Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 14-04-2015
Ran by operator at 2015-04-15 12:02:32 Run:1
Running from C:\Documents and Settings\operator\Moje dokumenty
Loaded Profiles: operator (Available profiles: operator & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
CloseProcesses:
CreateRestorePoint:
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\FHUE.job => C:\Documents and Settings\operator\Dane aplikacji\FHUE.exe
Task: C:\WINDOWS\Tasks\SMupdate2.job => C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll <==== ATTENTION
Task: C:\WINDOWS\Tasks\SMupdate3.job => C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll <==== ATTENTION
S3 catchme; \??\C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\catchme.sys [X]
S0 cerc6; No ImagePath
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 filtertdidriver; system32\drivers\ewfiltertdidriver.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
ShortcutWithArgument: C:\Documents and Settings\operator\Menu Start\Programy\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1420451576&from=smt&uid=WDCXWD800JD-75MSA3_WD-WMAM9FM9841498414
ShortcutWithArgument: C:\Documents and Settings\operator\Menu Start\Programy\Akcesoria\Narzędzia systemowe\Internet Explorer (bez dodatków).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1420451576&from=smt&uid=WDCXWD800JD-75MSA3_WD-WMAM9FM9841498414
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-220523388-1606980848-1905892399-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
C:\Documents and Settings\All Users\Dane aplikacji\TEMP
C:\Documents and Settings\operator\TempWmicBatchFile.bat
C:\Documents and Settings\operator\Dane aplikacji\FHUE
C:\Documents and Settings\operator\Dane aplikacji\LiveSupport.exe_log.txt
C:\Documents and Settings\operator\Dane aplikacji\regsvr32.exe_log.txt
C:\Documents and Settings\operator\Moje dokumenty\Moje obrazy\Przykładowe obrazy.lnk
C:\Documents and Settings\operator\SendTo\AQQ.lnk
C:\Documents and Settings\operator\Ustawienia lokalne\Dane aplikacji\nsaB6.tmp
C:\Documents and Settings\operator\Ustawienia lokalne\Dane aplikacji\nsb165.tmp
C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
Reg: reg delete HKLM\SOFTWARE\Mozilla /f
Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f
EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
C:\WINDOWS\Tasks\APSnotifierPP1.job => Moved successfully.
C:\WINDOWS\Tasks\APSnotifierPP2.job => Moved successfully.
C:\WINDOWS\Tasks\APSnotifierPP3.job => Moved successfully.
C:\WINDOWS\Tasks\FHUE.job => Moved successfully.
C:\WINDOWS\Tasks\SMupdate2.job => Moved successfully.
C:\WINDOWS\Tasks\SMupdate3.job => Moved successfully.
catchme => Service deleted successfully.
cerc6 => Service deleted successfully.
ewusbnet => Service deleted successfully.
filtertdidriver => Service deleted successfully.
huawei_enumerator => Service deleted successfully.
hwdatacard => Service deleted successfully.
hwusbdev => Service deleted successfully.
C:\Documents and Settings\operator\Menu Start\Programy\Internet Explorer.lnk => Shortcut argument was removed successfully.
C:\Documents and Settings\operator\Menu Start\Programy\Akcesoria\Narzędzia systemowe\Internet Explorer (bez dodatków).lnk => Shortcut argument was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-220523388-1606980848-1905892399-1003\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
C:\Documents and Settings\All Users\Dane aplikacji\TEMP => Moved successfully.
C:\Documents and Settings\operator\TempWmicBatchFile.bat => Moved successfully.
C:\Documents and Settings\operator\Dane aplikacji\FHUE => Moved successfully.
C:\Documents and Settings\operator\Dane aplikacji\LiveSupport.exe_log.txt => Moved successfully.
C:\Documents and Settings\operator\Dane aplikacji\regsvr32.exe_log.txt => Moved successfully.
C:\Documents and Settings\operator\Moje dokumenty\Moje obrazy\Przykładowe obrazy.lnk => Moved successfully.
C:\Documents and Settings\operator\SendTo\AQQ.lnk => Moved successfully.
C:\Documents and Settings\operator\Ustawienia lokalne\Dane aplikacji\nsaB6.tmp => Moved successfully.
C:\Documents and Settings\operator\Ustawienia lokalne\Dane aplikacji\nsb165.tmp => Moved successfully.
C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension => Moved successfully.

========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Mozilla /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\MozillaPlugins /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========

EmptyTemp: => Removed 206.5 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 12:02:57 ====