Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-10-2013
Ran by Administrator at 2013-10-04 10:59:54 Run:1
Running from C:\Documents and Settings\Administrator\Moje dokumenty
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\Documents and Settings\Administrator\Dane aplikacji\Pztitx.exe
C:\Documents and Settings\Administrator\Dane aplikacji\Ad-Aware Antivirus
C:\Documents and Settings\Administrator\Dane aplikacji\BabSolution
C:\Documents and Settings\Administrator\Dane aplikacji\DigitalSite
C:\Documents and Settings\Administrator\Moje dokumenty\Adobe-Reader-XI(21590).exe
C:\Documents and Settings\Administrator\Moje dokumenty\OCCT(28567).exe
C:\Documents and Settings\Administrator\Moje dokumenty\HWiNFO32(15982).exe
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome
C:\Documents and Settings\All Users\Dane aplikacji\Ad-Aware Antivirus
C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
C:\Documents and Settings\All Users\Dane aplikacji\Babylon
C:\Documents and Settings\All Users\Dane aplikacji\blekko toolbars
C:\Documents and Settings\All Users\Dane aplikacji\f-secure
C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\8A809006C25A4A3A9DAB94659BCDB107.TMP
C:\WINDOWS\system32\Drivers\dtkuu.sys
C:\Windows\System32\drivers\gfibto.sys
C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
C:\Program Files\mozilla firefox\searchplugins\v9.xml
C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
S2 bonanzadealslive; C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-03] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-03] (BonanzaDeals)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-01-22] (GFI Software)
S3 LPWZSB; C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\LPWZSB.exe [x]
S3 AODDriver; \??\C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys [x]
R3 catchme; \??\C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\catchme.sys [x]
S3 MEMSWEEP2; \??\C:\WINDOWS\system32\8.tmp [x]
S0 sptd; System32\Drivers\sptd.sys [x]
U3 mbr; \??\C:\ComboFix\mbr.sys [x]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchgol.com/?babsrc=HP_ss&mntrId=D8FD6CF049B86FFF&affID=125032&tsp=5024
BHO: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}
FF Plugin: @ganymede/CARDS,version=1.0 - C:\Program Files\Ganymede\Plugins\CARDS\NPCARDS.dll No File
FF Plugin: @ganymede/GanymedeNetPlugin,version=1.0 - C:\Program Files\Ganymede\Plugins\npganymedenet.dll No File
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
Reg: reg delete HKLM\SOFTWARE\Google\Chrome /f
Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Pztitx /f
Reg: reg delete HKCU\SOFTWARE\Microsoft\Windows\ShellNoRoam\MUICache /v "@C:\Documents and Settings\Administrator\Dane aplikacji\Pztitx.exe" /f
*****************

Could not move "C:\Documents and Settings\Administrator\Dane aplikacji\Pztitx.exe" => Scheduled to move on reboot.
C:\Documents and Settings\Administrator\Dane aplikacji\Ad-Aware Antivirus => Moved successfully.
C:\Documents and Settings\Administrator\Dane aplikacji\BabSolution => Moved successfully.
C:\Documents and Settings\Administrator\Dane aplikacji\DigitalSite => Moved successfully.
C:\Documents and Settings\Administrator\Moje dokumenty\Adobe-Reader-XI(21590).exe => Moved successfully.
C:\Documents and Settings\Administrator\Moje dokumenty\OCCT(28567).exe => Moved successfully.
C:\Documents and Settings\Administrator\Moje dokumenty\HWiNFO32(15982).exe => Moved successfully.
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Ad-Aware Antivirus => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Babylon => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\blekko toolbars => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\f-secure => Moved successfully.
C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\At1.job => Moved successfully.
C:\WINDOWS\8A809006C25A4A3A9DAB94659BCDB107.TMP => Moved successfully.
C:\WINDOWS\system32\Drivers\dtkuu.sys => Moved successfully.
C:\Windows\System32\drivers\gfibto.sys => Moved successfully.
C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com => Moved successfully.
C:\Program Files\mozilla firefox\searchplugins\v9.xml => Moved successfully.
C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml => Moved successfully.
C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml => Moved successfully.
bonanzadealslive => Service deleted successfully.
bonanzadealslivem => Service deleted successfully.
gfibto => Service deleted successfully.
LPWZSB => Service deleted successfully.
AODDriver => Service deleted successfully.
catchme => Service deleted successfully.
MEMSWEEP2 => Service deleted successfully.
sptd => Service deleted successfully.
mbr => Service not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fe063412-bea4-4d76-8ed3-183be6220d17} => Key deleted successfully.
HKCR\CLSID\{fe063412-bea4-4d76-8ed3-183be6220d17} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} => Value deleted successfully.
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key not found.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{68282C51-9459-467B-95BF-3C0E89627E55} => Key deleted successfully.
HKCR\CLSID\{68282C51-9459-467B-95BF-3C0E89627E55} => Key not found.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93} => Key deleted successfully.
HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} => Key deleted successfully.
HKCR\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} => Key deleted successfully.
HKLM\Software\MozillaPlugins\@ganymede/CARDS,version=1.0 => Key deleted successfully.
C:\Program Files\Ganymede\Plugins\CARDS\NPCARDS.dll not found.
HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0 => Key deleted successfully.
C:\Program Files\Ganymede\Plugins\npganymedenet.dll not found.
HKLM\Software\Mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} => Value deleted successfully.

========= reg delete HKLM\SOFTWARE\Google\Chrome /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKCU\Software\Microsoft\Internet Explorer\SearchScopes" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Pztitx /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete HKCU\SOFTWARE\Microsoft\Windows\ShellNoRoam\MUICache /v "@C:\Documents and Settings\Administrator\Dane aplikacji\Pztitx.exe" /f =========


Błąd: system nie może odnaleźć określonego klucza rejestru lub wartości.


========= End of Reg: =========


=========== Result of Scheduled Files to move ===========

C:\Documents and Settings\Administrator\Dane aplikacji\Pztitx.exe => Moved successfully.

==== End of Fixlog ====