Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013
Ran by arekw77 at 2013-10-14 14:04:16 Run:1
Running from C:\Users\arekw77\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKCU\...\Run: [NTRedirect] - C:\windows\SysWOW64\rundll32.exe "C:\Users\arekw77\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run
HKLM-x32\...\Run: [tuto4pc_pl_16] - [x]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9FCC07854&ts=1381741559
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9FCC07854&ts=1381741559
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9FCC07854&ts=1381741559
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9FCC07854&ts=1381741559
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9FCC07854&ts=1381741559
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9FCC07854&ts=1381741559
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9FCC07854&ts=1381741559
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9FCC07854&ts=1381741559&type=default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9FCC07854&ts=1381741559&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9FCC07854&ts=1381741559&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9FCC07854&ts=1381741559&type=default&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9FCC07854&ts=1381741559&type=default&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=16E7CAF73313FF93&affID=119357&tsp=4975
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9FCC07854&ts=1381741559&type=default&q={searchTerms}
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9FCC07854&ts=1381741559
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9FCC07854&ts=1381741559
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\arekw77\AppData\Roaming\BabSolution\CR\Delta.crx
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\arekw77\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: {08DF1242-74D0-44C4-86FF-99C542A13CCF} - System32\Tasks\EPUpdater => C:\Users\arekw77\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-08-04] ()
Task: {4E19DDF5-3BB0-4B89-A8E3-4BEFB5E42D9A} - System32\Tasks\DigitalSite => C:\Users\arekw77\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {6D7CF1A1-1B90-4003-BCC7-A211AD4E25F8} - System32\Tasks\QtraxPlayer => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2013-09-13] (Microsoft Corporation)
Task: {7E3CEC02-8123-4E44-AC6C-86A6BD8DD516} - System32\Tasks\BonanzaDealsUpdate => C:\Program
Task: {D06D6490-FF7C-4231-B481-6B08408D384E} - System32\Tasks\Dealply => C:\Users\arekw77\AppData\Roaming\Dealply\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {F9C15E7E-CE7E-4E08-A35D-1F8F2F7335A7} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-14] (BonanzaDeals)
Task: {FB35A378-FFFD-4EAD-B441-5E4F665910D9} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-14] (BonanzaDeals)
Task: C:\windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\windows\Tasks\Dealply.job => C:\Users\arekw77\AppData\Roaming\Dealply\UpdateProc\UpdateTask.exe
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-14] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-14] (BonanzaDeals)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [1706064 2013-10-14] (Wsys Co., Ltd.)
S3 SBIOSIO; \??\C:\Windows\Temp\SBIOSIO64.SYS [x]
S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [x]
C:\Users\arekw77\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
C:\Users\arekw77\AppData\Roaming\BabSolution
C:\Users\arekw77\AppData\Roaming\Babylon
C:\Users\arekw77\AppData\Roaming\Dealply
C:\Users\arekw77\AppData\Roaming\Delta
C:\Users\arekw77\AppData\Roaming\DigitalSite
C:\Users\arekw77\AppData\Roaming\DSite
C:\Users\arekw77\Desktop\DownloadAcceleratorSetup.exe
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\NTRedirect => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\tuto4pc_pl_16 => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Value was restored successfully.
"C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml" => not found.
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde => Key not found.
"C:\Users\arekw77\AppData\Roaming\BabSolution\CR\Delta.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo => Key not found.
C:\Users\arekw77\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx => Moved successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08DF1242-74D0-44C4-86FF-99C542A13CCF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08DF1242-74D0-44C4-86FF-99C542A13CCF} => Key deleted successfully.
C:\Windows\System32\Tasks\EPUpdater not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E19DDF5-3BB0-4B89-A8E3-4BEFB5E42D9A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E19DDF5-3BB0-4B89-A8E3-4BEFB5E42D9A} => Key deleted successfully.
C:\Windows\System32\Tasks\DigitalSite not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DigitalSite => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D7CF1A1-1B90-4003-BCC7-A211AD4E25F8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D7CF1A1-1B90-4003-BCC7-A211AD4E25F8} => Key deleted successfully.
C:\Windows\System32\Tasks\QtraxPlayer not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\QtraxPlayer => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E3CEC02-8123-4E44-AC6C-86A6BD8DD516} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E3CEC02-8123-4E44-AC6C-86A6BD8DD516} => Key deleted successfully.
C:\Windows\System32\Tasks\BonanzaDealsUpdate => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D06D6490-FF7C-4231-B481-6B08408D384E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D06D6490-FF7C-4231-B481-6B08408D384E} => Key deleted successfully.
C:\Windows\System32\Tasks\Dealply not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F9C15E7E-CE7E-4E08-A35D-1F8F2F7335A7} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9C15E7E-CE7E-4E08-A35D-1F8F2F7335A7} => Key deleted successfully.
C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineCore => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB35A378-FFFD-4EAD-B441-5E4F665910D9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB35A378-FFFD-4EAD-B441-5E4F665910D9} => Key deleted successfully.
C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineUA => Key deleted successfully.
C:\windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\Dealply.job not found.
bonanzadealslive => Service not found.
bonanzadealslivem => Service not found.
PanService => Service deleted successfully.
WsysSvc => Service not found.
SBIOSIO => Service deleted successfully.
TVICPORT => Service deleted successfully.
"C:\Users\arekw77\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z" => File/Directory not found.
"C:\Users\arekw77\AppData\Roaming\BabSolution" => File/Directory not found.
"C:\Users\arekw77\AppData\Roaming\Babylon" => File/Directory not found.
"C:\Users\arekw77\AppData\Roaming\Dealply" => File/Directory not found.
"C:\Users\arekw77\AppData\Roaming\Delta" => File/Directory not found.
"C:\Users\arekw77\AppData\Roaming\DigitalSite" => File/Directory not found.
"C:\Users\arekw77\AppData\Roaming\DSite" => File/Directory not found.
C:\Users\arekw77\Desktop\DownloadAcceleratorSetup.exe => Moved successfully.


The system needs a manual reboot. 

==== End of Fixlog ====