Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:06-06-2014
Ran by DC5700 at 2014-06-06 16:35:36 Run:1
Running from C:\Documents and Settings\DC5700\Moje dokumenty\Pobieranie
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
(Cherished Technololgy LIMITED) C:\Documents and Settings\All Users\Dane aplikacji\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\Documents and Settings\All Users\Dane aplikacji\WPM\wprotectmanager.exe
() C:\Program Files\fst_pl_30\fst_pl_30.exe
() C:\Documents and Settings\DC5700\Ustawienia lokalne\Dane aplikacji\fst_pl_30\upfst_pl_30.exe
() C:\Program Files\VLC Player GPU+\UsageLog.exe
() C:\Program Files\fst_pl_19\fst_pl_19.exe
() C:\Program Files\fst_pl_79\fst_pl_79.exe
() C:\Program Files\fst_pl_99\fst_pl_99.exe
(SaveSense) C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe
(Ufasoft) C:\Program Files\VLC Player GPU+\UsageMonitor.exe
() C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
R2 IePluginService; C:\Documents and Settings\All Users\Dane aplikacji\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
S2 savesenselive; C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-01-12] (SaveSense)
S3 savesenselivem; C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-01-12] (SaveSense)
R2 Wpm; C:\Documents and Settings\All Users\Dane aplikacji\WPM\wprotectmanager.exe [493568 2014-02-02] (Cherished Technololgy LIMITED)
R3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
HKLM\...\Run: [fst_pl_30] => C:\Program Files\fst_pl_30\fst_pl_30.exe [4001224 2014-01-02] ()
HKLM\...\Run: [upfst_pl_30.exe] => C:\Documents and Settings\DC5700\Ustawienia lokalne\Dane aplikacji\fst_pl_30\upfst_pl_30.exe [3153904 2014-01-02] ()
HKLM\...\Run: [UsageTemp] => C:\Documents and Settings\DC5700\Ustawienia lokalne\Temp\UsageTemp.exe [1305824 2014-01-30] () <===== ATTENTION
HKLM\...\Run: [UsageLoader] => C:\Program Files\VLC Player GPU+\UsageLog.exe [1358560 2014-01-14] ()
HKLM\...\Run: [fst_pl_19] => C:\Program Files\fst_pl_19\fst_pl_19.exe [11671024 2013-12-18] ()
HKLM\...\Run: [fst_pl_79] => C:\Program Files\fst_pl_79\fst_pl_79.exe [3985920 2014-03-10] ()
HKLM\...\Run: [fst_pl_99] => C:\Program Files\fst_pl_99\fst_pl_99.exe [3985920 2014-04-03] ()
HKU\S-1-5-21-748017608-3272634254-3442068131-1003\...\Run: [NextLive] => C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\DC5700\Dane aplikacji\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-748017608-3272634254-3442068131-1003\...\Run: [RDReminder] => C:\Program Files\RegClean Pro\RegCleanPro.exe [7913304 2014-04-25] (Systweak Inc)
Task: C:\WINDOWS\Tasks\At1.job => C:\DOCUME~1\DC5700\DANEAP~1\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\At2.job => C:\DOCUME~1\NETWOR~1\DANEAP~1\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mysearch.avg.com?cid={C47134ED-DF6D-4E0E-BD60-FC9229775100}&mid=Unknown&lang=pl&ds=gm011&coid=avgtbdisgm&cmpid=&pr=sa&d=2014-01-12 15:55:59&v=18.1.6.542&pid=safeguard&sg=&sap=hp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1397030415&from=tt4u&uid=ST380815AS_9RW1NCGJ
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com/?type=hp&ts=1397030415&from=tt4u&uid=ST380815AS_9RW1NCGJ
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.qone8.com/web/?type=ds&ts=1397030415&from=tt4u&uid=ST380815AS_9RW1NCGJ&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.qone8.com/web/?type=ds&ts=1397030415&from=tt4u&uid=ST380815AS_9RW1NCGJ&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.qone8.com/?type=hp&ts=1397030415&from=tt4u&uid=ST380815AS_9RW1NCGJ
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.qone8.com/web/?type=ds&ts=1397030415&from=tt4u&uid=ST380815AS_9RW1NCGJ&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.qone8.com/web/?type=ds&ts=1397030415&from=tt4u&uid=ST380815AS_9RW1NCGJ&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www1.delta-search.com/?q={searchTerms}&affID=119535&tt=gc_&babsrc=SP_ss&mntrId=2C50001E0B63A29D
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www1.delta-search.com/?q={searchTerms}&affID=119535&tt=gc_&babsrc=SP_ss&mntrId=2C50001E0B63A29D
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={C47134ED-DF6D-4E0E-BD60-FC9229775100}&mid=Unknown&lang=pl&ds=gm011&coid=avgtbdisgm&cmpid=&pr=sa&d=2014-01-12 15:55:59&v=18.1.6.542&pid=safeguard&sg=&sap=dsp&q={searchTerms}
BHO: SaveSense - {0f21b1e5-5afc-43c9-9c66-515046e92ec2} - C:\Program Files\SaveSense\SaveSenseIE.dll (SaveSense)
BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
BHO: SquirrelWeb - {dd86af49-1ef1-4532-89f7-41eda1dbbe6d} - C:\Program Files\SquirrelWeb\SquirrelWebbho.dll (SquirrelWeb)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
FF Plugin: @tools.updaterss.com/SaveSenseLive Update;version=3 - C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin: @tools.updaterss.com/SaveSenseLive Update;version=9 - C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
Google Update Helper (Version: 1.3.23.0 - SaveSense) Hidden <==== ATTENTION
C:\Documents and Settings\All Users\Dane aplikacji\AVG
C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search
C:\Documents and Settings\All Users\Dane aplikacji\Avg_Update_0414c
C:\Documents and Settings\All Users\Dane aplikacji\Babylon
C:\Documents and Settings\All Users\Dane aplikacji\Common Files
C:\Documents and Settings\All Users\Dane aplikacji\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
C:\Documents and Settings\All Users\Menu Start\Programy\RegClean Pro
C:\Documents and Settings\All Users\Pulpit\RegClean Pro.lnk
C:\Documents and Settings\DC5700\Dane aplikacji\AVG
C:\Documents and Settings\DC5700\Dane aplikacji\BabSolution
C:\Documents and Settings\DC5700\Dane aplikacji\Babylon
C:\Documents and Settings\DC5700\Dane aplikacji\File Scout
C:\Documents and Settings\DC5700\Dane aplikacji\newnext.me
C:\Documents and Settings\DC5700\Dane aplikacji\OpenCandy
C:\Documents and Settings\DC5700\Pulpit\Wyczyść rejestr za darmo!.lnk
C:\Program Files\Enigma Software Group
C:\WINDOWS\455F074C814E4520B69B5584BD90400C.TMP
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Search" /f
Reboot:
*****************

C:\Documents and Settings\All Users\Dane aplikacji\IePluginService\PluginService.exe => No running process found
C:\Documents and Settings\All Users\Dane aplikacji\WPM\wprotectmanager.exe => No running process found
C:\Program Files\fst_pl_30\fst_pl_30.exe => No running process found
C:\Documents and Settings\DC5700\Ustawienia lokalne\Dane aplikacji\fst_pl_30\upfst_pl_30.exe => No running process found
C:\Program Files\VLC Player GPU+\UsageLog.exe => No running process found
C:\Program Files\fst_pl_19\fst_pl_19.exe => No running process found
C:\Program Files\fst_pl_79\fst_pl_79.exe => No running process found
C:\Program Files\fst_pl_99\fst_pl_99.exe => No running process found
C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe => No running process found
C:\Program Files\VLC Player GPU+\UsageMonitor.exe => No running process found
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe => No running process found
IePluginService => Service stopped successfully.
IePluginService => Service deleted successfully.
savesenselive => Service deleted successfully.
savesenselivem => Service deleted successfully.
Wpm => Service stopped successfully.
Wpm => Service deleted successfully.
esgiguard => Service deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\fst_pl_30 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\upfst_pl_30.exe => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\UsageTemp => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\UsageLoader => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\fst_pl_19 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\fst_pl_79 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\fst_pl_99 => value deleted successfully.
HKU\S-1-5-21-748017608-3272634254-3442068131-1003\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive => value deleted successfully.
HKU\S-1-5-21-748017608-3272634254-3442068131-1003\Software\Microsoft\Windows\CurrentVersion\Run\\RDReminder => value deleted successfully.
C:\WINDOWS\Tasks\At1.job => Moved successfully.
C:\WINDOWS\Tasks\At2.job => Moved successfully.
C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job => Moved successfully.
C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job => Moved successfully.
C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}'=> Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0f21b1e5-5afc-43c9-9c66-515046e92ec2}' => Key deleted successfully.
'HKCR\CLSID\{0f21b1e5-5afc-43c9-9c66-515046e92ec2}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}' => Key deleted successfully.
'HKCR\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}' => Key deleted successfully.
'HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dd86af49-1ef1-4532-89f7-41eda1dbbe6d}' => Key deleted successfully.
'HKCR\CLSID\{dd86af49-1ef1-4532-89f7-41eda1dbbe6d}' => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value deleted successfully.
'HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}' => Key deleted successfully.
'HKLM\Software\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3' => Key deleted successfully.
C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll => Moved successfully.
'HKLM\Software\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9' => Key deleted successfully.
C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}\\SystemComponent => value deleted successfully.
C:\Documents and Settings\All Users\Dane aplikacji\AVG => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Avg_Update_0414c => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Babylon => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Common Files => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} => Moved successfully.
C:\Documents and Settings\All Users\Menu Start\Programy\RegClean Pro => Moved successfully.
C:\Documents and Settings\All Users\Pulpit\RegClean Pro.lnk => Moved successfully.
C:\Documents and Settings\DC5700\Dane aplikacji\AVG => Moved successfully.
C:\Documents and Settings\DC5700\Dane aplikacji\BabSolution => Moved successfully.
C:\Documents and Settings\DC5700\Dane aplikacji\Babylon => Moved successfully.
C:\Documents and Settings\DC5700\Dane aplikacji\File Scout => Moved successfully.
C:\Documents and Settings\DC5700\Dane aplikacji\newnext.me => Moved successfully.
C:\Documents and Settings\DC5700\Dane aplikacji\OpenCandy => Moved successfully.
C:\Documents and Settings\DC5700\Pulpit\Wyczyść rejestr za darmo!.lnk => Moved successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\WINDOWS\455F074C814E4520B69B5584BD90400C.TMP => Moved successfully.

========= reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Search" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========



The system needed a reboot. 

==== End of Fixlog ====