Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2013 03
Ran by admintech at 2013-09-04 16:57:29 Run:1
Running from C:\Users\admintech\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [tuto4pc_pl_16] - [x]
HKU\KOMENDANT\...\Run: [] - [x]
HKU\KOMENDANT\...\Run: [NTRedirect] - C:\Users\KOMENDANT\AppData\Roaming\BabSolution\Shared\enhancedNT.dll [187888 2013-08-22] ()
HKU\KOMENDANT\...\Run: [Google Update] - [x]
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2801948
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2801948
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
BHO-x32: NCH EN Toolbar - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - NCH EN Toolbar - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {37483B40-C254-4A72-BDA4-22EE90182C1E} - No File
R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2847696 2013-07-26] ()
S3 RSUSBSTOR; \SystemRoot\System32\Drivers\RtsUStor.sys [x]
Task: {09D6F1E5-1FFF-416D-9C00-B542CA7A0AF3} - System32\Tasks\EPUpdater => C:\Users\KOMEND~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-08-04] ()
Task: {3A6CD2EC-B338-47C3-9013-98B6A2187EB1} - System32\Tasks\DSite => C:\Users\KOMEND~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE No File
Task: {6105C82E-EBE1-4EFC-B2E2-4EF8E497C9F3} - System32\Tasks\{7D1DB917-5C35-4699-BBA8-8EF78FB8672C} => C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe No File
Task: {66794251-3932-4336-9A6E-23A1F70D246A} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe No File
Task: {6994A3BE-4DD8-4A20-909E-C11DBB36440A} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe No File
Task: {DEF408CA-356D-45EA-AC14-7112B1EF1449} - System32\Tasks\QtraxPlayer => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2013-05-13] (Microsoft Corporation)
Task: {E1964E51-2953-454A-A8D6-2172D5AD97F7} - System32\Tasks\BrowserDefendert => start BrowserDefendert
Task: {E6B852FE-9226-4853-A642-0FEC0B0DC05D} - System32\Tasks\{5221BA9C-2524-4D96-BA90-D844736CE622} => C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe No File
Task: C:\Windows\Tasks\DSite.job => C:\Users\KOMEND~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE
C:\Users\KOMENDANT\AppData\Local\eorezo
C:\Users\KOMENDANT\AppData\Local\Google
C:\Users\KOMENDANT\AppData\Roaming\BabMaint.exe
C:\Users\KOMENDANT\AppData\Roaming\BabSolution
C:\Users\KOMENDANT\AppData\Roaming\Babylon
C:\Users\KOMENDANT\AppData\Roaming\DSite
C:\Users\KOMENDANT\AppData\Roaming\File Scout
C:\Users\KOMENDANT\AppData\Roaming\OpenCandy
C:\Users\KOMENDANT\Qtrax
C:\ProgramData\BrowserDefender
C:\Program Files (x86)\Web Cake
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\tuto4pc_pl_16 => Value deleted successfully.
HKU\KOMENDANT\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKU\KOMENDANT\Software\Microsoft\Windows\CurrentVersion\Run\\NTRedirect => Value deleted successfully.
HKU\KOMENDANT\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37483b40-c254-4a72-bda4-22ee90182c1e} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{37483b40-c254-4a72-bda4-22ee90182c1e} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{37483b40-c254-4a72-bda4-22ee90182c1e} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{37483b40-c254-4a72-bda4-22ee90182c1e} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{37483B40-C254-4A72-BDA4-22EE90182C1E} => Value deleted successfully.
HKCR\CLSID\{37483B40-C254-4A72-BDA4-22EE90182C1E} => Key not found.
BrowserDefendert => Service deleted successfully.
RSUSBSTOR => Service deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09D6F1E5-1FFF-416D-9C00-B542CA7A0AF3} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09D6F1E5-1FFF-416D-9C00-B542CA7A0AF3} => Key deleted successfully.
C:\Windows\System32\Tasks\EPUpdater => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3A6CD2EC-B338-47C3-9013-98B6A2187EB1} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A6CD2EC-B338-47C3-9013-98B6A2187EB1} => Key deleted successfully.
C:\Windows\System32\Tasks\DSite => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6105C82E-EBE1-4EFC-B2E2-4EF8E497C9F3} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6105C82E-EBE1-4EFC-B2E2-4EF8E497C9F3} => Key deleted successfully.
C:\Windows\System32\Tasks\{7D1DB917-5C35-4699-BBA8-8EF78FB8672C} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7D1DB917-5C35-4699-BBA8-8EF78FB8672C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{66794251-3932-4336-9A6E-23A1F70D246A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66794251-3932-4336-9A6E-23A1F70D246A} => Key deleted successfully.
C:\Windows\System32\Tasks\AdobeFlashPlayerUpdate 2 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate 2 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6994A3BE-4DD8-4A20-909E-C11DBB36440A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6994A3BE-4DD8-4A20-909E-C11DBB36440A} => Key deleted successfully.
C:\Windows\System32\Tasks\AdobeFlashPlayerUpdate => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DEF408CA-356D-45EA-AC14-7112B1EF1449} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEF408CA-356D-45EA-AC14-7112B1EF1449} => Key deleted successfully.
C:\Windows\System32\Tasks\QtraxPlayer => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\QtraxPlayer => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1964E51-2953-454A-A8D6-2172D5AD97F7} => Key not found.
C:\Windows\System32\Tasks\BrowserDefendert not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6B852FE-9226-4853-A642-0FEC0B0DC05D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6B852FE-9226-4853-A642-0FEC0B0DC05D} => Key deleted successfully.
C:\Windows\System32\Tasks\{5221BA9C-2524-4D96-BA90-D844736CE622} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5221BA9C-2524-4D96-BA90-D844736CE622} => Key deleted successfully.
C:\Windows\Tasks\DSite.job => Moved successfully.
C:\Users\KOMENDANT\AppData\Local\eorezo => Moved successfully.
C:\Users\KOMENDANT\AppData\Local\Google => Moved successfully.
C:\Users\KOMENDANT\AppData\Roaming\BabMaint.exe => Moved successfully.
C:\Users\KOMENDANT\AppData\Roaming\BabSolution => Moved successfully.
C:\Users\KOMENDANT\AppData\Roaming\Babylon => Moved successfully.

"C:\Users\KOMENDANT\AppData\Roaming\DSite" directory move:

C:\Users\KOMENDANT\AppData\Roaming\DSite\UpdateProc\config.dat => Moved successfully.
C:\Users\KOMENDANT\AppData\Roaming\DSite\UpdateProc\TTL.DAT => Moved successfully.
Could not move "C:\Users\KOMENDANT\AppData\Roaming\DSite" directory. => Scheduled to move on reboot.

C:\Users\KOMENDANT\AppData\Roaming\File Scout => Moved successfully.
C:\Users\KOMENDANT\AppData\Roaming\OpenCandy => Moved successfully.
C:\Users\KOMENDANT\Qtrax => Moved successfully.

"C:\ProgramData\BrowserDefender" directory move:

Could not move "C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js" => Scheduled to move on reboot.
Could not move "C:\ProgramData\BrowserDefender" directory. => Scheduled to move on reboot.

C:\Program Files (x86)\Web Cake => Moved successfully.

=========== Result of Scheduled Files to move ===========

"C:\Users\KOMENDANT\AppData\Roaming\DSite" => Directory could not move.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl => Moved successfully.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll => Moved successfully.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe => Moved successfully.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings => Moved successfully.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm => Moved successfully.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 => Moved successfully.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 => Moved successfully.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 => Moved successfully.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03 => Moved successfully.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 => Moved successfully.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 => Moved successfully.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 => Moved successfully.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13 => Moved successfully.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 => Moved successfully.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 => Moved successfully.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 => Moved successfully.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23 => Moved successfully.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js => Moved successfully.
C:\ProgramData\BrowserDefender => Moved successfully.

==== End of Fixlog ====