Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-12-2013 02
Ran by Krystian at 2013-12-21 15:40:33 Run:1
Running from C:\Users\Krystian\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKCU\...\Run: [TBHostSupport] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Krystian\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {09EBE041-F030-49CE-8D26-AD7601BE6473} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKCU - {489D7943-C7A9-470A-A0DC-64A14EE41A61} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3225826&CUI=UN38416867572660322&UM=1
SearchScopes: HKCU - {960FA8AD-08C8-4810-9C63-D97F66FC3D37} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
CHR HKLM-x32\...\Chrome\Extension: [dknkjnkhedbanphkkpbpcgoblmkbfhlf] - C:\Users\Krystian\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx
Task: {0C817FD6-414F-4DD4-8C5B-3DF866CECF48} - \BonanzaDealsLiveUpdateTaskMachineCore No Task File
Task: {1E00AADD-61D1-4747-A5A4-A23CA373AA45} - System32\Tasks\ROC_JAN2013_TB_rmv => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
Task: {40041FE4-87E9-457B-8623-13EFA456A13D} - System32\Tasks\{91825553-949D-41AE-A4CC-196F81D9EFA7} => Firefox.exe http://ui.skype.com/ui/0/6.5.0.158/pl/abandoninstall?page=tsProgressBar
Task: {574361FD-149F-4DB5-898D-9247D7122132} - \BonanzaDealsLiveUpdateTaskMachineUA No Task File
Task: {6FCC7F60-B04A-4872-9B20-68BE75E83E6B} - System32\Tasks\{AE755EDC-05B8-4763-9128-E65CAF604392} => F:\Gry\PAYDAY 2\payday2_win32_release.exe [2013-10-31] ()
Task: {8AA95498-5634-4E44-BE6C-00D9DC4EBDB6} - \QtraxPlayer No Task File
Task: C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
S3 BT; system32\DRIVERS\btnetdrv.sys [x]
S3 BTCOM; system32\DRIVERS\btcomport.sys [x]
S3 BTCOMBUS; System32\Drivers\btcombus.sys [x]
S3 Btcsrusb; System32\Drivers\btcusb.sys [x]
S3 IvtComBusSrv; System32\Drivers\btcombus.sys [x]
S3 VHidMinidrv; system32\drivers\VHIDMini.sys [x]
S0 vmci; system32\DRIVERS\vmci.sys [x]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [x]
C:\ProgramData\WPM
C:\Users\Krystian\.android
C:\Users\Krystian\daemonprocess.txt
C:\Users\Krystian\AppData\Local\cache
C:\Users\Krystian\AppData\Local\genienext
C:\Users\Krystian\AppData\Local\Mobogenie
C:\Users\Krystian\AppData\Local\TBHostSupport
C:\Users\Krystian\AppData\Roaming\newnext.me
C:\Users\Krystian\Documents\Mobogenie
Reg: reg add "HKCU\Software\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f
Reg: reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f
Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\TBHostSupport => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon => Value deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09EBE041-F030-49CE-8D26-AD7601BE6473} => Key deleted successfully.
HKCR\CLSID\{09EBE041-F030-49CE-8D26-AD7601BE6473} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{489D7943-C7A9-470A-A0DC-64A14EE41A61} => Key deleted successfully.
HKCR\CLSID\{489D7943-C7A9-470A-A0DC-64A14EE41A61} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{960FA8AD-08C8-4810-9C63-D97F66FC3D37} => Key deleted successfully.
HKCR\CLSID\{960FA8AD-08C8-4810-9C63-D97F66FC3D37} => Key not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru => Value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru => Value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru => Value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf => Key deleted successfully.
C:\Users\Krystian\AppData\Local\CRE\dknkjnkhedbanphkkpbpcgoblmkbfhlf.crx => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0C817FD6-414F-4DD4-8C5B-3DF866CECF48} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C817FD6-414F-4DD4-8C5B-3DF866CECF48} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineCore => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1E00AADD-61D1-4747-A5A4-A23CA373AA45} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E00AADD-61D1-4747-A5A4-A23CA373AA45} => Key deleted successfully.
C:\Windows\System32\Tasks\ROC_JAN2013_TB_rmv => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ROC_JAN2013_TB_rmv => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40041FE4-87E9-457B-8623-13EFA456A13D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40041FE4-87E9-457B-8623-13EFA456A13D} => Key deleted successfully.
C:\Windows\System32\Tasks\{91825553-949D-41AE-A4CC-196F81D9EFA7} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{91825553-949D-41AE-A4CC-196F81D9EFA7} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{574361FD-149F-4DB5-898D-9247D7122132} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{574361FD-149F-4DB5-898D-9247D7122132} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineUA => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6FCC7F60-B04A-4872-9B20-68BE75E83E6B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FCC7F60-B04A-4872-9B20-68BE75E83E6B} => Key deleted successfully.
C:\Windows\System32\Tasks\{AE755EDC-05B8-4763-9128-E65CAF604392} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AE755EDC-05B8-4763-9128-E65CAF604392} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8AA95498-5634-4E44-BE6C-00D9DC4EBDB6} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AA95498-5634-4E44-BE6C-00D9DC4EBDB6} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\QtraxPlayer => Key deleted successfully.
C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job => Moved successfully.
BT => Service deleted successfully.
BTCOM => Service deleted successfully.
BTCOMBUS => Service deleted successfully.
Btcsrusb => Service deleted successfully.
IvtComBusSrv => Service deleted successfully.
VHidMinidrv => Service deleted successfully.
vmci => Service deleted successfully.
VMnetAdapter => Service deleted successfully.
C:\ProgramData\WPM => Moved successfully.
C:\Users\Krystian\.android => Moved successfully.
C:\Users\Krystian\daemonprocess.txt => Moved successfully.
C:\Users\Krystian\AppData\Local\cache => Moved successfully.
C:\Users\Krystian\AppData\Local\genienext => Moved successfully.
C:\Users\Krystian\AppData\Local\Mobogenie => Moved successfully.
"C:\Users\Krystian\AppData\Local\TBHostSupport" => File/Directory not found.
C:\Users\Krystian\AppData\Roaming\newnext.me => Moved successfully.
C:\Users\Krystian\Documents\Mobogenie => Moved successfully.

========= reg add "HKCU\Software\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


==== End of Fixlog ====