Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-09-2014
Ran by Mirek at 2014-09-29 19:55:45 Run:1
Running from E:\Nowy folder
Loaded Profile: Mirek (Available profiles: Mirek & Gość)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1410638242&from=ild&uid=WDCXWD6400BEVT-22A0RT0_WD-WX31EC00488204882&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1410638242&from=ild&uid=WDCXWD6400BEVT-22A0RT0_WD-WX31EC00488204882&q={searchTerms}
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Mirek\AppData\Roaming\Mozilla\Firefox\Profiles\fcmgjka9.default\extensions\faststartff@gmail.com
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
C:\Program Files (x86)\Mozilla Firefox\extensions
C:\Program Files (x86)\Mozilla Firefox\plugins
C:\Program Files (x86)\Opera
C:\ProgramData\Temp
C:\Users\Mirek\AppData\Local\Opera Software
C:\Users\Mirek\AppData\Roaming\ICJ
C:\Users\Mirek\AppData\Roaming\LKLTLQT
C:\Users\Mirek\AppData\Roaming\Opera Software
C:\Users\Mirek\AppData\Roaming\WebExtend
C:\Windows\RegBootClean64.exe
C:\Windows\system32\FxsTmp
Folder: C:\Temp
EmptyTemp:
*****************

Processes closed successfully.
catchme => Service deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\faststartff@gmail.com => value deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\plugins => Moved successfully.
C:\Program Files (x86)\Opera => Moved successfully.
C:\ProgramData\Temp => Moved successfully.
C:\Users\Mirek\AppData\Local\Opera Software => Moved successfully.
C:\Users\Mirek\AppData\Roaming\ICJ => Moved successfully.
C:\Users\Mirek\AppData\Roaming\LKLTLQT => Moved successfully.
C:\Users\Mirek\AppData\Roaming\Opera Software => Moved successfully.
C:\Users\Mirek\AppData\Roaming\WebExtend => Moved successfully.
C:\Windows\RegBootClean64.exe => Moved successfully.
C:\Windows\system32\FxsTmp => Moved successfully.

========================= Folder: C:\Temp ========================


====== End of Folder: ======