Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-01-2015 01
Ran by Aga at 2015-01-25 11:12:54 Run:1
Running from C:\Documents and Settings\Aga\Pulpit
Loaded Profiles: Aga (Available profiles: Aga)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
CloseProcesses:
CreateRestorePoint:
R1 {ebd8d0c0-e022-4b76-a1f2-bc2963e3a147}Gt; C:\WINDOWS\System32\drivers\{ebd8d0c0-e022-4b76-a1f2-bc2963e3a147}Gt.sys [55832 2015-01-13] (StdLib)
R1 {f81878fa-25e9-442d-8ada-79658b6520f2}Gt; C:\WINDOWS\System32\drivers\{f81878fa-25e9-442d-8ada-79658b6520f2}Gt.sys [55832 2015-01-12] (StdLib)
R4 IHProtect Service; C:\Program Files\XTab\ProtectService.exe [158864 2014-12-29] (XTab system)
R4 WindowsMangerProtect; C:\Documents and Settings\All Users\Dane aplikacji\WindowsMangerProtect\ProtectWindowsManager.exe [473088 2015-01-12] (Fuyu LIMITED) [File not signed]
S4 Update Dynamo Combo; "C:\Program Files\Dynamo Combo\updateDynamoCombo.exe" [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1421093265&from=cor&uid=ST9120822AS_5LZ3QQETXXXX5LZ3QQET&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1421093265&from=cor&uid=ST9120822AS_5LZ3QQETXXXX5LZ3QQET&q={searchTerms}
HKU\S-1-5-21-839522115-1450960922-2147179587-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1421093265&from=cor&uid=ST9120822AS_5LZ3QQETXXXX5LZ3QQET&q={searchTerms}
HKU\S-1-5-21-839522115-1450960922-2147179587-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-839522115-1450960922-2147179587-1004\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1421093265&from=cor&uid=ST9120822AS_5LZ3QQETXXXX5LZ3QQET&q={searchTerms}
SearchScopes: HKU\S-1-5-21-839522115-1450960922-2147179587-1004 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKU\S-1-5-21-839522115-1450960922-2147179587-1004 -> No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
C:\Documents and Settings\All Users\Dane aplikacji\IHProtectUpDate
C:\Documents and Settings\All Users\Dane aplikacji\Installations
C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
C:\Documents and Settings\All Users\Dane aplikacji\WindowsMangerProtect
C:\Documents and Settings\Aga\Dane aplikacji\omiga-plus
C:\Documents and Settings\Aga\Ustawienia lokalne\Dane aplikacji\Sunbelt Software
C:\Documents and Settings\Aga\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Preferences
C:\Documents and Settings\Aga\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Loca Storage\*localstorage*
C:\Program Files\XTab
C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
C:\WINDOWS\system32\rp_rules.dat
C:\WINDOWS\system32\rp_stats.dat
C:\WINDOWS\System32\drivers\{ebd8d0c0-e022-4b76-a1f2-bc2963e3a147}Gt.sys
C:\WINDOWS\System32\drivers\{f81878fa-25e9-442d-8ada-79658b6520f2}Gt.sys
C:\WINDOWS\system32\Drivers\SBREDrv.sys
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched" /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f
CMD: attrib /d /s -r -s -h C:\FOUND.*
CMD: for /d %f in (C:\FOUND.*) do rd /s /q "%f"
EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
{ebd8d0c0-e022-4b76-a1f2-bc2963e3a147}Gt => Unable to stop service
{ebd8d0c0-e022-4b76-a1f2-bc2963e3a147}Gt => Service deleted successfully.
{f81878fa-25e9-442d-8ada-79658b6520f2}Gt => Unable to stop service
{f81878fa-25e9-442d-8ada-79658b6520f2}Gt => Service deleted successfully.
IHProtect Service => Service deleted successfully.
WindowsMangerProtect => Service deleted successfully.
Update Dynamo Combo => Service deleted successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-839522115-1450960922-2147179587-1004\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKU\S-1-5-21-839522115-1450960922-2147179587-1004\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully.
HKU\S-1-5-21-839522115-1450960922-2147179587-1004\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
"HKU\S-1-5-21-839522115-1450960922-2147179587-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found. 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} => Key not found. 
HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} => Key not found. 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found. 
"HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found. 
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
HKU\S-1-5-21-839522115-1450960922-2147179587-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} => value deleted successfully.
HKCR\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} => Key not found. 
HKLM\Software\Mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} => value deleted successfully.
C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\IHProtectUpDate => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Installations => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\WindowsMangerProtect => Moved successfully.
C:\Documents and Settings\Aga\Dane aplikacji\omiga-plus => Moved successfully.
C:\Documents and Settings\Aga\Ustawienia lokalne\Dane aplikacji\Sunbelt Software => Moved successfully.
C:\Documents and Settings\Aga\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Preferences => Moved successfully.
"C:\Documents and Settings\Aga\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Loca Storage\*localstorage*" => File/Directory not found.
C:\Program Files\XTab => Moved successfully.
C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension => Moved successfully.
C:\WINDOWS\system32\rp_rules.dat => Moved successfully.
C:\WINDOWS\system32\rp_stats.dat => Moved successfully.
C:\WINDOWS\System32\drivers\{ebd8d0c0-e022-4b76-a1f2-bc2963e3a147}Gt.sys => Moved successfully.
C:\WINDOWS\System32\drivers\{f81878fa-25e9-442d-8ada-79658b6520f2}Gt.sys => Moved successfully.
C:\WINDOWS\system32\Drivers\SBREDrv.sys => Moved successfully.

========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM" /f =========


Błąd: system nie może odnaleźć określonego klucza rejestru lub wartości.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher" /f =========


Błąd: system nie może odnaleźć określonego klucza rejestru lub wartości.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched" /f =========


Błąd: system nie może odnaleźć określonego klucza rejestru lub wartości.


========= End of Reg: =========


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


=========  attrib /d /s -r -s -h C:\FOUND.* =========


========= End of CMD: =========


=========  for /d %f in (C:\FOUND.*) do rd /s /q "%f" =========


========= End of CMD: =========

EmptyTemp: => Removed 674.1 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 11:14:19 ====