Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 06-05-2015 01
Ran by Witaj at 2015-05-07 08:23:20 Run:1
Running from C:\Documents and Settings\Witaj\Moje dokumenty\Pobrane
Loaded Profiles: Witaj (Available profiles: Witaj)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
CloseProcesses:
R2 IHProtect Service; C:\Program Files\XTab\ProtectService.exe [158864 2015-01-08] (XTab system)
R2 WindowsMangerProtect; C:\Documents and Settings\All Users\Dane aplikacji\WindowsMangerProtect\ProtectWindowsManager.exe [464384 2015-01-20] (SysTool PasSame LIMITED) [File not signed] <==== ATTENTION
U2 CertPropSvc; No ImagePath
U1 eabfiltr; No ImagePath
S3 EverestDriver; \??\C:\DOCUME~1\Witaj\USTAWI~1\Temp\RarSFX0\kerneld.wnt [X]
Task: C:\WINDOWS\Tasks\At1.job => C:\DOCUME~1\Witaj\DANEAP~1\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\WINDOWS\TEMP\{0D775546-2889-402C-9370-006E3AAE4F42}.exe <==== ATTENTION
HKLM\...\Run: [WinampAgent] => "C:\Program Files\Winamp\winampa.exe"
HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe -update plugin
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1421755969&from=cor&uid=ST9160821AS_5MABAXMR
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dspp&ts=1421755969&from=cor&uid=ST9160821AS_5MABAXMR&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1421755969&from=cor&uid=ST9160821AS_5MABAXMR
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1421755969&from=cor&uid=ST9160821AS_5MABAXMR&q={searchTerms}
HKU\S-1-5-21-1645522239-1965331169-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1421755969&from=cor&uid=ST9160821AS_5MABAXMR
HKU\S-1-5-21-1645522239-1965331169-682003330-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1645522239-1965331169-682003330-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1421755969&from=cor&uid=ST9160821AS_5MABAXMR
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1421755969&from=cor&uid=ST9160821AS_5MABAXMR&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1421755969&from=cor&uid=ST9160821AS_5MABAXMR&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1645522239-1965331169-682003330-1003 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9160821AS_5MABAXMR&ts=1421756021&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1645522239-1965331169-682003330-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9160821AS_5MABAXMR&ts=1421756021&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1645522239-1965331169-682003330-1003 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9160821AS_5MABAXMR&ts=1421756021&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1645522239-1965331169-682003330-1003 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9160821AS_5MABAXMR&ts=1421756021&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1645522239-1965331169-682003330-1003 -> {7B7EE163-E2C3-4CCC-8907-962CFE572D9D} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9160821AS_5MABAXMR&ts=1421756021&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1645522239-1965331169-682003330-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9160821AS_5MABAXMR&ts=1421756021&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1645522239-1965331169-682003330-1003 -> {B6C63ACF-8B3C-4389-BE9B-40BC4DBA8DD1} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9160821AS_5MABAXMR&ts=1421756021&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1645522239-1965331169-682003330-1003 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9160821AS_5MABAXMR&ts=1421756021&type=default&q={searchTerms}
BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\XTab\SupTab.dll [2015-01-08] (Thinknice Co. Limited)
Toolbar: HKU\S-1-5-21-1645522239-1965331169-682003330-1003 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hppp&ts=1421755969&from=cor&uid=ST9160821AS_5MABAXMR
CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hppp&ts=1421755969&from=cor&uid=ST9160821AS_5MABAXMR"
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-05-05]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\FireFoxExt\18.3.0.885
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF HKLM\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Documents and Settings\Witaj\Dane aplikacji\Mozilla\Firefox\Profiles\jp58wuxu.default\extensions\fftoolbar2014@etech.com
C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search
C:\Documents and Settings\All Users\Dane aplikacji\WindowsMangerProtect
C:\Documents and Settings\Witaj\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Preferences
C:\Program Files\Mozilla Firefoxavg-secure-search.xml
C:\Program Files\Mozilla Firefox\plugins
C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
C:\Program Files\XTab
C:\Program Files\Common Files\AVG Secure Search
C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
CMD: netsh firewall reset
EmptyTemp:
*****************

Processes closed successfully.
IHProtect Service => Service deleted successfully.
WindowsMangerProtect => Service deleted successfully.
CertPropSvc => Service deleted successfully.
eabfiltr => Service deleted successfully.
EverestDriver => Service deleted successfully.
C:\WINDOWS\Tasks\At1.job => Moved successfully.
C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => Moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate => value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-1645522239-1965331169-682003330-1003\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1645522239-1965331169-682003330-1003\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKU\S-1-5-21-1645522239-1965331169-682003330-1003\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. 
HKU\S-1-5-21-1645522239-1965331169-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-1645522239-1965331169-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. 
"HKU\S-1-5-21-1645522239-1965331169-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}" => Key deleted successfully.
HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => Key not found. 
"HKU\S-1-5-21-1645522239-1965331169-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. 
"HKU\S-1-5-21-1645522239-1965331169-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7B7EE163-E2C3-4CCC-8907-962CFE572D9D}" => Key deleted successfully.
HKCR\CLSID\{7B7EE163-E2C3-4CCC-8907-962CFE572D9D} => Key not found. 
"HKU\S-1-5-21-1645522239-1965331169-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
"HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
"HKU\S-1-5-21-1645522239-1965331169-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B6C63ACF-8B3C-4389-BE9B-40BC4DBA8DD1}" => Key deleted successfully.
HKCR\CLSID\{B6C63ACF-8B3C-4389-BE9B-40BC4DBA8DD1} => Key not found. 
"HKU\S-1-5-21-1645522239-1965331169-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}" => Key deleted successfully.
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => Key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}" => Key deleted successfully.
"HKCR\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}" => Key deleted successfully.
HKU\S-1-5-21-1645522239-1965331169-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value deleted successfully.
"HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => Key deleted successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof" => Key deleted successfully.
C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} => value deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\avg@toolbar => value deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\jqs@sun.com => value deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\fftoolbar2014@etech.com => value deleted successfully.
C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\WindowsMangerProtect => Moved successfully.
C:\Documents and Settings\Witaj\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Preferences => Moved successfully.
C:\Program Files\Mozilla Firefoxavg-secure-search.xml => Moved successfully.
C:\Program Files\Mozilla Firefox\plugins => Moved successfully.
C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml => Moved successfully.
C:\Program Files\XTab => Moved successfully.
C:\Program Files\Common Files\AVG Secure Search => Moved successfully.
C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension => Moved successfully.

========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


=========  netsh firewall reset =========

Ok.


========= End of CMD: =========

EmptyTemp: => Removed 2.3 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 08:26:30 ====