Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 01-11-2014 Ran by Tomek at 2014-11-02 13:23:41 Run:1 Running from C:\Users\Tomek\Desktop\Nowy folder Loaded Profile: Tomek (Available profiles: Tomek) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: AppInit_DLLs: c:\progra~2\wincert\win32c~1.dll => c:\ProgramData\Wincert\win32cert.dll [7168 2013-02-07] () HKLM\...\Run: [DATAMNGR] => C:\Program Files\Search Results Toolbar\Datamngr\datamngrUI.exe [1683456 2013-02-14] (Bandoo Media Inc) HKU\S-1-5-21-1186718744-3189103823-2131972119-1001\...\Run: [QtraxNotification] => C:\Users\Tomek\Qtrax\Player\Notification.exe [118568 2013-08-04] () CMD: type C:\Windows\System32\Tasks\QtraxPlayer Task: {1C68D78A-C732-408A-83C0-705C9B310C63} - System32\Tasks\QtraxPlayer => C:\Program Files\Microsoft Silverlight\sllauncher.exe [2014-05-13] (Microsoft Corporation) Task: {8E21B4F9-9F21-4D36-9E99-2762C8341A2B} - System32\Tasks\EPUpdater => C:\Users\Tomek\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-05-09] () <==== ATTENTION Task: {94B1D90C-92E3-49EB-8434-601778964CEC} - System32\Tasks\DSite => C:\Users\Tomek\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe [2013-06-06] () <==== ATTENTION Task: {E8A88ED6-68F8-4B0B-A20F-8B927A48D1FA} - System32\Tasks\Digital Sites => C:\Users\Tomek\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\Tomek\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION R2 HPSLPSVC; C:\Users\Tomek\AppData\Local\Temp\7zS094D\hpslpsvc32.dll [701288 2013-02-06] (Hewlett-Packard Co.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=119357&babsrc=HP_ss_din2g&mntrId=C2A6001FE104CC26 HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=119357&babsrc=HP_ss&mntrId=C2A6001FE104CC26 SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=366&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3650213835504956&q={searchTerms} SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=366&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3650213835504956&q={searchTerms} SearchScopes: HKCU - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=366&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3650213835504956&q={searchTerms} SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchTerms}&affID=119357&babsrc=SP_ss&mntrId=C2A6001FE104CC26 SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=366&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3650213835504956&q={searchTerms} BHO: Search-Results Toolbar -> {377e5d4d-77e5-476a-8716-7e70a9272da0} -> C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC) BHO: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> C:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com) BHO: DataMngr -> {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} -> C:\Program Files\Search Results Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media Inc) BHO: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll No File Toolbar: HKLM - @C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll No File Toolbar: HKLM - Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC) Toolbar: HKLM - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com) CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Tomek\AppData\Roaming\BabSolution\CR\Delta.crx [] CustomCLSID: HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Tomek\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File CustomCLSID: HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Tomek\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File CustomCLSID: HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Tomek\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File CustomCLSID: HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Tomek\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File CustomCLSID: HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Tomek\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File CustomCLSID: HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Tomek\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File CustomCLSID: HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Tomek\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File CustomCLSID: HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Tomek\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File CustomCLSID: HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Tomek\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File CustomCLSID: HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Tomek\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File CustomCLSID: HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Tomek\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File CustomCLSID: HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Tomek\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File CustomCLSID: HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Tomek\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File CustomCLSID: HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Tomek\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File C:\ProgramData\Wincert C:\Users\Tomek\AppData\Roaming\*.* C:\Users\Tomek\AppData\Roaming\BabSolution C:\Users\Tomek\AppData\Roaming\Delta C:\Users\Tomek\AppData\Roaming\Mozilla ***************** Processes closed successfully. "c:\progra~2\wincert\win32c~1.dll" => Value Data removed successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR => value deleted successfully. HKU\S-1-5-21-1186718744-3189103823-2131972119-1001\Software\Microsoft\Windows\CurrentVersion\Run\\QtraxNotification => value deleted successfully. ========= type C:\Windows\System32\Tasks\QtraxPlayer ========= 2013-06-06T18:15:16 Tomek 2013-06-13T18:15:00 2013-06-14T00:00:00 true 1 IgnoreNew true true true false false PT10M PT1H true false true true false false false PT72H 7 "C:\Program Files\Microsoft Silverlight\sllauncher.exe" 3589856217.portal.qtrax.com Tomek-Komputer\Tomek InteractiveToken LeastPrivilege ========= End of CMD: ========= "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1C68D78A-C732-408A-83C0-705C9B310C63}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C68D78A-C732-408A-83C0-705C9B310C63}" => Key deleted successfully. C:\Windows\System32\Tasks\QtraxPlayer => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\QtraxPlayer" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E21B4F9-9F21-4D36-9E99-2762C8341A2B}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E21B4F9-9F21-4D36-9E99-2762C8341A2B}" => Key deleted successfully. C:\Windows\System32\Tasks\EPUpdater => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94B1D90C-92E3-49EB-8434-601778964CEC}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94B1D90C-92E3-49EB-8434-601778964CEC}" => Key deleted successfully. C:\Windows\System32\Tasks\DSite => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8A88ED6-68F8-4B0B-A20F-8B927A48D1FA}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8A88ED6-68F8-4B0B-A20F-8B927A48D1FA}" => Key deleted successfully. C:\Windows\System32\Tasks\Digital Sites => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Digital Sites" => Key deleted successfully. C:\Windows\Tasks\Digital Sites.job => Moved successfully. HPSLPSVC => Service stopped successfully. HPSLPSVC => Service deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\bProtector Start Page => value deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" => Key deleted successfully. "HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope => value deleted successfully. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key deleted successfully. "HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key not found. "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" => Key deleted successfully. "HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" => Key not found. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377e5d4d-77e5-476a-8716-7e70a9272da0}" => Key deleted successfully. "HKCR\CLSID\{377e5d4d-77e5-476a-8716-7e70a9272da0}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}" => Key deleted successfully. "HKCR\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}" => Key deleted successfully. "HKCR\CLSID\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => Key deleted successfully. "HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value deleted successfully. "HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{377e5d4d-77e5-476a-8716-7e70a9272da0} => value deleted successfully. "HKCR\CLSID\{377e5d4d-77e5-476a-8716-7e70a9272da0}" => Key not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{82E1477C-B154-48D3-9891-33D83C26BCD3} => value deleted successfully. "HKCR\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}" => Key deleted successfully. "HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde" => Key deleted successfully. "C:\Users\Tomek\AppData\Roaming\BabSolution\CR\Delta.crx" => File/Directory not found. "HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}" => Key deleted successfully. "HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}" => Key deleted successfully. "HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}" => Key deleted successfully. "HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}" => Key deleted successfully. "HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}" => Key deleted successfully. "HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}" => Key deleted successfully. "HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => Key deleted successfully. "HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}" => Key deleted successfully. "HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}" => Key deleted successfully. "HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}" => Key deleted successfully. "HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}" => Key deleted successfully. "HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}" => Key deleted successfully. "HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}" => Key deleted successfully. "HKU\S-1-5-21-1186718744-3189103823-2131972119-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully. C:\ProgramData\Wincert => Moved successfully. "C:\Users\Tomek\AppData\Roaming\*.*" directory move: Could not move "C:\Users\Tomek\AppData\Roaming\*.*" directory. => Scheduled to move on reboot. C:\Users\Tomek\AppData\Roaming\BabSolution => Moved successfully. C:\Users\Tomek\AppData\Roaming\Delta => Moved successfully. C:\Users\Tomek\AppData\Roaming\Mozilla => Moved successfully. => Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-11-02 13:27:11)<= "C:\Users\Tomek\AppData\Roaming\*.*" => Directory could not move. ==== End of Fixlog ====