Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-09-2013
Ran by Ozi at 2013-09-21 17:35:25 Run:1
Running from C:\Users\Ozi\Desktop\Nowy folder
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\ProgramData\bowlwlt.ctrl
C:\ProgramData\bowlwlt.pff
C:\ProgramData\rjlzjr1a.ctrl
C:\ProgramData\rjlzjr1a.pff
C:\ProgramData\rjlzjr1a.reg
C:\Users\Ozi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rjlzjr1a.lnk
C:\Users\Ozi\AppData\Roaming\cache.ini
C:\Users\Ozi\AppData\Roaming\0C1I1L1R1J0M1P0I1G
C:\Users\Ozi\AppData\Roaming\1J1F1H1E2Y2Z1P1C1B2W1L1T2ZtF1E1I
C:\Users\Ozi\AppData\Roaming\BabSolution
C:\Users\Ozi\AppData\Roaming\Babylon
C:\Users\Ozi\AppData\Roaming\DriverCure
C:\Users\Ozi\AppData\Roaming\GoforFiles
C:\Users\Ozi\AppData\Roaming\OpenCandy
C:\Users\Ozi\AppData\Roaming\ParetoLogic
C:\Users\Ozi\AppData\Roaming\PerformerSoft
C:\Users\Ozi\AppData\Roaming\YourFileDownloader
C:\Users\Ozi\AppData\Local\WebPlayer
C:\Users\Ozi\AppData\Local\Google\Chrome
C:\Users\Ozi\Desktop\Malwarebytes-AntiMalware(13117).exe
C:\Users\Ozi\Security
C:\User Data
C:\ProgramData\BitGuard
C:\Program Files (x86)\Minibar
C:\Program Files (x86)\BonanzaDeals
HKLM-x32\...\Run: [ConvertAd] - C:\Users\Ozi\AppData\Local\ConvertAd\ConvertAd.exe [1784832 2013-08-10] (TODO: <Company name>)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com/?babsrc=HP_ss&mntrId=7A61001F1F0656BC&affID=124742&tsp=5005
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://isearch.babylon.com/?affID=116220&tt=4412_5&babsrc=HP_ss&mntrId=7a61c9c2000000000000001f1f0656bc
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF210245102451&ts=1378745199
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: (No Name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - No File
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF210245102451&ts=1378745199
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF210245102451&ts=1378745199
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF210245102451&ts=1378745199
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF210245102451&ts=1378745199
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10002&barid={4783D86F-25D9-11E2-B5FB-E88695DB8A5A}
SearchScopes: HKCU - bProtectorDefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKCU - {015DCE87-D2DD-45B4-B625-4A11EE1C3A59} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=7761968F-6BA2-4FB0-91A3-7F14BD87D134&apn_sauid=845D3666-F257-4642-AA3E-B084F0393BEF
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=7A61001F1F0656BC&affID=124742&tsp=5005
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF210245102451&ts=1378745199
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10002&barid={4783D86F-25D9-11E2-B5FB-E88695DB8A5A}
BHO: No Name - {336D0C35-8A85-403a-B9D2-65C292C39087} - No File
BHO-x32: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files (x86)\Minibar\Minibar.dll (KangoExtensions)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll No File
BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - No Name - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - No File
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\IB Updater\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\IB Updater\Firefox
FF HKCU\...\Firefox\Extensions: [{eb865f6a-a922-424b-abd5-a19d0f5301d1}] - C:\Program Files (x86)\Lyrmix\132.xpi
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF210245102451&ts=1378745199
Task: {0ED5B08E-93A4-40CA-982C-072F7B2E325F} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
Task: {E9C50EAD-BC90-4F94-BCFA-73E6E04BEF94} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe
Task: {EDA9BA3F-6DCD-469C-9830-9B95799FCDB9} - System32\Tasks\Lyrmix Update => C:\Program Files (x86)\Lyrmix\LymxUD.exe
Task: {FFF891E9-7297-4C51-B196-29396564413E} - System32\Tasks\EPUpdater => C:\Users\Ozi\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-08-04] ()
S2 IB Updater Updater; C:\Program Files\IB Updater\ExtensionUpdaterService.exe [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
Reg: reg delete HKLM\SOFTWARE\Google\Chrome /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Google\Chrome /f
*****************

C:\ProgramData\bowlwlt.ctrl => Moved successfully.
C:\ProgramData\bowlwlt.pff => Moved successfully.
C:\ProgramData\rjlzjr1a.ctrl => Moved successfully.
C:\ProgramData\rjlzjr1a.pff => Moved successfully.
C:\ProgramData\rjlzjr1a.reg => Moved successfully.
C:\Users\Ozi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rjlzjr1a.lnk => Moved successfully.
C:\Users\Ozi\AppData\Roaming\cache.ini => Moved successfully.
C:\Users\Ozi\AppData\Roaming\0C1I1L1R1J0M1P0I1G => Moved successfully.
C:\Users\Ozi\AppData\Roaming\1J1F1H1E2Y2Z1P1C1B2W1L1T2ZtF1E1I => Moved successfully.
C:\Users\Ozi\AppData\Roaming\BabSolution => Moved successfully.
C:\Users\Ozi\AppData\Roaming\Babylon => Moved successfully.
C:\Users\Ozi\AppData\Roaming\DriverCure => Moved successfully.
C:\Users\Ozi\AppData\Roaming\GoforFiles => Moved successfully.
C:\Users\Ozi\AppData\Roaming\OpenCandy => Moved successfully.
C:\Users\Ozi\AppData\Roaming\ParetoLogic => Moved successfully.
C:\Users\Ozi\AppData\Roaming\PerformerSoft => Moved successfully.
C:\Users\Ozi\AppData\Roaming\YourFileDownloader => Moved successfully.
C:\Users\Ozi\AppData\Local\WebPlayer => Moved successfully.
C:\Users\Ozi\AppData\Local\Google\Chrome => Moved successfully.
C:\Users\Ozi\Desktop\Malwarebytes-AntiMalware(13117).exe => Moved successfully.
C:\Users\Ozi\Security => Moved successfully.
C:\User Data => Moved successfully.
C:\ProgramData\BitGuard => Moved successfully.
C:\Program Files (x86)\Minibar => Moved successfully.
C:\Program Files (x86)\BonanzaDeals => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ConvertAd => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\bProtector Start Page => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
Default URLSearchHook was restored successfully .
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\\{EEE6C35D-6118-11DC-9C72-001320C79847} => Value deleted successfully.
HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{015DCE87-D2DD-45B4-B625-4A11EE1C3A59} => Key deleted successfully.
HKCR\CLSID\{015DCE87-D2DD-45B4-B625-4A11EE1C3A59} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key deleted successfully.
HKCR\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087} => Key deleted successfully.
HKCR\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{9E131A93-EED7-4BEB-B015-A0ADB30B5646} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{9E131A93-EED7-4BEB-B015-A0ADB30B5646} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{82E1477C-B154-48D3-9891-33D83C26BCD3} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} => Key deleted successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} => Value deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} => Value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} => Value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} => Value deleted successfully.
HKCU\Software\Mozilla\Firefox\Extensions\\{eb865f6a-a922-424b-abd5-a19d0f5301d1} => Value deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0ED5B08E-93A4-40CA-982C-072F7B2E325F} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0ED5B08E-93A4-40CA-982C-072F7B2E325F} => Key deleted successfully.
C:\Windows\System32\Tasks\YourFile Update => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YourFile Update => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E9C50EAD-BC90-4F94-BCFA-73E6E04BEF94} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9C50EAD-BC90-4F94-BCFA-73E6E04BEF94} => Key deleted successfully.
C:\Windows\System32\Tasks\Go for FilesUpdate => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Go for FilesUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EDA9BA3F-6DCD-469C-9830-9B95799FCDB9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDA9BA3F-6DCD-469C-9830-9B95799FCDB9} => Key deleted successfully.
C:\Windows\System32\Tasks\Lyrmix Update => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lyrmix Update => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FFF891E9-7297-4C51-B196-29396564413E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFF891E9-7297-4C51-B196-29396564413E} => Key deleted successfully.
C:\Windows\System32\Tasks\EPUpdater => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater => Key deleted successfully.
IB Updater Updater => Service deleted successfully.
catchme => Service deleted successfully.

========= reg delete HKLM\SOFTWARE\Google\Chrome /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Wow6432Node\Google\Chrome /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


==== End of Fixlog ====