Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-05-2014 Ran by WIECZORECZKI at 2014-05-02 23:32:37 Run:1 Running from C:\Users\WIECZORECZKI\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** (Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED) S2 Update WebSpades; "C:\Program Files (x86)\WebSpades\updateWebSpades.exe" [X] U3 BcmSqlStartupSvc; U2 IviRegMgr; U2 RichVideo; U3 SQLWriter; HKLM-x32\...\Run: [] => [X] HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKLM\...\Policies\Explorer: [NoFolderOptions] 0 Task: {1667B1D9-00E7-4A1B-802E-752B7C7A631B} - System32\Tasks\711bd280-00bb-4a68-b469-95176701eb0f-4 => C:\Program Files (x86)\FreeHD-Sport TV V9.0\711bd280-00bb-4a68-b469-95176701eb0f-4.exe Task: {846548C0-B959-4D7E-A54C-9A8AA9EA273C} - System32\Tasks\711bd280-00bb-4a68-b469-95176701eb0f-1 => C:\Program Files (x86)\FreeHD-Sport TV V9.0\FreeHD-Sport TV V9.0-codedownloader.exe Task: {DF5FBBCB-C339-4AA1-B4D8-8863B1A33BB9} - System32\Tasks\711bd280-00bb-4a68-b469-95176701eb0f-3 => C:\Program Files (x86)\FreeHD-Sport TV V9.0\711bd280-00bb-4a68-b469-95176701eb0f-3.exe Task: {F811DF53-895A-4F28-952C-EFD73C9B99D4} - System32\Tasks\{FB1EB8AF-ABC6-478B-97C6-3F3B8652C20A} => Chrome.exe http://ui.skype.com/ui/0/6.3.59.105/pl/abandoninstall?page=tsBing Task: C:\windows\Tasks\711bd280-00bb-4a68-b469-95176701eb0f-1.job => C:\Program Files (x86)\FreeHD-Sport TV V9.0\FreeHD-Sport TV V9.0-codedownloader.exe Task: C:\windows\Tasks\711bd280-00bb-4a68-b469-95176701eb0f-3.job => C:\Program Files (x86)\FreeHD-Sport TV V9.0\711bd280-00bb-4a68-b469-95176701eb0f-3.exe Task: C:\windows\Tasks\711bd280-00bb-4a68-b469-95176701eb0f-4.job => C:\Program Files (x86)\FreeHD-Sport TV V9.0\711bd280-00bb-4a68-b469-95176701eb0f-4.exe ShortcutWithArgument: C:\Users\WIECZORECZKI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://start.qone8.com/?type=sc&ts=1398797844&from=ild&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A40E7916E7916 ShortcutWithArgument: C:\Users\WIECZORECZKI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://start.qone8.com/?type=sc&ts=1398797844&from=ild&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A40E7916E7916 ShortcutWithArgument: C:\Users\WIECZORECZKI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://start.qone8.com/?type=sc&ts=1398797844&from=ild&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A40E7916E7916 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1398797844&from=ild&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A40E7916E7916 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.qone8.com/web/?type=ds&ts=1398797844&from=ild&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A40E7916E7916&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1398797844&from=ild&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A40E7916E7916 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.qone8.com/web/?type=ds&ts=1398797844&from=ild&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A40E7916E7916&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.qone8.com/web/?type=ds&ts=1398797844&from=ild&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A40E7916E7916&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1398797844&from=ild&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A40E7916E7916 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.qone8.com/web/?type=ds&ts=1398797844&from=ild&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A40E7916E7916&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1398797844&from=ild&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A40E7916E7916 SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.qone8.com/web/?type=ds&ts=1398797844&from=ild&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A40E7916E7916&q={searchTerms} SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.qone8.com/web/?type=ds&ts=1398797844&from=ild&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A40E7916E7916&q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.qone8.com/web/?type=ds&ts=1398797844&from=ild&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A40E7916E7916&q={searchTerms} SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.qone8.com/web/?type=ds&ts=1398797844&from=ild&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A40E7916E7916&q={searchTerms} SearchScopes: HKCU - DefaultScope {E613F2CF-288A-42B9-8D47-D4E572DCE99A} URL = http://www.google.com/search?hl=pl&q={searchTerms} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchTerms}&affID=119776&tt=100313_9111pl&babsrc=SP_ss&mntrId=E08F002682B13EEB SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.qone8.com/web/?type=ds&ts=1398797844&from=ild&uid=WDCXWD5000BEVT-24A0RT0_WD-WX41A40E7916E7916&q={searchTerms} BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited) Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL No File Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL No File FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 C:\Program Files (x86)\SupTab C:\ProgramData\IePluginService C:\ProgramData\WPM C:\Users\WIECZORECZKI\AppData\Roaming\Babylon C:\Users\WIECZORECZKI\AppData\Roaming\ESET C:\Users\WIECZORECZKI\AppData\Roaming\Mozilla C:\Users\WIECZORECZKI\AppData\Roaming\SupTab C:\windows\SysWow64\unrar.dll Reboot: ***************** [1184] C:\ProgramData\IePluginService\PluginService.exe => Process closed successfully. IePluginService => Service deleted successfully. Update WebSpades => Service deleted successfully. BcmSqlStartupSvc => Service deleted successfully. IviRegMgr => Service deleted successfully. RichVideo => Service deleted successfully. SQLWriter => Service deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => Value deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => Value deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1667B1D9-00E7-4A1B-802E-752B7C7A631B} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1667B1D9-00E7-4A1B-802E-752B7C7A631B} => Key deleted successfully. C:\Windows\System32\Tasks\711bd280-00bb-4a68-b469-95176701eb0f-4 => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\711bd280-00bb-4a68-b469-95176701eb0f-4 => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{846548C0-B959-4D7E-A54C-9A8AA9EA273C} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{846548C0-B959-4D7E-A54C-9A8AA9EA273C} => Key deleted successfully. C:\Windows\System32\Tasks\711bd280-00bb-4a68-b469-95176701eb0f-1 => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\711bd280-00bb-4a68-b469-95176701eb0f-1 => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DF5FBBCB-C339-4AA1-B4D8-8863B1A33BB9} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF5FBBCB-C339-4AA1-B4D8-8863B1A33BB9} => Key deleted successfully. C:\Windows\System32\Tasks\711bd280-00bb-4a68-b469-95176701eb0f-3 => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\711bd280-00bb-4a68-b469-95176701eb0f-3 => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F811DF53-895A-4F28-952C-EFD73C9B99D4} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F811DF53-895A-4F28-952C-EFD73C9B99D4} => Key deleted successfully. C:\Windows\System32\Tasks\{FB1EB8AF-ABC6-478B-97C6-3F3B8652C20A} => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FB1EB8AF-ABC6-478B-97C6-3F3B8652C20A} => Key deleted successfully. C:\windows\Tasks\711bd280-00bb-4a68-b469-95176701eb0f-1.job => Moved successfully. C:\windows\Tasks\711bd280-00bb-4a68-b469-95176701eb0f-3.job => Moved successfully. C:\windows\Tasks\711bd280-00bb-4a68-b469-95176701eb0f-4.job => Moved successfully. C:\Users\WIECZORECZKI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Shortcut argument was removed successfully. C:\Users\WIECZORECZKI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => Shortcut argument was restored successfully. C:\Users\WIECZORECZKI\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Shortcut argument was removed successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully. HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully. HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully. HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} => Key deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully. HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found. HKCR\Wow6432Node\PROTOCOLS\Handler\livecall => Key deleted successfully. HKCR\Wow6432Node\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => Key deleted successfully. HKCR\Wow6432Node\PROTOCOLS\Handler\msnim => Key deleted successfully. HKCR\Wow6432Node\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => Key not found. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\smartwebprinting@hp.com => Value deleted successfully. HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => Value deleted successfully. HKCU\Software\Mozilla\Firefox\Extensions\\smartwebprinting@hp.com => Value deleted successfully. C:\Program Files (x86)\SupTab => Moved successfully. C:\ProgramData\IePluginService => Moved successfully. C:\ProgramData\WPM => Moved successfully. C:\Users\WIECZORECZKI\AppData\Roaming\Babylon => Moved successfully. C:\Users\WIECZORECZKI\AppData\Roaming\ESET => Moved successfully. C:\Users\WIECZORECZKI\AppData\Roaming\Mozilla => Moved successfully. C:\Users\WIECZORECZKI\AppData\Roaming\SupTab => Moved successfully. C:\windows\SysWow64\unrar.dll => Moved successfully. The system needed a reboot. ==== End of Fixlog ====