\144d5074a576204f
C:\ProgramData\SavEELOTs
C:\ProgramData\bsndwi.dat
C:\ProgramData\dgvnbsi.dat
C:\Users\Właściciele\AppData\Roaming\DigitalSites
C:\Users\Właściciele\AppData\Roaming\newnext.me
C:\Users\Właściciele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
C:\Users\Właściciele\Desktop\Dokumenty\Continue SweetIM Installation.lnk
C:\Users\Właściciele\Desktop\Dokumenty\McAfee Security Scan Plus.lnk
C:\Users\Właściciele\Desktop\Dokumenty\Mozilla Thunderbird.lnk
C:\Users\Właściciele\Desktop\Dokumenty\SlimDrivers.lnk
C:\Users\Właściciele\Downloads\CCleaner(13061).exe
C:\Users\Właściciele\Downloads\whitesnake_-_*
C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw.sys
C:\Windows\System32\DRIVERS\SWDUMon.sys
Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LiveVDO /f
Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService /f
Reg: reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites" /f
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite /f
Reg: reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PDF Reader Packages" /f
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
Reboot:
*****************

{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw => Service stopped successfully.
{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw => Service deleted successfully.
SWDUMon => Service deleted successfully.
esgiguard => Service deleted successfully.
'HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3B60F5BF-286A-4D16-91AC-0D562D4046D8}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B60F5BF-286A-4D16-91AC-0D562D4046D8}' => Key deleted successfully.
C:\Windows\System32\Tasks\PC Fresh => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Fresh' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45754286-C5AC-436D-870C-4E3CF90A3127}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45754286-C5AC-436D-870C-4E3CF90A3127}' => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D226600D-9DB0-4825-BDF2-FB1FDC5FC9E4}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D226600D-9DB0-4825-BDF2-FB1FDC5FC9E4}' => Key deleted successfully.
C:\Windows\System32\Tasks\4788 => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4788' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FFA03CC5-C89A-452B-A999-BF01CCB04A9D}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFA03CC5-C89A-452B-A999-BF01CCB04A9D}' => Key deleted successfully.
C:\Windows\System32\Tasks\Digital Sites => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Digital Sites' => Key deleted successfully.
C:\Windows\Tasks\Digital Sites.job => Moved successfully.
C:\Windows\Tasks\PC Fresh.job => Moved successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKU\S-1-5-21-2911960754-627070767-2633746932-1000\Software\Microsoft\Windows\CurrentVersion\Run\\HW_OPENEYE_OUC_blueconnect => value deleted successfully.
HKU\S-1-5-21-2911960754-627070767-2633746932-1000\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive => value deleted successfully.
HKU\S-1-5-21-2911960754-627070767-2633746932-1000\Software\Microsoft\Windows\CurrentVersion\Run\\dgvnbsi => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}'=> Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D1DD79B4-EBB9-4D5B-B4F9-0EB87A2D5F09}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{D1DD79B4-EBB9-4D5B-B4F9-0EB87A2D5F09}'=> Key not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.
'HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo' => Key deleted successfully.
C:\Users\Właściciele\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx => Moved successfully.
C:\Program Files\mozilla firefox => Moved successfully.
C:\Program Files\SavEELOTs => Moved successfully.
C:\ProgramData\144d5074a576204f => Moved successfully.
C:\ProgramData\SavEELOTs => Moved successfully.
C:\ProgramData\bsndwi.dat => Moved successfully.
C:\ProgramData\dgvnbsi.dat => Moved successfully.
C:\Users\Właściciele\AppData\Roaming\DigitalSites => Moved successfully.
C:\Users\Właściciele\AppData\Roaming\newnext.me => Moved successfully.
C:\Users\Właściciele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop => Moved successfully.
C:\Users\Właściciele\Desktop\Dokumenty\Continue SweetIM Installation.lnk => Moved successfully.
C:\Users\Właściciele\Desktop\Dokumenty\McAfee Security Scan Plus.lnk => Moved successfully.
C:\Users\Właściciele\Desktop\Dokumenty\Mozilla Thunderbird.lnk => Moved successfully.
C:\Users\Właściciele\Desktop\Dokumenty\SlimDrivers.lnk => Moved successfully.
C:\Users\Właściciele\Downloads\CCleaner(13061).exe => Moved successfully.
C:\Users\Właściciele\Downloads\whitesnake_-_* => Moved successfully.
C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw.sys => Moved successfully.
C:\Windows\System32\DRIVERS\SWDUMon.sys => Moved successfully.

========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LiveVDO /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PDF Reader Packages" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========



The system needed a reboot. 

==== End of Fixlog ====