Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-01-2014
Ran by Karolina at 2014-01-08 15:08:29 Run:1
Running from C:\Users\Karolina\Desktop\fixitpc
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CMD: md C:\Users\Karolina\Desktop\Upload
CMD: xcopy /e "C:\Program Files (x86)\Mozilla Firefox\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}" C:\Users\Karolina\Desktop\Upload
CMD: netsh advfirewall reset
Reg: reg delete HKLM\SOFTWARE\Google /f
Reg: reg delete HKLM\SOFTWARE\Wow6432Node\Google /f
C:\Users\Karolina\AppData\Local\Google
C:\Users\Karolina\AppData\Roaming\Babylon
C:\Users\Karolina\AppData\Roaming\DealPly
C:\Users\Karolina\AppData\Roaming\ESET
C:\Users\Karolina\AppData\Roaming\FLVPlayerPackages
C:\Users\Karolina\AppData\Roaming\Funmoods
C:\Users\Karolina\AppData\Roaming\JDownloaderDownloadManagerPackages
C:\Users\Karolina\AppData\Roaming\OpenCandy
C:\Users\Karolina\AppData\Roaming\PDFCreatorPackages
C:\Users\Karolina\AppData\Roaming\PerformerSoft
C:\Users\Karolina\AppData\Roaming\SendSpace
C:\Program Files (x86)\mozilla firefox\plugins\npVividasPlayer.dll
Task: {17BE7C4A-B972-41C4-802C-329F9BD11B83} - System32\Tasks\DealPlyUpdate => C:\Program Files (x86)\DealPly\DealPlyUpdate.exe
Task: {A9576A59-670E-4EBA-BA96-9AC65B2FE3A5} - System32\Tasks\Funmoods => C:\Users\Karolina\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE
Startup: C:\Users\Karolina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lollipop.lnk
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=119816&tt=gc_&babsrc=HP_ss&mntrId=30EB9CB70DCA4155
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {A2C5D87D-ED0B-4A0F-9906-FEF4E2DA74E6} URL = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtByCyE0A0Dzz0Dzz0E0C0DtN0D0Tzu0CtAtAtAtN1L2XzutBtFtBtFtDtFtAyEyE&cr=906098823
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {A2C5D87D-ED0B-4A0F-9906-FEF4E2DA74E6} URL = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtByCyE0A0Dzz0Dzz0E0C0DtN0D0Tzu0CtAtAtAtN1L2XzutBtFtBtFtDtFtAyEyE&cr=906098823
SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={FB7BDB74-CC5F-48A8-B8FB-0A5B8AAE0A82}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {A2C5D87D-ED0B-4A0F-9906-FEF4E2DA74E6} URL = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtByCyE0A0Dzz0Dzz0E0C0DtN0D0Tzu0CtAtAtAtN1L2XzutBtFtBtFtDtFtAyEyE&cr=906098823
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.pu-results.info/?l=1&q={searchTerms}&pid=34&r=2013/03/13&hid=1445970194&lg=EN&cc=PL
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={FB7BDB74-CC5F-48A8-B8FB-0A5B8AAE0A82}
SearchScopes: HKCU - DefaultScope {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/?a=6Oz1VNJZE9&loc=skw&search={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchTerms}&affID=119816&tt=gc_&babsrc=SP_ss&mntrId=30EB9CB70DCA4155
SearchScopes: HKCU - {491F69CD-C53E-A22C-C3BD-1465C5745EE1} URL = http://search.babylon.com/?q={searchTerms}&affID=110824&tt=4812_6&babsrc=SP_ss&mntrId=30eb8ecd0000000000009cb70dca4155
SearchScopes: HKCU - {5637587E-E95B-56B5-CC87-55736A5CD201} URL = http://websearch.pu-results.info/?l=1&q={searchTerms}&pid=34&r=2013/03/13&hid=1445970194&lg=EN&cc=PL
SearchScopes: HKCU - {B2845CC3-0849-4D52-842D-9D84205A78B7} URL = http://search.softonic.com/INF00046/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=219
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=AgnUpd&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtByCyE0A0Dzz0Dzz0E0C0DtN0D0Tzu0CyDtDyEtN1L2XzutN1L1Czu&cr=633516648&ir=
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/?a=6Oz1VNJZE9&loc=skw&search={searchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={FB7BDB74-CC5F-48A8-B8FB-0A5B8AAE0A82}
BHO-x32: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll No File
BHO-x32: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll No File
BHO-x32: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files (x86)\Funmoods\1.5.23.22\bh\escort.dll No File
BHO-x32: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll No File
BHO-x32: Broowse2usavE - {A63141BA-9BA6-5E19-6BE1-8C3C8BAE882A} - C:\ProgramData\Broowse2usavE\5140f66fa734b.dll No File
Toolbar: HKLM-x32 - Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll No File
Toolbar: HKLM-x32 - Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files (x86)\Funmoods\1.5.23.22\escorTlbr.dll No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\staged
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
S2 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
*****************


=========  md C:\Users\Karolina\Desktop\Upload =========


========= End of CMD: =========


=========  xcopy /e "C:\Program Files (x86)\Mozilla Firefox\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}" C:\Users\Karolina\Desktop\Upload =========

Liczba skopiowanych plik�w: 0.

========= End of CMD: =========


=========  netsh advfirewall reset =========

Ok.


========= End of CMD: =========


========= reg delete HKLM\SOFTWARE\Google /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Wow6432Node\Google /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========

C:\Users\Karolina\AppData\Local\Google => Moved successfully.
C:\Users\Karolina\AppData\Roaming\Babylon => Moved successfully.
C:\Users\Karolina\AppData\Roaming\DealPly => Moved successfully.
C:\Users\Karolina\AppData\Roaming\ESET => Moved successfully.
C:\Users\Karolina\AppData\Roaming\FLVPlayerPackages => Moved successfully.
C:\Users\Karolina\AppData\Roaming\Funmoods => Moved successfully.
C:\Users\Karolina\AppData\Roaming\JDownloaderDownloadManagerPackages => Moved successfully.
C:\Users\Karolina\AppData\Roaming\OpenCandy => Moved successfully.
C:\Users\Karolina\AppData\Roaming\PDFCreatorPackages => Moved successfully.
C:\Users\Karolina\AppData\Roaming\PerformerSoft => Moved successfully.
C:\Users\Karolina\AppData\Roaming\SendSpace => Moved successfully.
C:\Program Files (x86)\mozilla firefox\plugins\npVividasPlayer.dll => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17BE7C4A-B972-41C4-802C-329F9BD11B83} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17BE7C4A-B972-41C4-802C-329F9BD11B83} => Key deleted successfully.
C:\Windows\System32\Tasks\DealPlyUpdate => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9576A59-670E-4EBA-BA96-9AC65B2FE3A5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9576A59-670E-4EBA-BA96-9AC65B2FE3A5} => Key deleted successfully.
Could not move "C:\Windows\System32\Tasks\Funmoods" => Scheduled to move on reboot.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Funmoods => Key deleted successfully.
C:\Users\Karolina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lollipop.lnk => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A2C5D87D-ED0B-4A0F-9906-FEF4E2DA74E6} => Key deleted successfully.
HKCR\CLSID\{A2C5D87D-ED0B-4A0F-9906-FEF4E2DA74E6} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{A2C5D87D-ED0B-4A0F-9906-FEF4E2DA74E6} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{A2C5D87D-ED0B-4A0F-9906-FEF4E2DA74E6} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{491F69CD-C53E-A22C-C3BD-1465C5745EE1} => Key deleted successfully.
HKCR\CLSID\{491F69CD-C53E-A22C-C3BD-1465C5745EE1} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5637587E-E95B-56B5-CC87-55736A5CD201} => Key deleted successfully.
HKCR\CLSID\{5637587E-E95B-56B5-CC87-55736A5CD201} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B2845CC3-0849-4D52-842D-9D84205A78B7} => Key deleted successfully.
HKCR\CLSID\{B2845CC3-0849-4D52-842D-9D84205A78B7} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key deleted successfully.
HKCR\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key deleted successfully.
HKCR\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key deleted successfully.
HKCR\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A63141BA-9BA6-5E19-6BE1-8C3C8BAE882A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{A63141BA-9BA6-5E19-6BE1-8C3C8BAE882A} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{F9639E4A-801B-4843-AEE3-03D9DA199E77} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@Nero.com/KM => Key deleted successfully.
C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL => Moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\staged => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} => Value deleted successfully.
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => Value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} => Value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => Value deleted successfully.
Web Assistant Updater => Service deleted successfully.
catchme => Service deleted successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-01-08 15:10:18)<=

"C:\Windows\System32\Tasks\Funmoods" => File could not move.

==== End of Fixlog ====