Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-02-2014
Ran by Edyta at 2014-02-06 13:34:44 Run:1
Running from C:\Users\Edyta\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\...\Policies\Explorer\Run: [2139] - C:\ProgramData\Local Settings\Temp\msyiaov.com [866632 2009-07-14] ( (Google Inc.))
HKU\S-1-5-21-1330102789-1859539255-693781278-1000\...\RunOnce: [sidebar] - C:\Users\Edyta\AppData\Roaming\Sample.lnk [927 2014-02-06]
Task: {381B69BA-1329-416A-B54B-2294DF35AB67} - System32\Tasks\TunnelBear => C:\Program Files (x86)\TunnelBear\TBear.Client.exe
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
C:\ProgramData\Local Settings
C:\Users\Edyta\AppData\Roaming\Sample.lnk
C:\Users\Edyta\AppData\Roaming\DataWork
C:\ProgramData\Spybot - Search & Destroy
C:\Program Files (x86)\Spybot - Search & Destroy
CMD: netsh advfirewall reset
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\2139 => Value deleted successfully.
HKU\S-1-5-21-1330102789-1859539255-693781278-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\sidebar => Value not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{381B69BA-1329-416A-B54B-2294DF35AB67} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{381B69BA-1329-416A-B54B-2294DF35AB67} => Key deleted successfully.
C:\Windows\System32\Tasks\TunnelBear => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TunnelBear => Key deleted successfully.
X6va015 => Service deleted successfully.
X6va016 => Service deleted successfully.

"C:\ProgramData\Local Settings" directory move:

Could not move "C:\ProgramData\Local Settings\Temp\msyiaov.com" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Local Settings" directory. => Scheduled to move on reboot.

"C:\Users\Edyta\AppData\Roaming\Sample.lnk" => File/Directory not found.
C:\Users\Edyta\AppData\Roaming\DataWork => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy => Moved successfully.

=========  netsh advfirewall reset =========

Ok.


========= End of CMD: =========


=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-02-06 13:37:09)<=

C:\ProgramData\Local Settings\Temp\msyiaov.com => Is moved successfully.
C:\ProgramData\Local Settings => Is moved successfully.

==== End of Fixlog ====