Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-02-2014
Ran by emilka at 2014-02-17 20:30:33 Run:1
Running from C:\Users\emilka\Downloads\frst
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
U2 PirritDesktop; C:\Users\emilka\AppData\Local\PirritSuggestor\PirritService.exe [52568 2014-02-14] ()
HKU\S-1-5-21-3544907729-79745975-248323759-1000\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\emilka\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=http://127.0.0.1:9880
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds&ts=1388414460&from=vtt&uid=MaxtorX6V160E0_V308J74G&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nationzoom.com/?type=hp&ts=1388414460&from=vtt&uid=MaxtorX6V160E0_V308J74G
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nationzoom.com/?type=hp&ts=1388414460&from=vtt&uid=MaxtorX6V160E0_V308J74G
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1388414460&from=vtt&uid=MaxtorX6V160E0_V308J74G&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {D03DD2F8-DDAB-4001-BCCB-40F5B5344C9C} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms}
BHO-x32: No Name - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - No File
ShellExecuteHooks-x32: - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
Task: {050C85C8-2AEF-4C34-A51D-FF6EA06BE523} - \Desk 365 RunAsStdUser No Task File
Task: {6AC182F9-19BB-41A2-A3AD-2A7323818093} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: {891F179E-CC62-4DBA-80E3-F9B187EFCD40} - System32\Tasks\SaveSense => C:\Users\emilka\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {984D318A-05BC-433D-8794-013F2F2788F2} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: {AE3DEF54-DC25-4CE7-834B-13BA83A9AA23} - System32\Tasks\{7A7FD674-9B71-44F0-A3A7-B82638E8CE80} => c:\program files (x86)\opera\opera.exe
Task: {EFC826C7-A9AD-46E6-8423-D447FC759D06} - \LaunchApp No Task File
S3 REMOVE; \??\C:\Windows\system32\drivers\REMOVE.SYS [X]
C:\Users\emilka\*.exe
C:\Users\emilka\*.dll
C:\Users\emilka\AppData\Local\PirritSuggestor
C:\Users\emilka\AppData\Roaming\3909
C:\Users\emilka\AppData\Roaming\newnext.me
Reg: reg delete "HKCU\Software\Microsoft\Internet Explorer\Search" /f
Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search" /f
*****************

PirritDesktop => Service deleted successfully.
HKU\S-1-5-21-3544907729-79745975-248323759-1000\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D03DD2F8-DDAB-4001-BCCB-40F5B5344C9C} => Key deleted successfully.
HKCR\CLSID\{D03DD2F8-DDAB-4001-BCCB-40F5B5344C9C} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => Key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin => Key deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{050C85C8-2AEF-4C34-A51D-FF6EA06BE523} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{050C85C8-2AEF-4C34-A51D-FF6EA06BE523} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6AC182F9-19BB-41A2-A3AD-2A7323818093} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AC182F9-19BB-41A2-A3AD-2A7323818093} => Key deleted successfully.
C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SaveSenseLiveUpdateTaskMachineCore => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{891F179E-CC62-4DBA-80E3-F9B187EFCD40} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{891F179E-CC62-4DBA-80E3-F9B187EFCD40} => Key deleted successfully.
C:\Windows\System32\Tasks\SaveSense => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SaveSense => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{984D318A-05BC-433D-8794-013F2F2788F2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{984D318A-05BC-433D-8794-013F2F2788F2} => Key deleted successfully.
C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SaveSenseLiveUpdateTaskMachineUA => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE3DEF54-DC25-4CE7-834B-13BA83A9AA23} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE3DEF54-DC25-4CE7-834B-13BA83A9AA23} => Key deleted successfully.
C:\Windows\System32\Tasks\{7A7FD674-9B71-44F0-A3A7-B82638E8CE80} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7A7FD674-9B71-44F0-A3A7-B82638E8CE80} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EFC826C7-A9AD-46E6-8423-D447FC759D06} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFC826C7-A9AD-46E6-8423-D447FC759D06} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchApp => Key deleted successfully.
REMOVE => Service deleted successfully.
C:\Users\emilka\*.exe => Moved successfully.
C:\Users\emilka\*.dll => Moved successfully.
C:\Users\emilka\AppData\Local\PirritSuggestor => Moved successfully.
C:\Users\emilka\AppData\Roaming\3909 => Moved successfully.
C:\Users\emilka\AppData\Roaming\newnext.me => Moved successfully.

========= reg delete "HKCU\Software\Microsoft\Internet Explorer\Search" /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search" /f =========

The operation completed successfully.



========= End of Reg: =========


==== End of Fixlog ====