Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-01-2015
Ran by Krzysiek at 2015-01-15 14:41:12 Run:1
Running from C:\Users\Krzysiek\Desktop
Loaded Profiles: Krzysiek & UpdatusUser (Available profiles: Krzysiek & UpdatusUser & iwonka)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Krzysiek\AppData\Roaming\VOPackage\VOsrv.exe
C:\Users\Krzysiek\AppData\Local\ConvertAd\ConvertAd.exe
C:\Users\Krzysiek\AppData\Local\ConvertAd\CASrv.exe
AlternateDataStreams: C:\Users\Krzysiek\Ustawienia lokalne:SlEzWfwY6EfUI1joZhNe9dPe
AlternateDataStreams: C:\Users\Krzysiek\AppData\Local:SlEzWfwY6EfUI1joZhNe9dPe
AlternateDataStreams: C:\Users\Krzysiek\AppData\Local\Dane aplikacji:SlEzWfwY6EfUI1joZhNe9dPe
AlternateDataStreams: C:\Users\Krzysiek\AppData\Local\Temporary Internet Files:3gSYhMO6KjrpBrtfcqM22ypAuq
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
C:\ProgramData\WindowsMangerProtect
C:\Program Files (x86)\XTab\ProtectService.exe
C:\Program Files (x86)\XTab\CmdShell.exe
C:\Program Files (x86)\XTab
C:\Users\Krzysiek\AppData\Local\ConvertAd
C:\Users\Krzysiek\AppData\Roaming\VOPackage
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [215312 2015-01-05] (Client Connect LTD)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.?type=hppppppp
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.?type=hppppppp
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.web/?type=dspp&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.web/?type=dspp&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.?type=hppppppp
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.?type=hppppppp
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.web/?type=dspp&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.web/?type=dspp&q={searchTerms}
HKU\S-1-5-21-1590690370-2170473448-3501157985-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dspp&ts=1420848640&from=cor&uid=ST1000LM014-SSHD-8GB_W3828RXZXXXXW3828RXZ&q={searchTerms}
HKU\S-1-5-21-1590690370-2170473448-3501157985-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.?type=hppppppp
HKU\S-1-5-21-1590690370-2170473448-3501157985-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.?type=hppppppp
HKU\S-1-5-21-1590690370-2170473448-3501157985-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1420848640&from=cor&uid=ST1000LM014-SSHD-8GB_W3828RXZXXXXW3828RXZ&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.web/?type=dspp&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.web/?type=dspp&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.web/?type=dspp&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.web/?type=dspp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1590690370-2170473448-3501157985-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.web/?type=dspp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1590690370-2170473448-3501157985-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3322197&octid=EB_ORIGINAL_CTID&ISID=MF71F6130-6F80-4304-8017-0430A4FC9D62&SearchSource=58&CUI=&UM=8&UP=SP8CCB4E12-79B5-401D-A269-42972AF5CB15&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1590690370-2170473448-3501157985-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.web/?type=dspp&q={searchTerms}
FF Extension: Dynamo Combo 1.0.1 - C:\Users\Krzysiek\AppData\Roaming\Mozilla\Firefox\Profiles\np7zns4e.default\Extensions\{f81878fa-25e9-442d-8ada-79658b6520f2}.xpi [2015-01-12]
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://isearch.", "hxxp://isearch.?type=hppppppp"
CHR DefaultSearchURL: Default -> http://isearch.web/?type=dspp&q={searchTerms}
CHR Extension: (Dynamo Combo) - C:\Users\Krzysiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeghjmajmidjepcpmoogkiajbfjgbojo [2015-01-11]
R2 serverca; C:\Users\Krzysiek\AppData\Local\ConvertAd\CASrv.exe [181760 2015-01-13] () [File not signed]
R2 servervo; C:\Users\Krzysiek\AppData\Roaming\VOPackage\VOsrv.exe [133120 2015-01-10] () [File not signed] <==== ATTENTION
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [473088 2015-01-10] (Fuyu LIMITED) [File not signed]
S2 Update Dynamo Combo; "C:\Program Files (x86)\Dynamo Combo\updateDynamoCombo.exe" [X]
R1 {bf5001a3-ae7a-4910-925a-5060ef2c0508}Gw64; C:\Windows\System32\drivers\{bf5001a3-ae7a-4910-925a-5060ef2c0508}Gw64.sys [48792 2015-01-09] (StdLib)
R1 {ebd8d0c0-e022-4b76-a1f2-bc2963e3a147}Gw64; C:\Windows\System32\drivers\{ebd8d0c0-e022-4b76-a1f2-bc2963e3a147}Gw64.sys [48792 2015-01-13] (StdLib)
R1 {f81878fa-25e9-442d-8ada-79658b6520f2}Gw64; C:\Windows\System32\drivers\{f81878fa-25e9-442d-8ada-79658b6520f2}Gw64.sys [48792 2015-01-10] (StdLib)
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
C:\Windows\system32\Drivers\{ebd8d0c0-e022-4b76-a1f2-bc2963e3a147}Gw64.sys
C:\Windows\System32\drivers\{bf5001a3-ae7a-4910-925a-5060ef2c0508}Gw64.sys
C:\Windows\System32\drivers\{f81878fa-25e9-442d-8ada-79658b6520f2}Gw64.sys
C:\END
EmptyTemp
*****************

"C:\Users\Krzysiek\AppData\Roaming\VOPackage\VOsrv.exe" => File/Directory not found.
"C:\Users\Krzysiek\AppData\Local\ConvertAd\ConvertAd.exe" => File/Directory not found.
"C:\Users\Krzysiek\AppData\Local\ConvertAd\CASrv.exe" => File/Directory not found.
"C:\Users\Krzysiek\Ustawienia lokalne" => ":SlEzWfwY6EfUI1joZhNe9dPe" ADS not found.
C:\Users\Krzysiek\AppData\Local => ":SlEzWfwY6EfUI1joZhNe9dPe" ADS removed successfully.
"C:\Users\Krzysiek\AppData\Local\Dane aplikacji" => ":SlEzWfwY6EfUI1joZhNe9dPe" ADS not found.
"C:\Users\Krzysiek\AppData\Local\Temporary Internet Files" => ":3gSYhMO6KjrpBrtfcqM22ypAuq" ADS not found.
"C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe" => File/Directory not found.
"C:\ProgramData\WindowsMangerProtect" => File/Directory not found.
"C:\Program Files (x86)\XTab\ProtectService.exe" => File/Directory not found.
"C:\Program Files (x86)\XTab\CmdShell.exe" => File/Directory not found.
"C:\Program Files (x86)\XTab" => File/Directory not found.
"C:\Users\Krzysiek\AppData\Local\ConvertAd" => File/Directory not found.
"C:\Users\Krzysiek\AppData\Roaming\VOPackage" => File/Directory not found.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll" => Value Data not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-1590690370-2170473448-3501157985-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKU\S-1-5-21-1590690370-2170473448-3501157985-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1590690370-2170473448-3501157985-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\S-1-5-21-1590690370-2170473448-3501157985-1000\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. 
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. 
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. 
HKU\S-1-5-21-1590690370-2170473448-3501157985-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-1590690370-2170473448-3501157985-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found. 
HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found. 
HKU\S-1-5-21-1590690370-2170473448-3501157985-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. 
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. 
C:\Users\Krzysiek\AppData\Roaming\Mozilla\Firefox\Profiles\np7zns4e.default\Extensions\{f81878fa-25e9-442d-8ada-79658b6520f2}.xpi => Moved successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchURL not detected.
C:\Users\Krzysiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeghjmajmidjepcpmoogkiajbfjgbojo => Moved successfully.
serverca => Service not found.
servervo => Service not found.
WindowsMangerProtect => Service not found.
Update Dynamo Combo => Service deleted successfully.
{bf5001a3-ae7a-4910-925a-5060ef2c0508}Gw64 => Service not found.
{ebd8d0c0-e022-4b76-a1f2-bc2963e3a147}Gw64 => Service not found.
{f81878fa-25e9-442d-8ada-79658b6520f2}Gw64 => Service not found.
SPPD => Service not found.
"C:\Windows\system32\Drivers\{ebd8d0c0-e022-4b76-a1f2-bc2963e3a147}Gw64.sys" => File/Directory not found.
"C:\Windows\System32\drivers\{bf5001a3-ae7a-4910-925a-5060ef2c0508}Gw64.sys" => File/Directory not found.
"C:\Windows\System32\drivers\{f81878fa-25e9-442d-8ada-79658b6520f2}Gw64.sys" => File/Directory not found.
"C:\END" => File/Directory not found.
EmptyTemp => Error: No automatic fix found for this entry.


The system needed a reboot. 

==== End of Fixlog 14:41:13 ====