Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-09-2014
Ran by user at 2014-09-03 16:07:59 Run:1
Running from C:\Users\user\Desktop\naprawa
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
() C:\Program Files\webget\updatewebget.exe
() C:\Program Files\webget\bin\utilwebget.exe
(Ask) C:\Program Files\Ask.com\Updater\Updater.exe
(Pay By Ads LTD) C:\Users\user\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
() C:\Program Files\webget\bin\webget.PurBrowse.exe
() C:\Program Files\webget\bin\webget.BrowserAdapter.exe
() C:\Users\user\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe
S2 bonanzadealslive; C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-13] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-13] (BonanzaDeals)
R2 Update webget; C:\Program Files\webget\updatewebget.exe [323352 2014-08-24] ()
R2 Util webget; C:\Program Files\webget\bin\utilwebget.exe [323352 2014-08-24] ()
R1 {55685567-4840-4a91-962b-49a412e9485a}Gw; C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw.sys [52920 2014-05-26] (StdLib)
R1 {55685567-4840-4a91-962b-49a412e9485a}w; C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w.sys [52920 2014-06-20] (StdLib)
R1 {9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw; C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys [52920 2014-05-16] (StdLib)
Task: {2612F22E-3A51-4D1C-972B-B25F87C5BA9A} - System32\Tasks\Yahoo! Search => C:\Users\user\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe [2014-07-04] (Pay By Ads LTD)
Task: {277C8334-038E-49F5-920A-7589446FCFA1} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-13] (BonanzaDeals) <==== ATTENTION
Task: {5F27CD69-BCD0-4BDE-ABC7-FBE9558A3CE6} - System32\Tasks\Digital Sites => C:\Users\user\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {7A3FE3CE-F6BF-4FBD-89FF-112C8C73CD70} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2012-05-04] () <==== ATTENTION
Task: {7AE4AA3A-A8B7-4662-B164-317E763818C1} - System32\Tasks\DSite => C:\Users\user\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {96FF382A-71B0-486E-9A63-2EE3A592C98F} - System32\Tasks\DigitalSite => C:\Users\user\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {A5A7999D-7B7B-41CD-BE64-C053BC923C69} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-13] (BonanzaDeals) <==== ATTENTION
Task: {C64E409A-368B-4648-A857-0B197D24B959} - System32\Tasks\BonanzaDealsUpdate => C:\Program
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\user\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\user\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
HKLM\...\Run: [] => [X]
HKLM\...\Run: [ApnUpdater] => C:\Program Files\Ask.com\Updater\Updater.exe [1561768 2012-05-04] (Ask)
HKU\S-1-5-21-3491512244-2320586285-1863719067-1000\...\Run: [Screen Saver Pro 3.1] => C:\Users\user\AppData\Roaming\ScreenSaverPro.scr
HKU\S-1-5-21-3491512244-2320586285-1863719067-1000\...\Run: [Rxfcft] => C:\Users\user\AppData\Roaming\Microsoft\Rxfcft.exe
HKU\S-1-5-21-3491512244-2320586285-1863719067-1000\...\Run: [Pxfcfr] => C:\Users\user\AppData\Roaming\Microsoft\Pxfcfr.exe
HKU\S-1-5-21-3491512244-2320586285-1863719067-1000\...\Run: [Qxfcfs] => C:\Users\user\AppData\Roaming\Microsoft\Qxfcfs.exe
HKU\S-1-5-21-3491512244-2320586285-1863719067-1000\...\Run: [Mxfcfo] => C:\Users\user\AppData\Roaming\Microsoft\Mxfcfo.exe
HKU\S-1-5-21-3491512244-2320586285-1863719067-1000\...\Run: [Adobe System Incorporated] => C:\Users\user\AppData\Local\Temp\Adobe\Reader_sl.exe <===== ATTENTION
HKU\S-1-5-21-3491512244-2320586285-1863719067-1000\...\Run: [Yahoo! Search] => C:\Users\user\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe [535472 2014-07-04] (Pay By Ads LTD)
HKU\S-1-5-21-3491512244-2320586285-1863719067-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www2.delta-search.com/?babsrc=HP_ss&mntrId=B8055404A614FB96&affID=119357&tl=gcn33200&tsp=5009
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0B63ED11-8DD5-4736-94F8-6FA46775E04E} URL = http://rts.dsrlte.com/?q={searchTerms}&r=175
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B8055404A614FB96&affID=119357&tl=gcn33200&tsp=5009
SearchScopes: HKCU - {6534937B-79C5-46DD-B0EB-6DFEB9BAB527} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=055FD552-DCD6-42E2-88FD-4F1486F91824&apn_sauid=20751309-DAA6-40A0-B7D9-D86193BEC4F8
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: BonanzaDeals -> {fe063412-bea4-4d76-8ed3-183be6220d17} -> C:\Program Files\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
FF Plugin: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 -> C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 -> C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
CHR HomePage: Default -> hxxp://rts.dsrlte.com
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\user\AppData\Roaming\BabSolution\CR\BabylonChrome1.crx []
CustomCLSID: HKU\S-1-5-21-3491512244-2320586285-1863719067-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\user\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll No File
C:\Users\user\AppData\Roaming\Babylon
C:\Users\user\AppData\Roaming\Mipony
C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw.sys
C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w.sys
C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys
EmptyTemp:
*****************

[4568] C:\Program Files\webget\updatewebget.exe => Process closed successfully.
[4900] C:\Program Files\webget\bin\utilwebget.exe => Process closed successfully.
[3424] C:\Program Files\Ask.com\Updater\Updater.exe => Process closed successfully.
[4020] C:\Users\user\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe => Process closed successfully.
[5456] C:\Program Files\webget\bin\webget.PurBrowse.exe => Process closed successfully.
[5396] C:\Program Files\webget\bin\webget.BrowserAdapter.exe => Process closed successfully.
C:\Users\user\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe => No running process found
bonanzadealslive => Service deleted successfully.
bonanzadealslivem => Service deleted successfully.
Update webget => Service deleted successfully.
Util webget => Service deleted successfully.
{55685567-4840-4a91-962b-49a412e9485a}Gw => Service stopped successfully.
{55685567-4840-4a91-962b-49a412e9485a}Gw => Service deleted successfully.
{55685567-4840-4a91-962b-49a412e9485a}w => Service stopped successfully.
{55685567-4840-4a91-962b-49a412e9485a}w => Service deleted successfully.
{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw => Service stopped successfully.
{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw => Service deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2612F22E-3A51-4D1C-972B-B25F87C5BA9A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2612F22E-3A51-4D1C-972B-B25F87C5BA9A}" => Key deleted successfully.
C:\Windows\System32\Tasks\Yahoo! Search => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Yahoo! Search" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{277C8334-038E-49F5-920A-7589446FCFA1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{277C8334-038E-49F5-920A-7589446FCFA1}" => Key deleted successfully.
C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineCore" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F27CD69-BCD0-4BDE-ABC7-FBE9558A3CE6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F27CD69-BCD0-4BDE-ABC7-FBE9558A3CE6}" => Key deleted successfully.
C:\Windows\System32\Tasks\Digital Sites => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Digital Sites" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A3FE3CE-F6BF-4FBD-89FF-112C8C73CD70}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A3FE3CE-F6BF-4FBD-89FF-112C8C73CD70}" => Key deleted successfully.
C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7AE4AA3A-A8B7-4662-B164-317E763818C1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AE4AA3A-A8B7-4662-B164-317E763818C1}" => Key deleted successfully.
C:\Windows\System32\Tasks\DSite => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96FF382A-71B0-486E-9A63-2EE3A592C98F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96FF382A-71B0-486E-9A63-2EE3A592C98F}" => Key deleted successfully.
C:\Windows\System32\Tasks\DigitalSite => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DigitalSite" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5A7999D-7B7B-41CD-BE64-C053BC923C69}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5A7999D-7B7B-41CD-BE64-C053BC923C69}" => Key deleted successfully.
C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineUA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C64E409A-368B-4648-A857-0B197D24B959}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C64E409A-368B-4648-A857-0B197D24B959}" => Key deleted successfully.
C:\Windows\System32\Tasks\BonanzaDealsUpdate => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsUpdate" => Key deleted successfully.
C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\Digital Sites.job => Moved successfully.
C:\Windows\Tasks\DigitalSite.job => Moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater => value deleted successfully.
HKU\S-1-5-21-3491512244-2320586285-1863719067-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Screen Saver Pro 3.1 => value deleted successfully.
HKU\S-1-5-21-3491512244-2320586285-1863719067-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Rxfcft => value deleted successfully.
HKU\S-1-5-21-3491512244-2320586285-1863719067-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Pxfcfr => value deleted successfully.
HKU\S-1-5-21-3491512244-2320586285-1863719067-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Qxfcfs => value deleted successfully.
HKU\S-1-5-21-3491512244-2320586285-1863719067-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Mxfcfo => value deleted successfully.
HKU\S-1-5-21-3491512244-2320586285-1863719067-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe System Incorporated => value deleted successfully.
HKU\S-1-5-21-3491512244-2320586285-1863719067-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Yahoo! Search => value deleted successfully.
HKU\S-1-5-21-3491512244-2320586285-1863719067-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\bProtector Start Page => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} => value deleted successfully.
"HKCR\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}" => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0B63ED11-8DD5-4736-94F8-6FA46775E04E}" => Key deleted successfully.
"HKCR\CLSID\{0B63ED11-8DD5-4736-94F8-6FA46775E04E}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key deleted successfully.
"HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6534937B-79C5-46DD-B0EB-6DFEB9BAB527}" => Key deleted successfully.
"HKCR\CLSID\{6534937B-79C5-46DD-B0EB-6DFEB9BAB527}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully.
"HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}" => Key deleted successfully.
"HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fe063412-bea4-4d76-8ed3-183be6220d17}" => Key deleted successfully.
"HKCR\CLSID\{fe063412-bea4-4d76-8ed3-183be6220d17}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value deleted successfully.
"HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}" => Key not found.
"HKLM\Software\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3" => Key deleted successfully.
C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll => Moved successfully.
"HKLM\Software\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9" => Key deleted successfully.
C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll not found.
Chrome HomePage deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb" => Key deleted successfully.
"C:\Users\user\AppData\Roaming\BabSolution\CR\BabylonChrome1.crx" => File/Directory not found.
"HKU\S-1-5-21-3491512244-2320586285-1863719067-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}" => Key deleted successfully.
C:\Users\user\AppData\Roaming\Babylon => Moved successfully.
C:\Users\user\AppData\Roaming\Mipony => Moved successfully.
C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw.sys => Moved successfully.
C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w.sys => Moved successfully.
C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys => Moved successfully.
EmptyTemp: => Removed 184.9 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====