Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-03-2014
Ran by media at 2014-03-15 21:46:55 Run:1
Running from C:\SPECPROGRAMY
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
() C:\Program Files (x86)\GrabRez\updateGrabRez.exe
() C:\Program Files (x86)\GrabRez\bin\utilGrabRez.exe
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [508016 2014-02-19] (Cherished Technololgy LIMITED)
R2 Update GrabRez; C:\Program Files (x86)\GrabRez\updateGrabRez.exe [111896 2014-02-25] ()
R2 Util GrabRez; C:\Program Files (x86)\GrabRez\bin\utilGrabRez.exe [111896 2014-02-25] ()
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [493568 2014-02-19] (Cherished Technololgy LIMITED)
S3 appliandMP; system32\DRIVERS\appliand.sys [X]
S3 cpuz134; \??\C:\Users\media\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
HKU\S-1-5-21-3550354000-425692153-1505289350-1000\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\media\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-3550354000-425692153-1505289350-1000\...\Policies\Explorer: [NofolderOptions] 0
Task: {1FA15E68-5FFD-401A-9D73-B48610BA9812} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Task: {21009075-2324-40F4-BF19-B4CD45195D1B} - System32\Tasks\AmiUpdXp => C:\Users\media\AppData\Local\SwvUpdater\Updater.exe [2014-02-19] () <==== ATTENTION
Task: {E77C298D-44F6-42F9-A2D0-DDBF8CD5E29C} - System32\Tasks\DealPlyUpdate => C:\Program
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\media\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.awesomehp.com/?type=sc&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B
ShortcutWithArgument: C:\Users\media\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.awesomehp.com/?type=sc&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B
ShortcutWithArgument: C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.awesomehp.com/?type=sc&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B
ShortcutWithArgument: C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.awesomehp.com/?type=sc&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B
ShortcutWithArgument: C:\Users\media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.awesomehp.com/?type=sc&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B
ShortcutWithArgument: C:\Users\media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.awesomehp.com/?type=sc&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B
ShortcutWithArgument: C:\Users\media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.awesomehp.com/?type=sc&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B
ShortcutWithArgument: C:\Users\media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.awesomehp.com/?type=sc&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B
ShortcutWithArgument: C:\Users\media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.awesomehp.com/?type=sc&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=sc&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.awesomehp.com/web/?type=ds&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.awesomehp.com/web/?type=ds&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.awesomehp.com/web/?type=ds&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.awesomehp.com/web/?type=ds&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {9718AA89-83AE-4695-A0C7-0BF5377E2E68} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
BHO: 1ClickMovie-Download V9.0 - {11111111-1111-1111-1111-110511131182} - C:\Program Files (x86)\1ClickMovie-Download V9.0\1ClickMovie-Download V9.0-bho64.dll (installdaddy)
BHO-x32: 1ClickMovie-Download V9.0 - {11111111-1111-1111-1111-110511131182} - C:\Program Files (x86)\1ClickMovie-Download V9.0\1ClickMovie-Download V9.0-bho.dll (installdaddy)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\awesomehp.xml
FF HKLM-x32\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\media\AppData\Roaming\Mozilla\Firefox\Profiles\t5otf8pw.default\extensions\lightningnewtab@gmail.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha8383.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha8383\ff
FF Extension: Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha8383\ff [2014-03-07]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.awesomehp.com/?type=sc&ts=1392821672&from=ild&uid=ST9500420AS_5VJA091B
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:64217CD0
C:\Users\media\.android
C:\Users\media\daemonprocess.txt
C:\Users\media\iexplore.exe
C:\Users\media\AppData\Local\cache
C:\Users\media\AppData\Local\Cool_Mirage
C:\Users\media\AppData\Local\CrashDumps
C:\Users\media\AppData\Local\Google\Chrome
C:\Users\media\AppData\Local\genienext
C:\Users\media\AppData\Local\Mobogenie
C:\Users\media\AppData\Roaming\eDownload
C:\Users\media\AppData\Roaming\newnext.me
C:\Users\media\AppData\Roaming\Orbit
C:\Users\media\AppData\Roaming\ProgSense
C:\Users\media\AppData\Roaming\systweak
C:\Users\media\AppData\Roaming\VDownloader
C:\Users\media\AppData\Roaming\_MDLogs
C:\Users\media\Documents\Mobogenie
C:\Windows\SysWOW64\GroupPolicy\GPT.INI
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Google\Chrome /f
CMD: rd /s /q "C:\Users\media\Desktop\Stare dane programu Firefox" /f
CMD: for /d %f in (C:\Users\media\AppData\Local\{*}) do rd /s /q "%f"
Reboot:
*****************

[1600] C:\ProgramData\IePluginService\PluginService.exe => Process closed successfully.
[1720] C:\ProgramData\WPM\wprotectmanager.exe => Process closed successfully.
[2844] C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => Process closed successfully.
[3328] C:\Program Files (x86)\GrabRez\updateGrabRez.exe => Process closed successfully.
[5508] C:\Program Files (x86)\GrabRez\bin\utilGrabRez.exe => Process closed successfully.
IePluginService => Service deleted successfully.
Update GrabRez => Service deleted successfully.
Util GrabRez => Service deleted successfully.
Wpm => Service deleted successfully.
appliandMP => Service deleted successfully.
cpuz134 => Service deleted successfully.
HKU\S-1-5-21-3550354000-425692153-1505289350-1000\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive => Value deleted successfully.
HKU\S-1-5-21-3550354000-425692153-1505289350-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NofolderOptions => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FA15E68-5FFD-401A-9D73-B48610BA9812} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FA15E68-5FFD-401A-9D73-B48610BA9812} => Key deleted successfully.
C:\Windows\System32\Tasks\ArcSoft Connect Daemon => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ArcSoft Connect Daemon => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{21009075-2324-40F4-BF19-B4CD45195D1B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21009075-2324-40F4-BF19-B4CD45195D1B} => Key deleted successfully.
C:\Windows\System32\Tasks\AmiUpdXp => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E77C298D-44F6-42F9-A2D0-DDBF8CD5E29C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E77C298D-44F6-42F9-A2D0-DDBF8CD5E29C} => Key deleted successfully.
C:\Windows\System32\Tasks\DealPlyUpdate => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate => Key deleted successfully.
C:\Windows\Tasks\AmiUpdXp.job => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Shortcut argument was removed successfully.
C:\Users\media\Desktop\Mozilla Firefox.lnk => Shortcut argument was removed successfully.
C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Shortcut argument was removed successfully.
C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => Shortcut argument was restored successfully.
C:\Users\media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Shortcut argument was removed successfully.
C:\Users\media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk => Shortcut argument was removed successfully.
C:\Users\media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk => Shortcut argument was removed successfully.
C:\Users\media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk => Shortcut argument was removed successfully.
C:\Users\media\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk => Shortcut argument was removed successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9718AA89-83AE-4695-A0C7-0BF5377E2E68} => Key deleted successfully.
HKCR\CLSID\{9718AA89-83AE-4695-A0C7-0BF5377E2E68} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131182} => Key deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110511131182} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131182} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110511131182} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} => Key deleted successfully.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\awesomehp.xml => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\lightningnewtab@gmail.com => Value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@MediaViewV1alpha8383.net => Value deleted successfully.
C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha8383\ff => Moved successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Value was restored successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\ProgramData\Temp => ":64217CD0" ADS removed successfully.
C:\Users\media\.android => Moved successfully.
C:\Users\media\daemonprocess.txt => Moved successfully.
C:\Users\media\iexplore.exe => Moved successfully.
C:\Users\media\AppData\Local\cache => Moved successfully.
C:\Users\media\AppData\Local\Cool_Mirage => Moved successfully.
C:\Users\media\AppData\Local\CrashDumps => Moved successfully.
C:\Users\media\AppData\Local\Google\Chrome => Moved successfully.
C:\Users\media\AppData\Local\genienext => Moved successfully.
C:\Users\media\AppData\Local\Mobogenie => Moved successfully.
C:\Users\media\AppData\Roaming\eDownload => Moved successfully.
C:\Users\media\AppData\Roaming\newnext.me => Moved successfully.
C:\Users\media\AppData\Roaming\Orbit => Moved successfully.
C:\Users\media\AppData\Roaming\ProgSense => Moved successfully.
C:\Users\media\AppData\Roaming\systweak => Moved successfully.
C:\Users\media\AppData\Roaming\VDownloader => Moved successfully.
C:\Users\media\AppData\Roaming\_MDLogs => Moved successfully.
C:\Users\media\Documents\Mobogenie => Moved successfully.
C:\Windows\SysWOW64\GroupPolicy\GPT.INI => Moved successfully.

========= reg delete HKLM\SOFTWARE\Wow6432Node\Google\Chrome /f =========

Operacja ukoäczona pomy˜lnie.



========= End of Reg: =========


=========  rd /s /q "C:\Users\media\Desktop\Stare dane programu Firefox" /f =========

Nieprawidˆowy przeˆ¥cznik - "f".

========= End of CMD: =========


=========  for /d %f in (C:\Users\media\AppData\Local\{*}) do rd /s /q "%f" =========


========= End of CMD: =========



The system needed a reboot. 

==== End of Fixlog ====