Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Ewa at 2015-06-19 17:31:05 Run:1
Running from C:\FRST
Loaded Profiles: Ewa (Available Profiles: Ewa)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Task: {09EFFAE9-1578-4C75-985E-C99C7BB653DB} - System32\Tasks\{BCBF357F-F5A5-4AD4-838F-61C8D0DF93F9} => pcalua.exe -a C:\Users\Ewa\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=cor <==== ATTENTION
C:\Users\Ewa\AppData\Roaming\omiga-plus
AlternateDataStreams: C:\Users\Ewa\Ustawienia lokalne:aoscX5mybzVCQHF9IvWlgRtQ0C
AlternateDataStreams: C:\Users\Ewa\Ustawienia lokalne:icj2nmKDa8sogFCXzAVJ
AlternateDataStreams: C:\Users\Ewa\AppData\Local:aoscX5mybzVCQHF9IvWlgRtQ0C
AlternateDataStreams: C:\Users\Ewa\AppData\Local:icj2nmKDa8sogFCXzAVJ
AlternateDataStreams: C:\Users\Ewa\AppData\Local\Dane aplikacji:aoscX5mybzVCQHF9IvWlgRtQ0C
AlternateDataStreams: C:\Users\Ewa\AppData\Local\Dane aplikacji:icj2nmKDa8sogFCXzAVJ
AlternateDataStreams: C:\Users\Ewa\AppData\Local\Temp:DVGdltGpTeqnrFUoXiMywOmQj4
C:\$Recycle.Bin\S-1-5-21-1842668911-658831082-982835230-1001\$3801e37e7992727409e1276672521dc8
C:\$Recycle.Bin\S-1-5-21-1842668911-658831082-982835230-1001
C:\ProgramData\libnspr4.dll
C:\Users\Ewa\acrobatreader.exe
C:\Users\Ewa\conhost.exe
C:\windows\Minidump\*.dmp
S3 BS4132664122; \??\C:\Users\Ewa\AppData\Local\Temp\NTFS.sys [X]
CHR HKLM-x32\...\Chrome\Extension: [fjbbjfdilbioabojmcplalojlmdngbjl] - C:\Users\Ewa\AppData\Local\Temp\swlfiles\smileyswelovetoolbar.crx
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
HKU\S-1-5-21-1842668911-658831082-982835230-1001\...\Winlogon: [Shell] explorer.exe, <==== ATTENTION
HKLM\...\Run: [VideoDownloadConverter Home Page Guard 64 bit] => "C:\PROGRA~2\VIDEOD~2\bar\1.bin\AppIntegrator64.exe"
C:\PROGRA~2\VIDEOD~2\bar\1.bin\AppIntegrator64.exe
EmptyTemp:
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09EFFAE9-1578-4C75-985E-C99C7BB653DB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09EFFAE9-1578-4C75-985E-C99C7BB653DB}" => key removed successfully
C:\Windows\System32\Tasks\{BCBF357F-F5A5-4AD4-838F-61C8D0DF93F9} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BCBF357F-F5A5-4AD4-838F-61C8D0DF93F9}" => key removed successfully
"C:\Users\Ewa\AppData\Roaming\omiga-plus" => File/Folder not found.
"C:\Users\Ewa\Ustawienia lokalne" => ":aoscX5mybzVCQHF9IvWlgRtQ0C" ADS not found.
"C:\Users\Ewa\Ustawienia lokalne" => ":icj2nmKDa8sogFCXzAVJ" ADS not found.
C:\Users\Ewa\AppData\Local => ":aoscX5mybzVCQHF9IvWlgRtQ0C" ADS removed successfully.
C:\Users\Ewa\AppData\Local => ":icj2nmKDa8sogFCXzAVJ" ADS removed successfully.
"C:\Users\Ewa\AppData\Local\Dane aplikacji" => ":aoscX5mybzVCQHF9IvWlgRtQ0C" ADS not found.
"C:\Users\Ewa\AppData\Local\Dane aplikacji" => ":icj2nmKDa8sogFCXzAVJ" ADS not found.
C:\Users\Ewa\AppData\Local\Temp => ":DVGdltGpTeqnrFUoXiMywOmQj4" ADS removed successfully.
C:\$Recycle.Bin\S-1-5-21-1842668911-658831082-982835230-1001\$3801e37e7992727409e1276672521dc8 => moved successfully.
C:\$Recycle.Bin\S-1-5-21-1842668911-658831082-982835230-1001 => moved successfully.
C:\ProgramData\libnspr4.dll => moved successfully.
C:\Users\Ewa\acrobatreader.exe => moved successfully.
C:\Users\Ewa\conhost.exe => moved successfully.
C:\windows\Minidump\*.dmp => moved successfully.
BS4132664122 => Service removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl" => key removed successfully

========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========

HKU\S-1-5-21-1842668911-658831082-982835230-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\VideoDownloadConverter Home Page Guard 64 bit => value removed successfully
"C:\PROGRA~2\VIDEOD~2\bar\1.bin\AppIntegrator64.exe" => File/Folder not found.
EmptyTemp: => 1.9 GB temporary data Removed.


The system needed a reboot.. 

==== End of Fixlog 17:32:07 ====