Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-01-2015 01
Ran by User at 2015-01-25 17:15:48 Run:1
Running from C:\Users\User\Downloads
Loaded Profiles: User (Available profiles: User & Test)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
CreateRestorePoint:
R1 {442ad619-2fad-4d96-9434-49e6d1c6e280}Gw64; C:\Windows\System32\drivers\{442ad619-2fad-4d96-9434-49e6d1c6e280}Gw64.sys [48792 2014-12-20] (StdLib)
R1 {db4225e9-90b8-4ca5-99da-da423e504d3d}Gw64; C:\Windows\System32\drivers\{db4225e9-90b8-4ca5-99da-da423e504d3d}Gw64.sys [48792 2014-12-19] (StdLib)
S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X]
HKU\S-1-5-21-1130217176-4031021830-1519301973-1000\...\Run: [HW_OPENEYE_OUC_PLAY ONLINE] => C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [110592 2009-04-14] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-1130217176-4031021830-1519301973-1000\...\Run: [ALLUpdate] => "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9CC540016&ts=1383916579&type=default&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9CC540016&ts=1383916579&type=default&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-1130217176-4031021830-1519301973-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=156
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9CC540016&ts=1383916579&type=default&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=ST1000LM024XHN-M101MBB_S2RQJ9CC540016&ts=1383916579&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1130217176-4031021830-1519301973-1000 -> {szukaj.gazeta.pl} URL = http://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms}
CustomCLSID: HKU\S-1-5-21-1130217176-4031021830-1519301973-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1130217176-4031021830-1519301973-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1130217176-4031021830-1519301973-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1130217176-4031021830-1519301973-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Task: {8C46E089-36E6-4DDB-A563-72F4EEA5D19E} - System32\Tasks\{2BEBB58B-66C7-4C54-8A89-B4904585E017} => pcalua.exe -a "C:\Program Files (x86)\ASUS\RT-N12E Wireless Router Utilities\QISWizard.exe" -d "C:\Program Files (x86)\ASUS\RT-N12E Wireless Router Utilities" -c /nc
Task: {A8276233-DA3F-44C8-A68F-D6AB4EF82555} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {E77D93BB-C2FF-4110-BA4F-903E1086C650} - System32\Tasks\Opera scheduled Autoupdate 1419004772 => C:\Program Files (x86)\Opera\launcher.exe
CHR HKLM\...\Chrome\Extension: [dchmpbaclbiioedakpcldenooikekokm] - C:\Users\User\AppData\Local\foxtab_speeddial.crx [2013-11-04]
CHR HKU\S-1-5-21-1130217176-4031021830-1519301973-1000\...\Chrome\Extension: [dchmpbaclbiioedakpcldenooikekokm] - C:\Users\User\AppData\Local\foxtab_speeddial.crx [2013-11-04]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dchmpbaclbiioedakpcldenooikekokm] - C:\Users\User\AppData\Local\foxtab_speeddial.crx [2013-11-04]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
C:\Program Files (x86)\e6a75288-a604-433f-9ca8-633c471ed540
C:\Program Files (x86)\globalUpdate
C:\Program Files (x86)\iWebar
C:\Program Files (x86)\Mozilla Firefox\plugins
C:\Program Files (x86)\SourceApp
C:\Program Files (x86)\VpnOneClick
C:\Program Files (x86)\XTab
C:\Program Files (x86)\YouTube Accelerator
C:\ProgramData\{*}.log
C:\ProgramData\IHProtectUpDate
C:\ProgramData\Temp
C:\ProgramData\WindowsMangerProtect
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
C:\Users\User\AppData\Local\CrashDumps
C:\Users\User\AppData\Local\CrashRpt
C:\Users\User\AppData\Local\globalUpdate
C:\Users\User\AppData\Roaming\omiga-plus
C:\Users\Public\Documents\GOOBZO
C:\Users\Public\Documents\ShopperPro
C:\Users\Public\Documents\YTAHelper
C:\Users\User\Downloads\*.tmp
C:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
C:\Windows\System32\drivers\{442ad619-2fad-4d96-9434-49e6d1c6e280}Gw64.sys
C:\Windows\System32\drivers\{db4225e9-90b8-4ca5-99da-da423e504d3d}Gw64.sys
C:\windows\SysWOW64\GroupPolicy\GPT.INI
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Bonus.SSR.FR11" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDTray" /f
EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
{442ad619-2fad-4d96-9434-49e6d1c6e280}Gw64 => Service stopped successfully.
{442ad619-2fad-4d96-9434-49e6d1c6e280}Gw64 => Service deleted successfully.
{db4225e9-90b8-4ca5-99da-da423e504d3d}Gw64 => Service stopped successfully.
{db4225e9-90b8-4ca5-99da-da423e504d3d}Gw64 => Service deleted successfully.
sptd => Service deleted successfully.
HKU\S-1-5-21-1130217176-4031021830-1519301973-1000\Software\Microsoft\Windows\CurrentVersion\Run\\HW_OPENEYE_OUC_PLAY ONLINE => value deleted successfully.
HKU\S-1-5-21-1130217176-4031021830-1519301973-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ALLUpdate => value deleted successfully.
C:\windows\system32\GroupPolicy\Machine => Moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-1130217176-4031021830-1519301973-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. 
"HKU\S-1-5-21-1130217176-4031021830-1519301973-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{szukaj.gazeta.pl}" => Key deleted successfully.
HKCR\CLSID\{szukaj.gazeta.pl} => Key not found. 
"HKU\S-1-5-21-1130217176-4031021830-1519301973-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => Key deleted successfully.
"HKU\S-1-5-21-1130217176-4031021830-1519301973-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key deleted successfully.
"HKU\S-1-5-21-1130217176-4031021830-1519301973-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => Key deleted successfully.
"HKU\S-1-5-21-1130217176-4031021830-1519301973-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C46E089-36E6-4DDB-A563-72F4EEA5D19E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C46E089-36E6-4DDB-A563-72F4EEA5D19E}" => Key deleted successfully.
C:\Windows\System32\Tasks\{2BEBB58B-66C7-4C54-8A89-B4904585E017} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2BEBB58B-66C7-4C54-8A89-B4904585E017}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A8276233-DA3F-44C8-A68F-D6AB4EF82555}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8276233-DA3F-44C8-A68F-D6AB4EF82555}" => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office 15 Subscription Heartbeat" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{E77D93BB-C2FF-4110-BA4F-903E1086C650}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E77D93BB-C2FF-4110-BA4F-903E1086C650}" => Key deleted successfully.
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1419004772 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1419004772" => Key deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\dchmpbaclbiioedakpcldenooikekokm" => Key deleted successfully.
C:\Users\User\AppData\Local\foxtab_speeddial.crx => Moved successfully.
"HKU\S-1-5-21-1130217176-4031021830-1519301973-1000\SOFTWARE\Google\Chrome\Extensions\dchmpbaclbiioedakpcldenooikekokm" => Key deleted successfully.
"C:\Users\User\AppData\Local\foxtab_speeddial.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh => Key not found. 
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dchmpbaclbiioedakpcldenooikekokm" => Key deleted successfully.
"C:\Users\User\AppData\Local\foxtab_speeddial.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nneajnkjbffgblleaoojgaacokifdkhm" => Key deleted successfully.
C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx => Moved successfully.
"HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect" => Key deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b} => value deleted successfully.
C:\Program Files (x86)\e6a75288-a604-433f-9ca8-633c471ed540 => Moved successfully.
C:\Program Files (x86)\globalUpdate => Moved successfully.
C:\Program Files (x86)\iWebar => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\plugins => Moved successfully.
C:\Program Files (x86)\SourceApp => Moved successfully.
C:\Program Files (x86)\VpnOneClick => Moved successfully.
C:\Program Files (x86)\XTab => Moved successfully.
C:\Program Files (x86)\YouTube Accelerator => Moved successfully.
C:\ProgramData\{*}.log => Moved successfully.
C:\ProgramData\IHProtectUpDate => Moved successfully.
C:\ProgramData\Temp => Moved successfully.
C:\ProgramData\WindowsMangerProtect => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk => Moved successfully.
C:\Users\User\AppData\Local\CrashDumps => Moved successfully.
C:\Users\User\AppData\Local\CrashRpt => Moved successfully.
C:\Users\User\AppData\Local\globalUpdate => Moved successfully.
C:\Users\User\AppData\Roaming\omiga-plus => Moved successfully.
C:\Users\Public\Documents\GOOBZO => Moved successfully.
C:\Users\Public\Documents\ShopperPro => Moved successfully.
C:\Users\Public\Documents\YTAHelper => Moved successfully.
C:\Users\User\Downloads\*.tmp => Moved successfully.
C:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup => Moved successfully.
C:\Windows\System32\drivers\{442ad619-2fad-4d96-9434-49e6d1c6e280}Gw64.sys => Moved successfully.
C:\Windows\System32\drivers\{db4225e9-90b8-4ca5-99da-da423e504d3d}Gw64.sys => Moved successfully.
"C:\windows\SysWOW64\GroupPolicy\GPT.INI" => File/Directory not found.

========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Bonus.SSR.FR11" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========


========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDTray" /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========

EmptyTemp: => Removed 6.3 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 17:22:18 ====