Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-08-2013
Ran by Rafał at 2013-08-28 22:46:25 Run:1
Running from C:\Users\Rafał\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=HitachiXHDS721010DLE630_MSK5215H228L8G228L8GX&ts=1372886857
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=HitachiXHDS721010DLE630_MSK5215H228L8G228L8GX&ts=1372886857
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - ŰźĆîZ§’2ąŢpv¨IÍá*X(Ž2s(ŰÎŔJşÔÓµť± vË°!×—(äĽ48Đ¸patm6ęo^Mp`Ëő÷_iŁwľ!„Áű†x˘8€ŮjŔ˙ţ ´Ń;áa´[¦†8 ş~ŹRŮxśňÜ8'Ł-)x­ä­ URL =
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Rafał\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx
Task: {834DF8FF-314D-4398-BB0C-1B985A6D50D5} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe No File
Task: {8956D86F-2D5B-47FB-B54B-C2C839DFD51A} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe No File
Task: {8EF175E4-F378-4A3F-B725-7332AB1FF0B0} - \Omiga Plus RunAsStdUser No Task File
Task: {D2C60F3B-880C-4872-8354-A2AE398DEAB5} - System32\Tasks\0 => c:\program files\internet explorer\iexplore.exe [2013-07-26] (Microsoft Corporation)
2013-08-01 22:29 - 2013-08-21 16:37 - 00000064 _____ C:\windows\SysWOW64\rp_stats.dat
2013-08-01 22:29 - 2013-08-21 16:37 - 00000044 _____ C:\windows\SysWOW64\rp_rules.dat
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKLM-x32\...\Run: [] - [x]
AppInit_DLLs-x32: [0 ] ()
Unlock: HKLM\SYSTEM\CurrentControlSet\Services\sptd
S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [x]
Reg: reg add "HKCU\Software\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f
Reg: reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f
Reg: reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKCU\Software\Mozilla" /f
Reg: reg delete "HKCU\Software\MozillaPlugins" /f
Reg: reg delete "HKLM\SOFTWARE\MozillaPlugins" /f
Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\Mozilla" /f
Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\mozilla.org" /f
Reg: reg delete "HKLM\SOFTWARE\Wow6432Node\MozillaPlugins" /f
CMD: rd /s /q C:\Users\Rafał\AppData\Roaming\mozilla
*****************

HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Key deleted successfully.
HKCR\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ŰźĆîZ§’2ąŢpv¨IÍá*X(Ž2s(ŰÎŔJşÔÓµť± vË°!×—(äĽ48Đ¸patm6ęo^Mp`Ëő÷_iŁwľ!„Áű†x˘8€ŮjŔ˙ţ ´Ń;áa´[¦†8 ş~ŹRŮxśňÜ8'Ł-)x­ä­ => Key not found.
HKCR\CLSID\ŰźĆîZ§’2ąŢpv¨IÍá*X(Ž2s(ŰÎŔJşÔÓµť± vË°!×—(äĽ48Đ¸patm6ęo^Mp`Ëő÷_iŁwľ!„Áű†x˘8€ŮjŔ˙ţ ´Ń;áa´[¦†8 ş~ŹRŮxśňÜ8'Ł-)x­ä­ => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp => Key deleted successfully.
"C:\Users\Rafał\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{834DF8FF-314D-4398-BB0C-1B985A6D50D5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{834DF8FF-314D-4398-BB0C-1B985A6D50D5} => Key deleted successfully.
C:\Windows\System32\Tasks\Desk 365 RunAsStdUser => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8956D86F-2D5B-47FB-B54B-C2C839DFD51A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8956D86F-2D5B-47FB-B54B-C2C839DFD51A} => Key deleted successfully.
C:\Windows\System32\Tasks\Ad-Aware Update (Weekly) => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Update (Weekly) => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8EF175E4-F378-4A3F-B725-7332AB1FF0B0} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EF175E4-F378-4A3F-B725-7332AB1FF0B0} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Omiga Plus RunAsStdUser => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D2C60F3B-880C-4872-8354-A2AE398DEAB5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2C60F3B-880C-4872-8354-A2AE398DEAB5} => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0 => Key deleted successfully.
C:\windows\SysWOW64\rp_stats.dat => Moved successfully.
C:\windows\SysWOW64\rp_rules.dat => Moved successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableChangePassword => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
"HKLM\SYSTEM\CurrentControlSet\Services\sptd" => Key unlocked successfully.
sptd => Service deleted successfully.

========= reg add "HKCU\Software\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f =========

Operacja ukończona pomyślnie.


========= End of Reg: =========


========= reg add "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f =========

Operacja ukończona pomyślnie.


========= End of Reg: =========


========= reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes" /v DefaultScope /t REG_SZ /d {0633EE93-D776-472f-A0FF-E1416B8B2E3A} /f =========

Operacja ukończona pomyślnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukończona pomyślnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukończona pomyślnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukończona pomyślnie.


========= End of Reg: =========


========= reg delete "HKCU\Software\Mozilla" /f =========

Operacja ukończona pomyślnie.


========= End of Reg: =========


========= reg delete "HKCU\Software\MozillaPlugins" /f =========

Operacja ukończona pomyślnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\MozillaPlugins" /f =========

Operacja ukończona pomyślnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Wow6432Node\Mozilla" /f =========

Operacja ukończona pomyślnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Wow6432Node\mozilla.org" /f =========

Operacja ukończona pomyślnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Wow6432Node\MozillaPlugins" /f =========

Operacja ukończona pomyślnie.


========= End of Reg: =========


=========  rd /s /q C:\Users\Rafał\AppData\Roaming\mozilla =========


========= End of CMD: =========


==== End of Fixlog ====