Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 04-03-2015
Ran by xXx at 2015-03-05 08:55:33 Run:1
Running from C:\Documents and Settings\xXx\Moje dokumenty\Downloads
Loaded Profiles: xXx (Available profiles: xXx)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
CloseProcesses:
CreateRestorePoint:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1606980848-789336058-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1606980848-789336058-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-1606980848-789336058-682003330-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1606980848-789336058-682003330-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1404977115&from=tt4u&uid=SAMSUNGXSP6003H_0594J1FW206897&q={searchTerms}
CustomCLSID: HKU\S-1-5-21-1606980848-789336058-682003330-1003_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1606980848-789336058-682003330-1003_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1606980848-789336058-682003330-1003_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
S2 NvNetworkService; "C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe" [X]
S3 catchme; \??\C:\DOCUME~1\xXx\USTAWI~1\Temp\catchme.sys [X]
S3 cpuz137; \??\C:\DOCUME~1\xXx\USTAWI~1\Temp\cpuz137\cpuz137_x32.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 XDva410; \??\C:\WINDOWS\system32\XDva410.sys [X]
S3 XDva412; \??\C:\WINDOWS\system32\XDva412.sys [X]
S3 XDva415; \??\C:\WINDOWS\system32\XDva415.sys [X]
C:\Documents and Settings\All Users\Dane aplikacji\TEMP
C:\Documents and Settings\All Users\Menu Start\Programy\Lavalys
C:\Documents and Settings\All Users\Menu Start\Programy\NVIDIA Corporation
C:\Documents and Settings\xXx\Menu Start\Programs\Quake III Arena
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f
EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1606980848-789336058-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-21-1606980848-789336058-682003330-1003\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1606980848-789336058-682003330-1003\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKU\S-1-5-21-1606980848-789336058-682003330-1003\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
"HKU\S-1-5-21-1606980848-789336058-682003330-1003_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}" => Key deleted successfully.
"HKU\S-1-5-21-1606980848-789336058-682003330-1003_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}" => Key deleted successfully.
"HKU\S-1-5-21-1606980848-789336058-682003330-1003_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\Adobe Reader" => Key deleted successfully.
NvNetworkService => Service deleted successfully.
catchme => Service deleted successfully.
cpuz137 => Service deleted successfully.
esgiguard => Service deleted successfully.
XDva410 => Service deleted successfully.
XDva412 => Service deleted successfully.
XDva415 => Service deleted successfully.
C:\Documents and Settings\All Users\Dane aplikacji\TEMP => Moved successfully.
C:\Documents and Settings\All Users\Menu Start\Programy\Lavalys => Moved successfully.
C:\Documents and Settings\All Users\Menu Start\Programy\NVIDIA Corporation => Moved successfully.
C:\Documents and Settings\xXx\Menu Start\Programs\Quake III Arena => Moved successfully.

========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========

EmptyTemp: => Removed 165.4 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 08:56:06 ====