Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-05-2014 Ran by KATARYZNA at 2014-05-06 21:56:24 Run:1 Running from C:\Users\KATARYZNA\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61120 2014-03-28] (StdLib) C:\Windows\System32\drivers\wStLibG64.sys HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-3695823354-3054091797-1516551338-1001\...\Run: [Driver Pro] => C:\Program Files (x86)\Driver Pro\DPLauncher.exe [340512 2012-10-30] (PC Utilities Pro) HKU\S-1-5-21-3695823354-3054091797-1516551338-1001\...\Run: [NextLive] => C:\WINDOWS\SysWOW64\rundll32.exe "C:\Users\KATARYZNA\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l HKU\S-1-5-21-3695823354-3054091797-1516551338-1001\...\Policies\system: [DisableLockWorkstation] 0 Task: {31FBB0A9-5527-4FB3-B7A7-92F3F3A4717E} - System32\Tasks\MySearchDial => C:\Users\KATARYZNA\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION Task: {3B6B6C3A-2C1B-48E4-A17B-33772735E873} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe <==== ATTENTION Task: {977D0456-9448-4A21-B072-D83EAFA2BC30} - System32\Tasks\DealPlyUpdate => C:\Program <==== ATTENTION Task: {97B7EC8B-7C4C-4F76-BCF9-976DEA8E1AE3} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-02-13] (Dll-FIles.Com) Task: {9DAF5876-E546-4AC9-8C6E-7137613603B3} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert <==== ATTENTION Task: {CA5012EB-A13C-4BD6-AF19-A829ED8FD6EC} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-02-13] (Dll-FIles.Com) Task: {CDE94A76-D989-486E-93D8-82A7F58EE3DA} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-02-13] (Dll-FIles.Com) Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe Task: C:\WINDOWS\Tasks\MySearchDial.job => C:\Users\KATARY~1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.softonic.com/MOY00621/tb_v1?SearchSource=10&cc=&mi=a47625cb00000000000052b7c3d05b4e SearchScopes: HKLM - {39D56B16-B560-41EE-B8DD-E45AC0A42770} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tugumsd&cd=2XzuyEtN2Y1L1QzuyDtB0ByB0CtA0DtDyD0ByE0EtByD0C0BtN0D0Tzu0CyEzzzztN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=260300431&ir= SearchScopes: HKLM-x32 - {39D56B16-B560-41EE-B8DD-E45AC0A42770} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tugumsd&cd=2XzuyEtN2Y1L1QzuyDtB0ByB0CtA0DtDyD0ByE0EtByD0C0BtN0D0Tzu0CyEzzzztN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=260300431&ir= SearchScopes: HKCU - DefaultScope {1CD0CC9B-FCE7-BBD8-7156-5E8C75297CEF} URL = SearchScopes: HKCU - {1CD0CC9B-FCE7-BBD8-7156-5E8C75297CEF} URL = SearchScopes: HKCU - {3569A739-ECD3-4B6B-B305-B47A431E4375} URL = http://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=888596&p={searchTerms} SearchScopes: HKCU - {39D56B16-B560-41EE-B8DD-E45AC0A42770} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tugumsd&cd=2XzuyEtN2Y1L1QzuyDtB0ByB0CtA0DtDyD0ByE0EtByD0C0BtN0D0Tzu0CyEzzzztN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=260300431&ir= SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869 Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File FF HKLM-x32\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\KATARYZNA\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com FF HKLM-x32\...\Firefox\Extensions: [pluswinks@PlusWinks] - C:\Users\KATARYZNA\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks FF HKCU\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\KATARYZNA\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com FF HKCU\...\Firefox\Extensions: [pluswinks@PlusWinks] - C:\Users\KATARYZNA\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\KATARYZNA\AppData\Local\mysearchdial.crx [2013-08-20] CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\KATARYZNA\AppData\Local\mysearchdial.crx [2013-08-20] CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx [2013-08-20] CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx [2013-08-20] CHR HKLM-x32\...\Chrome\Extension: [koalekbhpbggkcfhkkbolikjoaobbppi] - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx [2013-08-20] CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx [2014-04-11] CHR HKLM-x32\...\Chrome\Extension: [mocblcnaofikinigmceddfghppkkjbog] - C:\Users\KATARYZNA\AppData\Roaming\PlusWinks\pluswinks.crx [2013-03-20] CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\KATARYZNA\AppData\Local\mysearchdial.crx [2013-06-18] CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2013-06-18] C:\Program Files (x86)\Common Files\Spigot C:\Program Files (x86)\PutLockerDownloader C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAFPlayer C:\Users\KATARYZNA\AppData\Local\Mobogenie C:\Users\KATARYZNA\AppData\Roaming\.oit C:\Users\KATARYZNA\AppData\Roaming\EZDownloader C:\Users\KATARYZNA\AppData\Roaming\Mozilla\Firefox\profiles\extensions C:\Users\KATARYZNA\AppData\Roaming\mysearchdial C:\Users\KATARYZNA\AppData\Roaming\newnext.me C:\Users\KATARYZNA\AppData\Roaming\No Company Name C:\Users\KATARYZNA\AppData\Roaming\OpenCandy C:\Users\KATARYZNA\AppData\Roaming\PlusWinks C:\Users\KATARYZNA\AppData\Roaming\Softonic C:\Users\KATARYZNA\AppData\Roaming\Uniblue C:\Users\KATARYZNA\AppData\Roaming\updatetool C:\Users\KATARYZNA\AppData\Roaming\WebApp Reboot: ***************** wStLibG64 => Unable to stop service wStLibG64 => Service deleted successfully. C:\Windows\System32\drivers\wStLibG64.sys => Moved successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully. HKU\S-1-5-21-3695823354-3054091797-1516551338-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Driver Pro => Value deleted successfully. HKU\S-1-5-21-3695823354-3054091797-1516551338-1001\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive => Value deleted successfully. HKU\S-1-5-21-3695823354-3054091797-1516551338-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => Value deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31FBB0A9-5527-4FB3-B7A7-92F3F3A4717E} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31FBB0A9-5527-4FB3-B7A7-92F3F3A4717E} => Key deleted successfully. C:\Windows\System32\Tasks\MySearchDial => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MySearchDial => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3B6B6C3A-2C1B-48E4-A17B-33772735E873} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B6B6C3A-2C1B-48E4-A17B-33772735E873} => Key deleted successfully. C:\Windows\System32\Tasks\Express FilesUpdate => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Express FilesUpdate => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{977D0456-9448-4A21-B072-D83EAFA2BC30} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{977D0456-9448-4A21-B072-D83EAFA2BC30} => Key deleted successfully. C:\Windows\System32\Tasks\DealPlyUpdate => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97B7EC8B-7C4C-4F76-BCF9-976DEA8E1AE3} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97B7EC8B-7C4C-4F76-BCF9-976DEA8E1AE3} => Key deleted successfully. C:\Windows\System32\Tasks\DLL-Files.Com Fixer_MONTHLY => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DLL-Files.Com Fixer_MONTHLY => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DAF5876-E546-4AC9-8C6E-7137613603B3} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DAF5876-E546-4AC9-8C6E-7137613603B3} => Key deleted successfully. C:\Windows\System32\Tasks\BrowserDefendert => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA5012EB-A13C-4BD6-AF19-A829ED8FD6EC} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA5012EB-A13C-4BD6-AF19-A829ED8FD6EC} => Key deleted successfully. C:\Windows\System32\Tasks\DLL-Files.Com Fixer_Updates => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DLL-Files.Com Fixer_Updates => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CDE94A76-D989-486E-93D8-82A7F58EE3DA} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDE94A76-D989-486E-93D8-82A7F58EE3DA} => Key deleted successfully. C:\Windows\System32\Tasks\RDReminder => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RDReminder => Key deleted successfully. C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job => Moved successfully. C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job => Moved successfully. C:\WINDOWS\Tasks\MySearchDial.job => Moved successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{39D56B16-B560-41EE-B8DD-E45AC0A42770} => Key deleted successfully. HKCR\CLSID\{39D56B16-B560-41EE-B8DD-E45AC0A42770} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{39D56B16-B560-41EE-B8DD-E45AC0A42770} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{39D56B16-B560-41EE-B8DD-E45AC0A42770} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1CD0CC9B-FCE7-BBD8-7156-5E8C75297CEF} => Key deleted successfully. HKCR\CLSID\{1CD0CC9B-FCE7-BBD8-7156-5E8C75297CEF} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3569A739-ECD3-4B6B-B305-B47A431E4375} => Key deleted successfully. HKCR\CLSID\{3569A739-ECD3-4B6B-B305-B47A431E4375} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{39D56B16-B560-41EE-B8DD-E45AC0A42770} => Key deleted successfully. HKCR\CLSID\{39D56B16-B560-41EE-B8DD-E45AC0A42770} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => Key deleted successfully. HKCR\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Value deleted successfully. HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Value deleted successfully. HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\speedanalysis02@SpeedAnalysis.com => Value deleted successfully. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\pluswinks@PlusWinks => Value deleted successfully. HKCU\Software\Mozilla\Firefox\Extensions\\speedanalysis02@SpeedAnalysis.com => Value deleted successfully. HKCU\Software\Mozilla\Firefox\Extensions\\pluswinks@PlusWinks => Value deleted successfully. HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff => Key deleted successfully. "C:\Users\KATARYZNA\AppData\Local\mysearchdial.crx" => File/Directory not found. HKCU\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff => Key deleted successfully. "C:\Users\KATARYZNA\AppData\Local\mysearchdial.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj => Key deleted successfully. "C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj => Key deleted successfully. "C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\koalekbhpbggkcfhkkbolikjoaobbppi => Key deleted successfully. "C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk => Key deleted successfully. "C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbog => Key deleted successfully. C:\Users\KATARYZNA\AppData\Roaming\PlusWinks\pluswinks.crx => Moved successfully. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff => Key deleted successfully. "C:\Users\KATARYZNA\AppData\Local\mysearchdial.crx" => File/Directory not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp => Key deleted successfully. "C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx" => File/Directory not found. "C:\Program Files (x86)\Common Files\Spigot" => File/Directory not found. "C:\Program Files (x86)\PutLockerDownloader" => File/Directory not found. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAFPlayer => Moved successfully. C:\Users\KATARYZNA\AppData\Local\Mobogenie => Moved successfully. C:\Users\KATARYZNA\AppData\Roaming\.oit => Moved successfully. C:\Users\KATARYZNA\AppData\Roaming\EZDownloader => Moved successfully. C:\Users\KATARYZNA\AppData\Roaming\Mozilla\Firefox\profiles\extensions => Moved successfully. C:\Users\KATARYZNA\AppData\Roaming\mysearchdial => Moved successfully. C:\Users\KATARYZNA\AppData\Roaming\newnext.me => Moved successfully. C:\Users\KATARYZNA\AppData\Roaming\No Company Name => Moved successfully. C:\Users\KATARYZNA\AppData\Roaming\OpenCandy => Moved successfully. C:\Users\KATARYZNA\AppData\Roaming\PlusWinks => Moved successfully. C:\Users\KATARYZNA\AppData\Roaming\Softonic => Moved successfully. C:\Users\KATARYZNA\AppData\Roaming\Uniblue => Moved successfully. C:\Users\KATARYZNA\AppData\Roaming\updatetool => Moved successfully. C:\Users\KATARYZNA\AppData\Roaming\WebApp => Moved successfully. The system needed a reboot. ==== End of Fixlog ====