Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014  01
Ran by Domunuta at 2014-04-12 21:23:06 Run:1
Running from C:\FRST
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
(TODO: <Company name>) C:\Users\Domunuta\AppData\Local\ConvertAd\ConvertAd.exe
() C:\Users\Domunuta\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe
() C:\Program Files\LinkSwift\bin\utilLinkSwift.exe
() C:\Program Files\LinkSwift\updateLinkSwift.exe
HKLM\...\Run: [ConvertAd] - C:\Users\Domunuta\AppData\Local\ConvertAd\ConvertAd.exe [1776640 2013-09-30] (TODO: <Company name>)
HKU\S-1-5-21-3867551667-1530956314-2525137787-1001\...\Run: [Softonic for Windows] - C:\Users\Domunuta\AppData\Local\Softonic\Softonic.exe [4144112 2014-02-11] (Softonic)
S2 bonanzadealslive; C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-09-16] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-09-16] (BonanzaDeals)
R2 DefaultTabUpdate; C:\Users\Domunuta\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe [107520 2013-11-12] ()
R2 Update LinkSwift; C:\Program Files\LinkSwift\updateLinkSwift.exe [350496 2014-04-08] ()
R2 Util LinkSwift; C:\Program Files\LinkSwift\bin\utilLinkSwift.exe [350496 2014-04-08] ()
Task: {0E7110F2-DC41-4A03-8FC2-88D67BB222E8} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-09-16] (BonanzaDeals) <==== ATTENTION
Task: {1F136746-1F52-4C30-838E-BA6DF35D26BA} - System32\Tasks\DTReg => C:\Users\Domunuta\AppData\Roaming\defaulttab\defaulttab\DTReg.exe [2014-02-06] (Search Results, LLC) <==== ATTENTION
Task: {286623BA-1D20-4AAD-8CC2-D1D6B44B4376} - System32\Tasks\BonanzaDealsUpdate => C:\Program <==== ATTENTION
Task: {7E1E35BD-7B5B-44D6-B224-5C368177E4D4} - System32\Tasks\Norton Security Scan for Domunuta => C:\Program Files\Norton Security Scan\Engine\4.0.1.16\Nss.exe [2013-05-07] (Symantec Corporation)
Task: {AFA52EAB-2B54-49CE-AEA5-4DBA54F5F05D} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-09-16] (BonanzaDeals) <==== ATTENTION
Task: {E695ABB6-F2DA-4801-89CE-0C7326D9E445} - System32\Tasks\EPUpdater => C:\Users\Domunuta\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-08-04] () <==== ATTENTION
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\Norton Security Scan for Domunuta.job => C:\PROGRA~1\NORTON~2\Engine\401~1.16\Nss.exe
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://start.qone8.com/?type=sc&ts=1382507543&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXA1A10F9699F9699
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://start.qone8.com/?type=sc&ts=1382507543&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXA1A10F9699F9699
ShortcutWithArgument: C:\Users\Domunuta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://start.qone8.com/?type=sc&ts=1382507543&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXA1A10F9699F9699
ShortcutWithArgument: C:\Users\Domunuta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://start.qone8.com/?type=sc&ts=1382507543&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXA1A10F9699F9699
ShortcutWithArgument: C:\Users\Domunuta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://start.qone8.com/?type=sc&ts=1382507543&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXA1A10F9699F9699
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mysearchresults.com/?c=3524&t=01
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1382507543&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXA1A10F9699F9699
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1382507543&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXA1A10F9699F9699
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.qone8.com/?type=hp&ts=1382507543&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXA1A10F9699F9699
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1382507543&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXA1A10F9699F9699
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1382507543&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXA1A10F9699F9699&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://start.qone8.com/web/?type=ds&ts=1382507543&from=cor&uid=WDCXWD3200BEVT-22ZCT0_WD-WXA1A10F9699F9699&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=22760C6076C5A678&affID=120695&tsp=4995
SearchScopes: HKCU - {69AACB7B-1D29-44CD-B7A1-ADCCFFFBDF23} URL = http://www.mysearchresults.com/search?c=3524&t=01&q={searchTerms}
BHO: LinkSwift - {323420b6-65e5-4657-8106-a27392d4d4aa} - C:\Program Files\LinkSwift\LinkSwiftBHO.dll (LinkSwift)
BHO: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Domunuta\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll (Search Results LLC.)
BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.24.6\bh\delta.dll (Delta-search.com)
BHO: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.24.6\deltaTlbr.dll (Delta-search.com)
FF Plugin: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\qone8.xml
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Domunuta\AppData\Roaming\BabSolution\CR\Delta.crx [2013-09-04]
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Domunuta\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files\DefaultTab\DefaultTab.crx [2013-10-07]
CHR HKLM\...\Chrome\Extension: [odpccdgkmiicgocepijnaeihjnjnomca] - C:\Program Files\LinkSwift\odpccdgkmiicgocepijnaeihjnjnomca.crx [2014-02-01]
C:\Program Files\mozilla firefox\plugins
C:\Users\Domunuta\AppData\Roaming\AVG2013
C:\Users\Domunuta\AppData\Roaming\BabSolution
C:\Users\Domunuta\AppData\Roaming\systweak
C:\Users\Domunuta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
C:\Users\Domunuta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
C:\Users\Domunuta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softonic
C:\Users\Domunuta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mobogenie.lnk
C:\Users\Domunuta\Desktop\Mobogenie.lnk
C:\Users\Domunuta\Desktop\Softonic.lnk
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Google\Extensions\cekcjpgehmohobmdiikfnopibipmgnml /f
Reboot:
*****************

[2732] C:\Users\Domunuta\AppData\Local\ConvertAd\ConvertAd.exe => Process closed successfully.
[1984] C:\Users\Domunuta\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe => Process closed successfully.
[2076] C:\Program Files\LinkSwift\bin\utilLinkSwift.exe => Process closed successfully.
[1964] C:\Program Files\LinkSwift\updateLinkSwift.exe => Process closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ConvertAd => Value deleted successfully.
HKU\S-1-5-21-3867551667-1530956314-2525137787-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Softonic for Windows => Value deleted successfully.
bonanzadealslive => Service deleted successfully.
bonanzadealslivem => Service deleted successfully.
DefaultTabUpdate => Service deleted successfully.
Update LinkSwift => Service stopped successfully.
Update LinkSwift => Service deleted successfully.
Util LinkSwift => Service deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0E7110F2-DC41-4A03-8FC2-88D67BB222E8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E7110F2-DC41-4A03-8FC2-88D67BB222E8} => Key deleted successfully.
C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineCore => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F136746-1F52-4C30-838E-BA6DF35D26BA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F136746-1F52-4C30-838E-BA6DF35D26BA} => Key deleted successfully.
C:\Windows\System32\Tasks\DTReg => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DTReg => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{286623BA-1D20-4AAD-8CC2-D1D6B44B4376} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{286623BA-1D20-4AAD-8CC2-D1D6B44B4376} => Key deleted successfully.
C:\Windows\System32\Tasks\BonanzaDealsUpdate => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E1E35BD-7B5B-44D6-B224-5C368177E4D4} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E1E35BD-7B5B-44D6-B224-5C368177E4D4} => Key deleted successfully.
C:\Windows\System32\Tasks\Norton Security Scan for Domunuta => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Security Scan for Domunuta => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AFA52EAB-2B54-49CE-AEA5-4DBA54F5F05D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFA52EAB-2B54-49CE-AEA5-4DBA54F5F05D} => Key deleted successfully.
C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineUA => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E695ABB6-F2DA-4801-89CE-0C7326D9E445} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E695ABB6-F2DA-4801-89CE-0C7326D9E445} => Key deleted successfully.
C:\Windows\System32\Tasks\EPUpdater => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater => Key deleted successfully.
C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\Norton Security Scan for Domunuta.job => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Shortcut argument was removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk => Shortcut argument was removed successfully.
C:\Users\Domunuta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => Shortcut argument was restored successfully.
C:\Users\Domunuta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk => Shortcut argument was removed successfully.
C:\Users\Domunuta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk => Shortcut argument was removed successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{69AACB7B-1D29-44CD-B7A1-ADCCFFFBDF23} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{69AACB7B-1D29-44CD-B7A1-ADCCFFFBDF23} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{323420b6-65e5-4657-8106-a27392d4d4aa} => Key deleted successfully.
HKCR\CLSID\{323420b6-65e5-4657-8106-a27392d4d4aa} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} => Key deleted successfully.
HKCR\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} => Key deleted successfully.
HKCR\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fe063412-bea4-4d76-8ed3-183be6220d17} => Key deleted successfully.
HKCR\CLSID\{fe063412-bea4-4d76-8ed3-183be6220d17} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{82E1477C-B154-48D3-9891-33D83C26BCD3} => Value deleted successfully.
HKCR\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} => Key deleted successfully.
HKLM\Software\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3 => Key deleted successfully.
C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll => Moved successfully.
HKLM\Software\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9 => Key deleted successfully.
C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll not found.
C:\Program Files\mozilla firefox\browser\searchplugins\qone8.xml => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde => Key deleted successfully.
C:\Users\Domunuta\AppData\Roaming\BabSolution\CR\Delta.crx => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo => Key deleted successfully.
"C:\Users\Domunuta\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc => Key deleted successfully.
C:\Program Files\DefaultTab\DefaultTab.crx => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\odpccdgkmiicgocepijnaeihjnjnomca => Key deleted successfully.
"C:\Program Files\LinkSwift\odpccdgkmiicgocepijnaeihjnjnomca.crx" => File/Directory not found.
C:\Program Files\Mozilla Firefox\plugins => Moved successfully.
C:\Users\Domunuta\AppData\Roaming\AVG2013 => Moved successfully.
C:\Users\Domunuta\AppData\Roaming\BabSolution => Moved successfully.
C:\Users\Domunuta\AppData\Roaming\systweak => Moved successfully.
C:\Users\Domunuta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals => Moved successfully.
C:\Users\Domunuta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie => Moved successfully.
C:\Users\Domunuta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softonic => Moved successfully.
C:\Users\Domunuta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mobogenie.lnk => Moved successfully.
C:\Users\Domunuta\Desktop\Mobogenie.lnk => Moved successfully.
C:\Users\Domunuta\Desktop\Softonic.lnk => Moved successfully.

========= reg delete HKLM\SOFTWARE\Wow6432Node\Google\Extensions\cekcjpgehmohobmdiikfnopibipmgnml /f =========

Bť¤D: System nie znalazˆ w rejestrze okre˜lonego klucza albo warto˜ci.


========= End of Reg: =========



The system needed a reboot. 

==== End of Fixlog ====