Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 31-08-2013 04
Ran by Karolina at 2013-09-01 14:58:30 Run:3
Running from C:\Documents and Settings\Karolina\Pulpit
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM\...\Run: [Zwinky Search Scope Monitor] - "C:\PROGRA~1\ZWINKY~2\bar\1.bin\5qsrchmn.exe" /m=2 /w /h [x]
HKLM\...\Run: [Zwinky_5q Browser Plugin Loader] - C:\PROGRA~1\ZWINKY~2\bar\1.bin\5qbrmon.exe [x]
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=PL&userid=3a732a9b-54b2-4c4d-b4c6-be738cdd24bf&searchtype=ds&q={searchTerms}&installDate=04/04/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=PL&userid=3a732a9b-54b2-4c4d-b4c6-be738cdd24bf&searchtype=hp&installDate=04/04/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=PL&userid=3a732a9b-54b2-4c4d-b4c6-be738cdd24bf&searchtype=ds&q={searchTerms}&installDate=04/04/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=ST9250315AS_6VCKJGG8____6VCKJGG8&ts=1354548559
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=ST9250315AS_6VCKJGG8____6VCKJGG8&ts=1354548559
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=PL&userid=3a732a9b-54b2-4c4d-b4c6-be738cdd24bf&searchtype=ds&q={searchTerms}&installDate=04/04/2013
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=PL&userid=3a732a9b-54b2-4c4d-b4c6-be738cdd24bf&searchtype=ds&q={searchTerms}&installDate=04/04/2013
SearchScopes: HKLM - {5a15c091-f3c2-4c8f-8964-e3434a2a4a95} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZJ^xpt249^YY^pl&si=begin-download&ptb=ED147F04-8A39-4FE4-BF0D-CD9C6635E2FE&ind=2013062216&n=77fce448&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&affID=120665&babsrc=SP_ss_gin2g&mntrId=B89B0017C4161A04
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=PL&userid=3a732a9b-54b2-4c4d-b4c6-be738cdd24bf&searchtype=ds&q={searchTerms}&installDate=04/04/2013
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.v9.com/web/?q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&affID=120665&babsrc=SP_ss_gin2g&mntrId=B89B0017C4161A04
SearchScopes: HKCU - {5a15c091-f3c2-4c8f-8964-e3434a2a4a95} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZJ^xpt249^YY^pl&si=begin-download&ptb=ED147F04-8A39-4FE4-BF0D-CD9C6635E2FE&ind=2013062216&n=77fce448&psa=&st=sb&searchfor={searchTerms}
BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll No File
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll No File
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x]
S2 vToolbarUpdater13.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]
S2 Zwinky_5qService; C:\PROGRA~1\ZWINKY~2\bar\1.bin\5qbarsvc.exe [x]
S3 btaudio; system32\drivers\btaudio.sys [x]
S3 BTDriver; system32\DRIVERS\btport.sys [x]
S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [x]
S3 btwhid; system32\DRIVERS\btwhid.sys [x]
S3 catchme; \??\C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\catchme.sys [x]
S3 StarOpen; No ImagePath
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]
Reg: reg delete HKLM\SOFTWARE\Google\Chrome /f
Reg: reg delete HKCU\Software\Mozilla /f
Reg: reg delete HKCU\Software\MozillaPlugins /f
Reg: reg delete HKLM\SOFTWARE\Mozilla /f
Reg: reg delete HKLM\SOFTWARE\mozilla.org /f
Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f
Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search" /f
Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\Search" /f
Reg: reg delete "HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Search Bar" /f
Reg: reg delete "HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Search Page" /f
Reg: reg delete "HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Start Page" /f
Reg: reg delete "HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Search Bar" /f
Reg: reg delete "HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Search Page" /f
Reg: reg delete "HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Start Page" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Search" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Search" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
CMD: rd /s /q "C:\Documents and Settings\Karolina\Ustawienia lokalne\Dane aplikacji\Google\Chrome"
CMD: rd /s /q "C:\Documents and Settings\Karolina\Dane aplikacji\Mozilla"
CMD: rd /s /q "C:\Program Files\mozilla firefox"
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Zwinky Search Scope Monitor => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Zwinky_5q Browser Plugin Loader => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ForceClassicControlPanel => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value deleted successfully.
Default URLSearchHook was restored successfully .
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5a15c091-f3c2-4c8f-8964-e3434a2a4a95} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{5a15c091-f3c2-4c8f-8964-e3434a2a4a95} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5a15c091-f3c2-4c8f-8964-e3434a2a4a95} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{5a15c091-f3c2-4c8f-8964-e3434a2a4a95} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B} => Key deleted successfully.
HKCR\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => Value deleted successfully.
HKCR\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} => Key deleted successfully.
HKCR\PROTOCOLS\Handler\viprotocol => Key deleted successfully.
HKCR\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} => Key deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => Value deleted successfully.
HKCR\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => Key not found.
rpcapd => Service deleted successfully.
vToolbarUpdater13.2.0 => Service deleted successfully.
Zwinky_5qService => Service deleted successfully.
btaudio => Service deleted successfully.
BTDriver => Service deleted successfully.
BTWDNDIS => Service deleted successfully.
btwhid => Service deleted successfully.
catchme => Service deleted successfully.
StarOpen => Service deleted successfully.
UIUSys => Service deleted successfully.

========= reg delete HKLM\SOFTWARE\Google\Chrome /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete HKCU\Software\Mozilla /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete HKCU\Software\MozillaPlugins /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Mozilla /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\mozilla.org /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\MozillaPlugins /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKCU\Software\Microsoft\Internet Explorer\Search" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Search Bar" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Search Page" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Start Page" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Search Bar" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Search Page" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Start Page" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Search" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Search" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


=========  rd /s /q "C:\Documents and Settings\Karolina\Ustawienia lokalne\Dane aplikacji\Google\Chrome" =========


========= End of CMD: =========


=========  rd /s /q "C:\Documents and Settings\Karolina\Dane aplikacji\Mozilla" =========


========= End of CMD: =========


=========  rd /s /q "C:\Program Files\mozilla firefox" =========


========= End of CMD: =========


==== End of Fixlog ====