Fix result of Farbar Recovery Scan Tool (x64) Version: 25-05-2015
Ran by Meg at 2015-05-27 13:34:47 Run:3
Running from C:\Users\Meg\Downloads
Loaded Profiles: Meg (Available Profiles: Meg)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
R1 {345422e3-72fa-447a-9550-97803edfacf3}Gw64; C:\Windows\System32\drivers\{345422e3-72fa-447a-9550-97803edfacf3}Gw64.sys [61120 2014-04-24] (StdLib)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [157824 2015-05-20] (XTab system)
S3 Tosrfcom; No ImagePath
BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-05-20] (Thinknice Co. Limited)
Toolbar: HKU\S-1-5-21-3394211285-2232929740-4212499475-1000 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
ShortcutWithArgument: C:\Users\Meg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.delta-homes.com/?type=sc&ts=1402681045&from=wpm0612&uid=TOSHIBAXMK2565GSXN_11V1PBYQTXX11V1PBYQT
ShortcutWithArgument: C:\Users\Meg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.delta-homes.com/?type=sc&ts=1402681045&from=wpm0612&uid=TOSHIBAXMK2565GSXN_11V1PBYQTXX11V1PBYQT
ShortcutWithArgument: C:\Users\Meg\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.delta-homes.com/?type=sc&ts=1402681045&from=wpm0612&uid=TOSHIBAXMK2565GSXN_11V1PBYQTXX11V1PBYQT
ShortcutWithArgument: C:\Users\Meg\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\3d7b04f33994a698\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.delta-homes.com/?type=sc&ts=1420019463&from=wpm12311&uid=TOSHIBAXMK2565GSXN_11V1PBYQTXX11V1PBYQT
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.delta-homes.com/?type=sc&ts=1402681045&from=wpm0612&uid=TOSHIBAXMK2565GSXN_11V1PBYQTXX11V1PBYQT
CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Meg\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [Not Found]
CHR HKU\S-1-5-21-3394211285-2232929740-4212499475-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Meg\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-10-21]
CHR HKLM-x32\...\Chrome\Extension: [ainbkicbloikcngphmjfpjdemblcojdd] - C:\Users\Meg\AppData\Local\Google\Chrome\User Data\Default\Extensions\slidebar.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Meg\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-10-21]
CHR HKLM-x32\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Meg\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\Meg\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Meg\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit16.crx [Not Found]
Task: {750E3FF2-B25D-443F-87E9-4B853D81464B} - System32\Tasks\{3798AAF7-7581-40C2-859E-182F69805B7C} => pcalua.exe -a "C:\Program Files (x86)\Picexa\uninstall.exe"
C:\Program Files\Enigma Software Group
C:\ProgramData\IHProtectUpDate
C:\ProgramData\WindowsMangerProtect
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiPony
C:\Users\Meg\AppData\Local\CRE
C:\Users\Meg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
C:\Users\Meg\Desktop\różne\DAEMON Tools Lite.lnk
C:\Windows\System32\drivers\{345422e3-72fa-447a-9550-97803edfacf3}Gw64.sys
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon" /f
*****************

Processes closed successfully.
Error: (0) Failed to create a restore point.
{345422e3-72fa-447a-9550-97803edfacf3}Gw64 => Service stopped successfully.
{345422e3-72fa-447a-9550-97803edfacf3}Gw64 => Service Removed successfully
IHProtect Service => Service Removed successfully
Tosrfcom => Service Removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}" => key Removed successfully
"HKCR\Wow6432Node\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}" => key Removed successfully
HKU\S-1-5-21-3394211285-2232929740-4212499475-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} => value Removed successfully
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => key not found. 
C:\Users\Meg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Shortcut argument Removed successfully.
C:\Users\Meg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => Shortcut argument restored successfully
C:\Users\Meg\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Shortcut argument Removed successfully.
C:\Users\Meg\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\3d7b04f33994a698\Google Chrome.lnk => Shortcut argument Removed successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh" => key Removed successfully
"HKU\S-1-5-21-3394211285-2232929740-4212499475-1000\SOFTWARE\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp" => key Removed successfully
C:\Users\Meg\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ainbkicbloikcngphmjfpjdemblcojdd" => key Removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp" => key Removed successfully
"C:\Users\Meg\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx" => File/Folder not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh" => key Removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo" => key Removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma" => key Removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{750E3FF2-B25D-443F-87E9-4B853D81464B}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{750E3FF2-B25D-443F-87E9-4B853D81464B}" => key Removed successfully
C:\Windows\System32\Tasks\{3798AAF7-7581-40C2-859E-182F69805B7C} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3798AAF7-7581-40C2-859E-182F69805B7C}" => key Removed successfully
C:\Program Files\Enigma Software Group => Moved successfully.
C:\ProgramData\IHProtectUpDate => Moved successfully.
C:\ProgramData\WindowsMangerProtect => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiPony => Moved successfully.
C:\Users\Meg\AppData\Local\CRE => Moved successfully.
C:\Users\Meg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com => Moved successfully.
C:\Users\Meg\Desktop\różne\DAEMON Tools Lite.lnk => Moved successfully.
C:\Windows\System32\drivers\{345422e3-72fa-447a-9550-97803edfacf3}Gw64.sys => Moved successfully.

========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========



The system needed a reboot. 

==== End of Fixlog 13:35:07 ====