Fix result of Farbar Recovery Scan Tool (x64) Version:02-08-2015
Ran by Albert (2015-08-02 11:08:35) Run:1
Running from C:\Users\Albert\Downloads
Loaded Profiles: Albert (Available Profiles: Albert)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM-x32\...\Run: [CMD] => cmd.exe /c start http://zivlingamer.org&& exit
HKU\S-1-5-21-1603798188-3409358739-4023605629-1001\...\Run: [EpicScale] => [X]
IFEO\adwcleaner_4.204.exe: [Debugger] svchost.exe
IFEO\AnVir.exe: [Debugger] svchost.exe
HKLM-x32\...\Run: [CMD] => cmd.exe /c start http://zivlingamer.org&& exit
HKU\S-1-5-21-1603798188-3409358739-4023605629-1001\...\Run: [EpicScale] => [X]
IFEO\adwcleaner_4.204.exe: [Debugger] svchost.exe
IFEO\AnVir.exe: [Debugger] svchost.exe
IFEO\AutoLogger.exe: [Debugger] svchost.exe
IFEO\avz.exe: [Debugger] svchost.exe
IFEO\CCleaner.exe: [Debugger] svchost.exe
IFEO\CCleaner64.exe: [Debugger] svchost.exe
IFEO\FRST.exe: [Debugger] svchost.exe
IFEO\FRST64.exe: [Debugger] svchost.exe
IFEO\HiJackThis.exe: [Debugger] svchost.exe
IFEO\regedit.exe: [Debugger] svchost.exe
IFEO\RegWorks.exe: [Debugger] svchost.exe
IFEO\RSIT.exe: [Debugger] svchost.exe
IFEO\RSITx64.exe: [Debugger] svchost.exe
ShortcutTarget: Registration Brothers In Arms.LNK -> D:\Users\Albert\Downloads\[ DARMOWE-TORENTY.PL ] Brothers In Arms Road To Hill 30 [PL]\BIA\Support\Register\RegistrationReminder.exe (No File)
ShortcutTarget: Registration Heroes of Might & Magic 5 - Hammers of Fate.LNK -> D:\Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\registrationa1\RegistrationReminder.exe (No File)
ShortcutTarget: Registration Heroes of Might & Magic 5 - Tribes of the East.LNK -> D:\Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\registration\RegistrationReminder.exe (No File)
ShortcutTarget: Registration Heroes of Might & Magic 5.LNK -> D:\Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\registration\RegistrationReminder.exe (No File)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga...AP9184929449294
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga...q={searchTerms}
Task: {0881D68E-8B47-4413-8A55-A56B955A6A21} - System32\Tasks\YTAHelper => C:\Program Files (x86)\YTAHelper\YTAHelper.exe <==== ATTENTION
Task: {0D7CF67F-9FFC-4D8F-A780-6ECC2EA58DAA} - System32\Tasks\Installer_shopperpro => C:\Users\Albert\AppData\Local\Installer\Installshopperpro_25350\DCytaiesmt_smtyc_setup.exe <==== ATTENTION
Task: {83802072-3D81-4B14-909A-F58285014A37} - System32\Tasks\YTAUpdate_logon => C:\PROGRA~2\YOUTUB~1\Updater.exe <==== ATTENTION
Task: {91A579AE-5DBA-48CE-BF70-CBA20335DF6F} - System32\Tasks\SMW_UpdateTask_Time_343139353431323131382d5a4a6c414a34572a506c415a => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {A986801E-259D-45FF-80DA-9FE130563DA9} - System32\Tasks\{6829FEB9-37F4-4DBB-B852-0E9B1EF731B3} => pcalua.exe -a "C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe" -c /AppMode=SETUP /Uninstall /UDS=1
Task: {CE847ECB-1E4F-4C36-86C7-0E3DDE85B25A} - System32\Tasks\SMWUpd => C:\Program Files\Common Files\Goobzo\GBUpdate\updater.exe <==== ATTENTION
Task: {E526EF94-64BF-42E4-B16F-C366E681CAE7} - System32\Tasks\YTAUpdate => C:\PROGRA~2\YOUTUB~1\Updater.exe <==== ATTENTION
C:\Program Files\Common Files\Goobzo
C:\ProgramData\SearchModule
C:\PROGRA~2\YOUTUB~1
C:\Users\Albert\AppData\Local\Installer\Installshopperpro_25350
Reg: reg delete HKU\S-1-5-21-1603798188-3409358739-4023605629-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v GoobzoYouTubeAccelerator /f
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga...AP9184929449294
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga...q={searchTerms}
SearchScopes: HKU\S-1-5-21-1603798188-3409358739-4023605629-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga...q={searchTerms}
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} ->  No File
BHO-x32: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} ->  No File
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO-x32: No Name -> {b608cc98-54de-4775-96c9-097de398500c} ->  No File
FF SelectedSearchEngine: AVG Secure Search
FF Keyword.URL: hxxp://www-searches.com/search.aspx?s=F1Ezdefytd1,6b6268af-3076-4d9c-a5b6-1edc0b59a364,&q=
FF SearchPlugin: C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\t1dq93ol.default\searchplugins\omiga-plus.xml [2015-01-10]
FF HKLM-x32\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\t1dq93ol.default\extensions\fftoolbar2014@etech.com
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> E:\VLC\npvlc.dll No File
FF SearchPlugin: C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\t1dq93ol.default\searchplugins\omiga-plus.xml [2015-01-10]
FF HKLM-x32\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\t1dq93ol.default\extensions\fftoolbar2014@etech.com
S2 YouTubeAcceleratorService; C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm [X]
S3 SMUpdd; \??\C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [X]
S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]
EmptyTemp:
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\CMD => value removed successfully
HKU\S-1-5-21-1603798188-3409358739-4023605629-1001\Software\Microsoft\Windows\CurrentVersion\Run\\EpicScale => value removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\adwcleaner_4.204.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AnVir.exe" => key removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\CMD => value not found.
HKU\S-1-5-21-1603798188-3409358739-4023605629-1001\Software\Microsoft\Windows\CurrentVersion\Run\\EpicScale => value not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\adwcleaner_4.204.exe => key not found. 
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AnVir.exe => key not found. 
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AutoLogger.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avz.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\CCleaner.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\CCleaner64.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FRST.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FRST64.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\HiJackThis.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\regedit.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RegWorks.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RSIT.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\RSITx64.exe" => key removed successfully
D:\Users\Albert\Downloads\[ DARMOWE-TORENTY.PL ] Brothers In Arms Road To Hill 30 [PL]\BIA\Support\Register\RegistrationReminder.exe not found.
D:\Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\registrationa1\RegistrationReminder.exe not found.
D:\Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\registration\RegistrationReminder.exe not found.
D:\Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\registration\RegistrationReminder.exe not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0881D68E-8B47-4413-8A55-A56B955A6A21}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0881D68E-8B47-4413-8A55-A56B955A6A21}" => key removed successfully
C:\Windows\System32\Tasks\YTAHelper => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTAHelper" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D7CF67F-9FFC-4D8F-A780-6ECC2EA58DAA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D7CF67F-9FFC-4D8F-A780-6ECC2EA58DAA}" => key removed successfully
C:\Windows\System32\Tasks\Installer_shopperpro => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Installer_shopperpro" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{83802072-3D81-4B14-909A-F58285014A37}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83802072-3D81-4B14-909A-F58285014A37}" => key removed successfully
C:\Windows\System32\Tasks\YTAUpdate_logon => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTAUpdate_logon" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91A579AE-5DBA-48CE-BF70-CBA20335DF6F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91A579AE-5DBA-48CE-BF70-CBA20335DF6F}" => key removed successfully
C:\Windows\System32\Tasks\SMW_UpdateTask_Time_343139353431323131382d5a4a6c414a34572a506c415a => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMW_UpdateTask_Time_343139353431323131382d5a4a6c414a34572a506c415a" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A986801E-259D-45FF-80DA-9FE130563DA9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A986801E-259D-45FF-80DA-9FE130563DA9}" => key removed successfully
C:\Windows\System32\Tasks\{6829FEB9-37F4-4DBB-B852-0E9B1EF731B3} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6829FEB9-37F4-4DBB-B852-0E9B1EF731B3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CE847ECB-1E4F-4C36-86C7-0E3DDE85B25A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE847ECB-1E4F-4C36-86C7-0E3DDE85B25A}" => key removed successfully
C:\Windows\System32\Tasks\SMWUpd => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMWUpd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E526EF94-64BF-42E4-B16F-C366E681CAE7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E526EF94-64BF-42E4-B16F-C366E681CAE7}" => key removed successfully
C:\Windows\System32\Tasks\YTAUpdate => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTAUpdate" => key removed successfully
C:\Program Files\Common Files\Goobzo => moved successfully.
C:\ProgramData\SearchModule => moved successfully.
"C:\PROGRA~2\YOUTUB~1" => File/Folder not found.
C:\Users\Albert\AppData\Local\Installer\Installshopperpro_25350 => moved successfully.

========= reg delete HKU\S-1-5-21-1603798188-3409358739-4023605629-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run /v GoobzoYouTubeAccelerator /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========

HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"HKU\S-1-5-21-1603798188-3409358739-4023605629-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => key removed successfully
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}" => key removed successfully
"HKCR\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}" => key removed successfully
HKCR\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} => key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => key removed successfully
HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b608cc98-54de-4775-96c9-097de398500c}" => key removed successfully
HKCR\Wow6432Node\CLSID\{b608cc98-54de-4775-96c9-097de398500c} => key not found. 
Firefox SelectedSearchEngine removed successfully
Firefox Keyword.URL removed successfully
C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\t1dq93ol.default\searchplugins\omiga-plus.xml => moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\fftoolbar2014@etech.com => value removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5" => key removed successfully
"C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\t1dq93ol.default\searchplugins\omiga-plus.xml" => not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\fftoolbar2014@etech.com => value not found.
YouTubeAcceleratorService => service removed successfully
SMUpdd => service removed successfully
xhunter1 => service removed successfully
EmptyTemp: => 518.3 MB temporary data Removed.


The system needed a reboot.. 

==== End of Fixlog 11:09:31 ====