Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-02-2015
Ran by Marek Markiewicz at 2015-02-13 18:41:04 Run:1
Running from C:\Users\Marek Markiewicz\Downloads
Loaded Profiles: Marek Markiewicz (Available profiles: Marek Markiewicz)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-922980303-2826830891-3979983212-1001\...\Run: [nvxasync] => C:\Users\Marek Markiewicz\AppData\Roaming\nvxasync\nvxasync.exe [142678016 2015-02-11] ()
HKU\S-1-5-21-922980303-2826830891-3979983212-1001\...\Winlogon: [Shell] C:\ProgramData\nvxasync\cvxasync.exe [142678016 2015-02-11] () <==== ATTENTION
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\more.url -> hxxp://adf.ly/pRzv6
InternetURL: C:\Users\Marek Markiewicz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VLC Helper.com.url -> C:\ProgramData\vlc_64.exe
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
S3 ewusbnet; \SystemRoot\system32\DRIVERS\ewusbnet.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [X]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKU\S-1-5-21-922980303-2826830891-3979983212-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.surfvox.com/
SearchScopes: HKU\S-1-5-21-922980303-2826830891-3979983212-1001 -> DefaultScope {828B376B-F2F6-4778-928C-E29EC877535E} URL = http://www.google.com/cse?cx=partner-pub-0900663996874144:6813731868&ie=UTF-8&q={searchTerms}&sa=Search&ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
SearchScopes: HKU\S-1-5-21-922980303-2826830891-3979983212-1001 -> {828B376B-F2F6-4778-928C-E29EC877535E} URL = http://www.google.com/cse?cx=partner-pub-0900663996874144:6813731868&ie=UTF-8&q={searchTerms}&sa=Search&ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
CHR HomePage: Default -> hxxp://www.surfvox.com/
CHR StartupUrls: Default -> "hxxp://www.surfvox.com/"
CHR DefaultSearchKeyword: Default -> surfvox.com
CHR DefaultSearchURL: Default -> http://www.google.com/?cx=partner-pub-0900663996874144%3A6813731868&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=www.surfvox.com%2F&ref=&ss=
C:\ProgramData\vlc_64.exe
C:\ProgramData\nvxasync
C:\Users\Marek Markiewicz\AppData\Local\Google\Chrome\User Data\Default\Preferences
C:\Users\Marek Markiewicz\AppData\Roaming\chportu
C:\Users\Marek Markiewicz\AppData\Roaming\nvxasync
C:\Users\Marek Markiewicz\Downloads\SpyHunter 4.12.13.4202 + Patch
C:\Users\Marek Markiewicz\Downloads\SpyHunter*
C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
C:\Windows\46B04D534E344388B6EE80FAB66AEF9B.TMP
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder /v more.url /f
Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v Nvtmru /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-922980303-2826830891-3979983212-1001\Software\Microsoft\Windows\CurrentVersion\Run\\nvxasync => value deleted successfully.
HKU\S-1-5-21-922980303-2826830891-3979983212-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\more.url => Moved successfully.
C:\Users\Marek Markiewicz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VLC Helper.com.url => Moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Nvtmru => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui" => Key deleted successfully.
ewusbnet => Service deleted successfully.
gdrv => Service deleted successfully.
hwdatacard => Service deleted successfully.
hwusbdev => Service deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKU\S-1-5-21-922980303-2826830891-3979983212-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-922980303-2826830891-3979983212-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-922980303-2826830891-3979983212-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{828B376B-F2F6-4778-928C-E29EC877535E}" => Key deleted successfully.
HKCR\CLSID\{828B376B-F2F6-4778-928C-E29EC877535E} => Key not found. 
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
Chrome DefaultSearchURL deleted successfully.
"C:\ProgramData\vlc_64.exe" => File/Directory not found.
C:\ProgramData\nvxasync => Moved successfully.
C:\Users\Marek Markiewicz\AppData\Local\Google\Chrome\User Data\Default\Preferences => Moved successfully.
C:\Users\Marek Markiewicz\AppData\Roaming\chportu => Moved successfully.
C:\Users\Marek Markiewicz\AppData\Roaming\nvxasync => Moved successfully.
C:\Users\Marek Markiewicz\Downloads\SpyHunter 4.12.13.4202 + Patch => Moved successfully.
C:\Users\Marek Markiewicz\Downloads\SpyHunter* => Moved successfully.
C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP => Moved successfully.
C:\Windows\46B04D534E344388B6EE80FAB66AEF9B.TMP => Moved successfully.

========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder /v more.url /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v Nvtmru /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========



The system needed a reboot. 

==== End of Fixlog 18:41:09 ====