Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-02-2014 Ran by User at 2014-02-18 15:31:39 Run:1 Running from C:\Users\User\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD6400BEVT-80A0RT0_WD-WX91A20M1923M1923&ts=1373018424 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD6400BEVT-80A0RT0_WD-WX91A20M1923M1923&ts=1373018424 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD6400BEVT-80A0RT0_WD-WX91A20M1923M1923&ts=1373018424 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD6400BEVT-80A0RT0_WD-WX91A20M1923M1923&ts=1373018424 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD6400BEVT-80A0RT0_WD-WX91A20M1923M1923&ts=1373018424 URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.portaldosites.com/web/?utm_source=b&utm_medium=smt&from=smt&uid=WDCXWD6400BEVT-80A0RT0_WD-WX91A20M1923M1923&ts=0 SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.portaldosites.com/web/?utm_source=b&utm_medium=smt&from=smt&uid=WDCXWD6400BEVT-80A0RT0_WD-WX91A20M1923M1923&ts=0 SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.portaldosites.com/web/?utm_source=b&utm_medium=smt&from=smt&uid=WDCXWD6400BEVT-80A0RT0_WD-WX91A20M1923M1923&ts=0 SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.portaldosites.com/web/?utm_source=b&utm_medium=smt&from=smt&uid=WDCXWD6400BEVT-80A0RT0_WD-WX91A20M1923M1923&ts=0 SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678 SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.portaldosites.com/web/?utm_source=b&utm_medium=smt&from=smt&uid=WDCXWD6400BEVT-80A0RT0_WD-WX91A20M1923M1923&ts=0 SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&affID=113480&tt=010712_8&babsrc=SP_ss&mntrId=a2687bd0000000000000001e6452db5b SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.portaldosites.com/web/?utm_source=b&utm_medium=smt&from=smt&uid=WDCXWD6400BEVT-80A0RT0_WD-WX91A20M1923M1923&ts=0 SearchScopes: HKCU - {3D75CFDA-90BE-47D6-81C6-D175F1FDD23D} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=73F571C0-51BB-447E-B8C7-895D47EB2E67&apn_sauid=1C833577-204D-4081-A4EB-0F543669CFD2 SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678 SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb201/?search={searchTerms}&loc=IB_DS&a=6Oz0gQt0U0&i=26 BHO: FCB Fan Alert - {1fab2614-43cf-4092-926b-870379248f92} - C:\Program Files (x86)\FCB Fan Alert\FCB Fan Alert64.dll (FCB Live App) BHO-x32: FCB Fan Alert - {1fab2614-43cf-4092-926b-870379248f92} - C:\Program Files (x86)\FCB Fan Alert\FCB Fan Alert.dll (FCB Live App) Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2013-10-27] CHR HKLM-x32\...\Chrome\Extension: [dednnpigldgdbpgcdpfppmlcnnbjciel] - C:\Users\User\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx [2012-07-08] CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2012-07-08] CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - \User Data\Default\Extensions\newtab.crx [2013-08-22] CHR HKLM-x32\...\Chrome\Extension: [jhjjdgbhohaallcimgcmakfiobacimkm] - C:\Program Files (x86)\BuzzSearch\jhjjdgbhohaallcimgcmakfiobacimkm.crx [2013-08-22] CHR HKLM-x32\...\Chrome\Extension: [lpmkgpnbiojfaoklbkpfneikocaobfai] - C:\Users\User\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx [2011-09-21] R2 Update BuzzSearch; C:\Program Files (x86)\BuzzSearch\updateBuzzSearch.exe [80672 2014-02-13] () R2 Util BuzzSearch; C:\Program Files (x86)\BuzzSearch\bin\utilBuzzSearch.exe [80672 2014-02-13] () R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-08-22] (Taiwan Shui Mu Chih Ching Technology Limited.) S2 PCSpeedUpService; "C:\Program Files\Przyspiesz Komputer\PCSpeedUpService.exe" [X] S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X] HKU\S-1-5-21-2512552286-1395718817-1032304636-1000\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Task: {11898504-516A-476A-BFCB-9CB97BEB81DA} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe Task: {71410D7D-D6AD-431A-9ABE-44A58C9F889B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2512552286-1395718817-1032304636-1000UA => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {86AAF6CC-5B2A-4132-B6DA-4AD773680235} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2512552286-1395718817-1032304636-1000Core => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {E9B7C9B1-2B52-437B-A03F-FDAFBA50F5BE} - System32\Tasks\DealPly => C:\Users\User\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe [2013-03-19] () Task: {FA6945A4-B132-4218-BB9A-E65F47DD653B} - System32\Tasks\Omiga Plus RunAsStdUser => C:\Program Files (x86)\Omiga Plus\omigaplus.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2512552286-1395718817-1032304636-1000Core.job => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2512552286-1395718817-1032304636-1000UA.job => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe C:\ProgramData\dsgsdgdsgdsgw.reg C:\Users\User\AppData\Roaming\337 C:\Users\User\AppData\Roaming\DealPly C:\Users\User\AppData\Roaming\Desk 365 C:\Users\User\AppData\Roaming\eIntaller C:\Users\User\AppData\Roaming\eUpdate C:\Users\User\AppData\Roaming\Media Finder C:\Users\User\AppData\Roaming\Mozilla C:\Users\User\AppData\Roaming\Omiga Plus C:\Users\User\AppData\Roaming\OpenCandy Reg: reg delete HKCU\Software\Mozilla /f Reg: reg delete HKCU\Software\MozillaPlugins /f Reg: reg delete HKLM\SOFTWARE\MozillaPlugins /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\mozilla.org /f Reg: reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f ***************** HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} => Value deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully. HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully. HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully. HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3D75CFDA-90BE-47D6-81C6-D175F1FDD23D} => Key deleted successfully. HKCR\CLSID\{3D75CFDA-90BE-47D6-81C6-D175F1FDD23D} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully. HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key deleted successfully. HKCR\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key not found. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1fab2614-43cf-4092-926b-870379248f92} => Key deleted successfully. HKCR\CLSID\{1fab2614-43cf-4092-926b-870379248f92} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1fab2614-43cf-4092-926b-870379248f92} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{1fab2614-43cf-4092-926b-870379248f92} => Key deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Value deleted successfully. HKCR\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value deleted successfully. HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key not found. HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd => Key deleted successfully. "C:\Program Files\IB Updater\source.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel => Key deleted successfully. C:\Users\User\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx => Moved successfully. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd => Key deleted successfully. "C:\Program Files\IB Updater\source.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo => Key deleted successfully. \User Data\Default\Extensions\newtab.crx => Moved successfully. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jhjjdgbhohaallcimgcmakfiobacimkm => Key deleted successfully. "C:\Program Files (x86)\BuzzSearch\jhjjdgbhohaallcimgcmakfiobacimkm.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai => Key deleted successfully. "C:\Users\User\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx" => File/Directory not found. Update BuzzSearch => Service deleted successfully. Util BuzzSearch => Service deleted successfully. winzipersvc => Service deleted successfully. PCSpeedUpService => Service deleted successfully. pccsmcfd => Service deleted successfully. HKU\S-1-5-21-2512552286-1395718817-1032304636-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11898504-516A-476A-BFCB-9CB97BEB81DA} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11898504-516A-476A-BFCB-9CB97BEB81DA} => Key deleted successfully. C:\Windows\System32\Tasks\Desk 365 RunAsStdUser => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71410D7D-D6AD-431A-9ABE-44A58C9F889B} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71410D7D-D6AD-431A-9ABE-44A58C9F889B} => Key deleted successfully. C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2512552286-1395718817-1032304636-1000UA => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-2512552286-1395718817-1032304636-1000UA => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86AAF6CC-5B2A-4132-B6DA-4AD773680235} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86AAF6CC-5B2A-4132-B6DA-4AD773680235} => Key deleted successfully. C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2512552286-1395718817-1032304636-1000Core => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-2512552286-1395718817-1032304636-1000Core => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E9B7C9B1-2B52-437B-A03F-FDAFBA50F5BE} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9B7C9B1-2B52-437B-A03F-FDAFBA50F5BE} => Key deleted successfully. C:\Windows\System32\Tasks\DealPly => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPly => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA6945A4-B132-4218-BB9A-E65F47DD653B} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA6945A4-B132-4218-BB9A-E65F47DD653B} => Key deleted successfully. C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Omiga Plus RunAsStdUser => Key deleted successfully. C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2512552286-1395718817-1032304636-1000Core.job => Moved successfully. C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2512552286-1395718817-1032304636-1000UA.job => Moved successfully. C:\ProgramData\dsgsdgdsgdsgw.reg => Moved successfully. C:\Users\User\AppData\Roaming\337 => Moved successfully. C:\Users\User\AppData\Roaming\DealPly => Moved successfully. C:\Users\User\AppData\Roaming\Desk 365 => Moved successfully. C:\Users\User\AppData\Roaming\eIntaller => Moved successfully. C:\Users\User\AppData\Roaming\eUpdate => Moved successfully. C:\Users\User\AppData\Roaming\Media Finder => Moved successfully. C:\Users\User\AppData\Roaming\Mozilla => Moved successfully. C:\Users\User\AppData\Roaming\Omiga Plus => Moved successfully. C:\Users\User\AppData\Roaming\OpenCandy => Moved successfully. ========= reg delete HKCU\Software\Mozilla /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKCU\Software\MozillaPlugins /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\MozillaPlugins /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\Mozilla /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\mozilla.org /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Wow6432Node\MozillaPlugins /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= The system needs a manual reboot. ==== End of Fixlog ====