Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-10-2014 01
Ran by USER at 2014-10-09 17:43:28 Run:1
Running from G:\Znajomi\robak\FRST\step1
Loaded Profile: USER (Available profiles: USER & UpdatusUser)
Boot Mode: Safe Mode (minimal)
==============================================

Content of fixlist:
*****************
CloseProcesses:
HKU\S-1-5-21-4198088824-986625612-194678947-1000\...\Winlogon: [Shell] C:\Users\USER\AppData\Roaming\cache.dat [59392 2014-10-06] () <==== ATTENTION
HKLM-x32\...\Run: [NetPanel] => C:\Program Files\NetPanel\Starter.exe [218112 2014-09-18] (Gemius)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [738496 2013-10-20] ()
S2 IBUpdaterService; C:\ProgramData\IBUpdaterService\ibsvc.exe [635232 2012-11-25] ()
S2 Update Mega Browse; "C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe" [X] <==== ATTENTION
S2 Util Mega Browse; "C:\Program Files (x86)\Mega Browse\bin\utilMegaBrowse.exe" [X] <==== ATTENTION
S1 {29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64; C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64.sys [61120 2014-04-24] (StdLib)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKCU - 186B9D0CEAFE4F158CC880120A871807 URL = http://search.babylon.com/?q={searchTerms}&affID=110819&tt=2912_2&babsrc=SP_ss&mntrId=f2cea5fa00000000000020cf30608399
BHO-x32: Giant Savings -> {11111111-1111-1111-1111-110011441179} -> C:\Program Files (x86)\Giant Savings\Giant Savings.dll (215 Apps)
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
BHO-x32: Internet Panel -> {CE7C3CF0-4B15-11D1-ABED-709549C10000} -> C:\Program Files\NetPanel\IEHelper.dll (Gemius)
FF HKCU\...\Firefox\Extensions: [gemgecko@gemius.com] - C:\Program Files\NetPanel\gemgecko_ext
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\USER\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx [2012-06-27]
CHR HKLM-x32\...\Chrome\Extension: [ndkhncnongaclekkbelchmeafffimifj] - C:\Users\USER\AppData\Local\Giant Savings\Chrome\Giant Savings.crx [2012-05-31]
CustomCLSID: HKU\S-1-5-21-4198088824-986625612-194678947-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4198088824-986625612-194678947-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Task: {1A5FED24-4875-4532-9C0E-B25D32F42BFF} - System32\Tasks\PC Performer_DEFAULT => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2012-03-14] (PerformerSoft LLC) <==== ATTENTION
Task: {5260A715-028E-4F51-A32A-597287655380} - System32\Tasks\PC Performer_UPDATES => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2012-03-14] (PerformerSoft LLC) <==== ATTENTION
Task: {A3DD69EB-22DC-4130-A0F2-A11D909842AA} - System32\Tasks\{D2F8D5A2-8007-4702-BC31-9BC7D846D7E3} => D:\programy\MK\Ksiega.exe
Task: C:\Windows\Tasks\PC Performer_DEFAULT.job => C:\Program Files (x86)\PC Performer\PCPerformer.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Performer_UPDATES.job => C:\Program Files (x86)\PC Performer\PCPerformer.exe <==== ATTENTION
C:\Users\USER\AppData\Roaming\cache.dat
C:\Users\USER\AppData\Roaming\cache.ini
C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64.sys
DeleteKey: HKU\S-1-5-21-4198088824-986625612-194678947-1000\Software\Microsoft\Internet Explorer\Search
CMD: for /d %f in (C:\Users\USER\AppData\Local\{*}) do rd /s /q "%f"
EmptyTemp:
*****************

Processes closed successfully.
HKU\S-1-5-21-4198088824-986625612-194678947-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NetPanel => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon => value deleted successfully.
IBUpdaterService => Service deleted successfully.
Update Mega Browse => Service deleted successfully.
Util Mega Browse => Service deleted successfully.
{29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64 => Service deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\186B9D0CEAFE4F158CC880120A871807" => Key deleted successfully.
"HKCR\CLSID\186B9D0CEAFE4F158CC880120A871807" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011441179}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110011441179}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE7C3CF0-4B15-11D1-ABED-709549C10000}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{CE7C3CF0-4B15-11D1-ABED-709549C10000}" => Key deleted successfully.
HKCU\Software\Mozilla\Firefox\Extensions\\gemgecko@gemius.com => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb" => Key Deleted successfully.
C:\Users\USER\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj" => Key deleted successfully.
C:\Users\USER\AppData\Local\Giant Savings\Chrome\Giant Savings.crx => Moved successfully.
"HKU\S-1-5-21-4198088824-986625612-194678947-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key deleted successfully.
"HKU\S-1-5-21-4198088824-986625612-194678947-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A5FED24-4875-4532-9C0E-B25D32F42BFF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A5FED24-4875-4532-9C0E-B25D32F42BFF}" => Key deleted successfully.
C:\Windows\System32\Tasks\PC Performer_DEFAULT => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer_DEFAULT" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5260A715-028E-4F51-A32A-597287655380}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5260A715-028E-4F51-A32A-597287655380}" => Key deleted successfully.
C:\Windows\System32\Tasks\PC Performer_UPDATES => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer_UPDATES" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3DD69EB-22DC-4130-A0F2-A11D909842AA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3DD69EB-22DC-4130-A0F2-A11D909842AA}" => Key deleted successfully.
C:\Windows\System32\Tasks\{D2F8D5A2-8007-4702-BC31-9BC7D846D7E3} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D2F8D5A2-8007-4702-BC31-9BC7D846D7E3}" => Key deleted successfully.
C:\Windows\Tasks\PC Performer_DEFAULT.job => Moved successfully.
C:\Windows\Tasks\PC Performer_UPDATES.job => Moved successfully.
C:\Users\USER\AppData\Roaming\cache.dat => Moved successfully.
C:\Users\USER\AppData\Roaming\cache.ini => Moved successfully.
C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64.sys => Moved successfully.
HKU\S-1-5-21-4198088824-986625612-194678947-1000\Software\Microsoft\Internet Explorer\Search => Key Deleted successfully.

=========  for /d %f in (C:\Users\USER\AppData\Local\{*}) do rd /s /q "%f" =========


========= End of CMD: =========

EmptyTemp: => Removed 5.7 GB temporary data.


The system needed a reboot. 

==== End of Fixlog ====