Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
Ran by user at 2015-01-10 16:30:05 Run:1
Running from C:\Users\user\Downloads
Loaded Profile: user (Available profiles: user)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
CreateRestorePoint:
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1419886090&from=cor&uid=TOSHIBAXMK6475GSX_Y199FKJASXXY199FKJAS
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1419886090&from=cor&uid=TOSHIBAXMK6475GSX_Y199FKJASXXY199FKJAS
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1419886090&from=cor&uid=TOSHIBAXMK6475GSX_Y199FKJASXXY199FKJAS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1419886090&from=cor&uid=TOSHIBAXMK6475GSX_Y199FKJASXXY199FKJAS
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1419886090&from=cor&uid=TOSHIBAXMK6475GSX_Y199FKJASXXY199FKJAS&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1419886090&from=cor&uid=TOSHIBAXMK6475GSX_Y199FKJASXXY199FKJAS&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1419886090&from=cor&uid=TOSHIBAXMK6475GSX_Y199FKJASXXY199FKJAS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1419886090&from=cor&uid=TOSHIBAXMK6475GSX_Y199FKJASXXY199FKJAS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419886090&from=cor&uid=TOSHIBAXMK6475GSX_Y199FKJASXXY199FKJAS&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419886090&from=cor&uid=TOSHIBAXMK6475GSX_Y199FKJASXXY199FKJAS&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc&ts=1419886090&from=cor&uid=TOSHIBAXMK6475GSX_Y199FKJASXXY199FKJAS
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419886090&from=cor&uid=TOSHIBAXMK6475GSX_Y199FKJASXXY199FKJAS&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419886090&from=cor&uid=TOSHIBAXMK6475GSX_Y199FKJASXXY199FKJAS&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419886090&from=cor&uid=TOSHIBAXMK6475GSX_Y199FKJASXXY199FKJAS&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1419886090&from=cor&uid=TOSHIBAXMK6475GSX_Y199FKJASXXY199FKJAS&q={searchTerms}
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omiga-plus.xml
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\mzl5xuun.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://isearch.omiga-plus.com/?type=sc&ts=1419886090&from=cor&uid=TOSHIBAXMK6475GSX_Y199FKJASXXY199FKJAS
Task: {A603E002-438D-4D5C-8ABC-B97081938D25} - System32\Tasks\{189DCC04-9A31-40C4-A868-DA1AE6B47940} => pcalua.exe -a C:\Users\user\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=cor
S3 netr28ux; system32\DRIVERS\netr28ux.sys [X]
C:\ProgramData\APN
C:\ProgramData\WindowsMangerProtect
C:\Users\user\AppData\Roaming\IHlpr
C:\Users\user\AppData\Roaming\OpenCandy
C:\Users\user\AppData\Roaming\WebTest
Folder: C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions
CMD: type "C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Preferences"
Reg: reg query "HKLM\SOFTWARE\Clients\StartMenuInternet\OperaStable\shell\open\command" /s
EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk => Shortcut argument was removed successfully.
C:\Users\Public\Desktop\Mozilla Firefox.lnk => Shortcut argument was removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. 
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omiga-plus.xml => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\faststartff@gmail.com => value deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A603E002-438D-4D5C-8ABC-B97081938D25}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A603E002-438D-4D5C-8ABC-B97081938D25}" => Key deleted successfully.
C:\Windows\System32\Tasks\{189DCC04-9A31-40C4-A868-DA1AE6B47940} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{189DCC04-9A31-40C4-A868-DA1AE6B47940}" => Key deleted successfully.
netr28ux => Service deleted successfully.
C:\ProgramData\APN => Moved successfully.
C:\ProgramData\WindowsMangerProtect => Moved successfully.
C:\Users\user\AppData\Roaming\IHlpr => Moved successfully.
C:\Users\user\AppData\Roaming\OpenCandy => Moved successfully.
C:\Users\user\AppData\Roaming\WebTest => Moved successfully.

========================= Folder: C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions ========================

Directory Not Found

=========  type "C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Preferences" =========


========= End of CMD: =========


========= reg query "HKLM\SOFTWARE\Clients\StartMenuInternet\OperaStable\shell\open\command" /s =========


HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\OperaStable\shell\open\command
    (domylny)    REG_SZ    "C:\Program Files (x86)\Opera\Launcher.exe" http://isearch.omiga-plus.com/?type=sc&ts=1419886090&from=cor&uid=TOSHIBAXMK6475GSX_Y199FKJASXXY199FKJAS



========= End of Reg: =========

EmptyTemp: => Removed 11.6 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 16:32:32 ====