Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-03-2014 Ran by User at 2014-03-05 19:26:01 Run:1 Running from C:\Users\User\Desktop\diagnostyka\frst Boot Mode: Normal ============================================== Content of fixlist: ***************** Task: {0F804D91-FADE-429F-ADDA-0912D6E173A3} - System32\Tasks\EPUpdater => C:\Users\User\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-09-01] () Task: {2146A4C6-30F7-4FC3-A404-6432E1242E40} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-13] (BonanzaDeals) Task: {40006052-E31E-44A8-AACF-88BA212AAC75} - System32\Tasks\BitGuard => Sc.exe start BitGuard Task: {41ECC8E4-0EBE-422C-A43D-0ABEF2DAFB35} - System32\Tasks\BonanzaDealsUpdate => C:\Program Task: {ADF5D680-76C7-4479-84BD-E88C4D77F875} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-13] (BonanzaDeals) Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe HKLM-x32\...\Run: [] - [X] AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423&ts=1393436207&type=default&q={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1388682097&from=wpm0102&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1388682097&from=wpm0102&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423 HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.searchgol.com/?babsrc=HP_ss&mntrId=7CE6001E101F2C0E&affID=125035&tsp=5034 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423&ts=1393436207&type=default&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=1388682097&from=wpm0102&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1388682097&from=wpm0102&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1388682097&from=wpm0102&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=1388682097&from=wpm0102&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=1388682097&from=wpm0102&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1388682097&from=wpm0102&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1388682097&from=wpm0102&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=1388682097&from=wpm0102&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423&ts=1381687408 SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type=ds&ts=1388682097&from=wpm0102&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423&q={searchTerms} SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type=ds&ts=1388682097&from=wpm0102&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423&q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type=ds&ts=1388682097&from=wpm0102&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423&q={searchTerms} SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type=ds&ts=1388682097&from=wpm0102&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423&q={searchTerms} SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423&ts=1393436207&type=default&q={searchTerms} SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423&ts=1393436207&type=default&q={searchTerms} SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited) BHO-x32: searchgol Helper Object - {8F547BDD-FCD4-48F8-A06F-573D6F404A3C} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\bh\searchgol.dll (Montera Technologeis LTD) BHO-x32: BatBrowse - {b67b3dbb-c1c9-49d2-b016-2748b0b5017e} - C:\Program Files (x86)\BatBrowse\BatBrowsebho.dll (BatBrowse) BHO-x32: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals) Toolbar: HKLM-x32 - searchgol Toolbar - {00078E95-3A4A-4137-8DE7-2824908D1C17} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolTlbr.dll (Montera Technologeis LTD) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\delta-homes.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qvo6.xml FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=sc&from=wpm0226&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423&ts=1393436207 CHR HKLM-x32\...\Chrome\Extension: [aipfmkinhleccnodemkoofnnofpbbpac] - C:\Users\User\AppData\Roaming\BabSolution\CR\searchgol.crx [2013-10-13] CHR HKLM-x32\...\Chrome\Extension: [ccncljhbalbbkkfgopogabimepmfkmff] - C:\Program Files (x86)\BatBrowse\ccncljhbalbbkkfgopogabimepmfkmff.crx [2013-10-22] CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2013-10-13] CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26] CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=sc&from=wpm0226&uid=WDCXWD5000AZRX-00A8LB0_WD-WCC1U469242392423&ts=1393436207 S3 gdrv; \??\C:\Windows\gdrv.sys [X] C:\Program Files (x86)\WinZipper C:\Users\User\AppData\Roaming\WinZipper C:\Program Files (x86)\SupTab C:\Users\User\AppData\Roaming\SupTab C:\ProgramData\IePluginService C:\Users\User\Downloads\Unity(20699).exe ***************** HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F804D91-FADE-429F-ADDA-0912D6E173A3} => Key not found. C:\Windows\System32\Tasks\EPUpdater not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2146A4C6-30F7-4FC3-A404-6432E1242E40} => Key not found. C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineUA => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40006052-E31E-44A8-AACF-88BA212AAC75} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40006052-E31E-44A8-AACF-88BA212AAC75} => Key deleted successfully. C:\Windows\System32\Tasks\BitGuard => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BitGuard => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41ECC8E4-0EBE-422C-A43D-0ABEF2DAFB35} => Key not found. C:\Windows\System32\Tasks\BonanzaDealsUpdate not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsUpdate => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADF5D680-76C7-4479-84BD-E88C4D77F875} => Key not found. C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineCore => Key not found. C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job not found. C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job not found. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully. "c:\\progra~3\\bitguard\\271769~1.27\\{c16c1~1\\loader.dll" => Value Data removed successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\bProtector Start Page => Value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully. HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully. HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Key deleted successfully. HKCR\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} => Key not found. HKCR\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8F547BDD-FCD4-48F8-A06F-573D6F404A3C} => Key not found. HKCR\Wow6432Node\CLSID\{8F547BDD-FCD4-48F8-A06F-573D6F404A3C} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b67b3dbb-c1c9-49d2-b016-2748b0b5017e} => Key not found. HKCR\Wow6432Node\CLSID\{b67b3dbb-c1c9-49d2-b016-2748b0b5017e} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fe063412-bea4-4d76-8ed3-183be6220d17} => Key not found. HKCR\Wow6432Node\CLSID\{fe063412-bea4-4d76-8ed3-183be6220d17} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{00078E95-3A4A-4137-8DE7-2824908D1C17} => Value not found. HKCR\Wow6432Node\CLSID\{00078E95-3A4A-4137-8DE7-2824908D1C17} => Key not found. "C:\Program Files (x86)\mozilla firefox\searchplugins\delta-homes.xml" => not found. C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qvo6.xml => Moved successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Value was restored successfully. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aipfmkinhleccnodemkoofnnofpbbpac => Key not found. "C:\Users\User\AppData\Roaming\BabSolution\CR\searchgol.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ccncljhbalbbkkfgopogabimepmfkmff => Key not found. "C:\Program Files (x86)\BatBrowse\ccncljhbalbbkkfgopogabimepmfkmff.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo => Key deleted successfully. C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx => Moved successfully. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo => Key deleted successfully. C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx => Moved successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => Value was restored successfully. gdrv => Service deleted successfully. C:\Program Files (x86)\WinZipper => Moved successfully. C:\Users\User\AppData\Roaming\WinZipper => Moved successfully. C:\Program Files (x86)\SupTab => Moved successfully. C:\Users\User\AppData\Roaming\SupTab => Moved successfully. C:\ProgramData\IePluginService => Moved successfully. "C:\Users\User\Downloads\Unity(20699).exe" => File/Directory not found. ==== End of Fixlog ====