Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 26-11-2014 01 Ran by dom at 2014-11-28 15:27:09 Run:3 Running from C:\Users\dom\Desktop\przegladarki\Palemoon_download Loaded Profile: dom (Available profiles: dom) Boot Mode: Normal ============================================== Content of fixlist: ***************** Task: {02962626-36C8-4834-A55F-886307C6BCBA} - \{90A7A78F-2EC5-47B6-A71C-4B8517C360ED} No Task File <==== ATTENTION Task: {14915804-8F5B-4575-9BD8-A39919301955} - \{32915F96-A3DA-456E-A10D-D61ADEE074B1} No Task File <==== ATTENTION Task: {30F16754-2729-4E04-9CF0-96D950D71B42} - \{6D67C421-E759-4F2E-B196-DF6E265467FF} No Task File <==== ATTENTION Task: {43446A14-561C-45AB-9A2B-9CEF78D49329} - \{D17EFA07-E262-4CB7-9F38-052CB683B4D9} No Task File <==== ATTENTION Task: {436CB643-FE90-4565-90E1-7C788C7907D5} - \{49DA0E48-7F59-4BC3-887E-5EF1C9DA1348} No Task File <==== ATTENTION Task: {48E17C3A-553A-45F9-9E68-FC5D263CD02B} - \{C02ED746-8A91-47DC-9FFC-5BE1443599C2} No Task File <==== ATTENTION Task: {49E542C3-434B-431E-940F-5946D0299409} - \{7988FE2F-9C1C-4FA5-83E2-EECD818CE45C} No Task File <==== ATTENTION Task: {5796D5E5-656F-4707-A24F-FA82ABD82F2E} - \{6E6383E9-68C5-4FD9-B35F-8E8308BEF523} No Task File <==== ATTENTION Task: {5D28D2E4-EC90-4D58-8832-B1778D952243} - \{9BEEE590-7931-4BA5-844C-4C33C2F7A02C} No Task File <==== ATTENTION Task: {6883DB79-DB86-481C-94A8-5ADE4179E76B} - System32\Tasks\{EFADC6C0-73EC-4DA0-98F2-A10461BD60B2} => c:\program files\pale moon\palemoon.exe [2014-11-19] (Moonchild Productions) Task: {68F2E973-65BA-4617-8384-26040F3A5DCE} - \{C6E2C7C1-9BDA-4C07-A826-33CC91A25B90} No Task File <==== ATTENTION Task: {6B53F591-8A71-4832-BA39-A368A268E114} - \{B44EB6FE-548B-4CD7-AAF7-FAA783B54120} No Task File <==== ATTENTION Task: {7EE15068-C548-408B-9682-E55BDED70000} - \{F9F4A78D-C932-44A4-945F-A04CB6D2431A} No Task File <==== ATTENTION Task: {9701DF1D-04F0-4798-B7C2-DFE262D72DE2} - \{86835054-A9B5-4DEE-8C9D-4889EF10967B} No Task File <==== ATTENTION Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X] BootExecute: autocheck autochk * sdnclean.exe S3 AdobeARMservice; "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe" [X] S2 CLPSLS; C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [X] S3 SDScannerService; "C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" [X] S3 SDUpdateService; "C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" [X] S3 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [X] S3 dgderdrv; System32\drivers\dgderdrv.sys [X] S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 motccgp; system32\DRIVERS\motccgp.sys [X] S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X] S3 MotDev; system32\DRIVERS\motodrv.sys [X] S3 motmodem; system32\DRIVERS\motmodem.sys [X] HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CLPSLS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service" HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = StartMenuInternet: IEXPLORE.EXE - FF StartMenuInternet: FIREFOX.EXE - BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32.dll No File FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll No File C:\windows\system32\Drivers\mfeavfk.sys C:\windows\system32\Drivers\mfebopk.sys C:\windows\system32\Drivers\mfehidk.sys C:\windows\system32\Drivers\mferkdk.sys C:\windows\system32\Drivers\mfesmfk.sys C:\windows\system32\Drivers\Mpfp.sys Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1 /f Reboot: ***************** "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02962626-36C8-4834-A55F-886307C6BCBA}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02962626-36C8-4834-A55F-886307C6BCBA}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{90A7A78F-2EC5-47B6-A71C-4B8517C360ED}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14915804-8F5B-4575-9BD8-A39919301955}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14915804-8F5B-4575-9BD8-A39919301955}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{32915F96-A3DA-456E-A10D-D61ADEE074B1}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{30F16754-2729-4E04-9CF0-96D950D71B42}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30F16754-2729-4E04-9CF0-96D950D71B42}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6D67C421-E759-4F2E-B196-DF6E265467FF}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43446A14-561C-45AB-9A2B-9CEF78D49329}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43446A14-561C-45AB-9A2B-9CEF78D49329}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D17EFA07-E262-4CB7-9F38-052CB683B4D9}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{436CB643-FE90-4565-90E1-7C788C7907D5}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{436CB643-FE90-4565-90E1-7C788C7907D5}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{49DA0E48-7F59-4BC3-887E-5EF1C9DA1348}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48E17C3A-553A-45F9-9E68-FC5D263CD02B}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48E17C3A-553A-45F9-9E68-FC5D263CD02B}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C02ED746-8A91-47DC-9FFC-5BE1443599C2}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49E542C3-434B-431E-940F-5946D0299409}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49E542C3-434B-431E-940F-5946D0299409}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7988FE2F-9C1C-4FA5-83E2-EECD818CE45C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5796D5E5-656F-4707-A24F-FA82ABD82F2E}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5796D5E5-656F-4707-A24F-FA82ABD82F2E}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6E6383E9-68C5-4FD9-B35F-8E8308BEF523}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D28D2E4-EC90-4D58-8832-B1778D952243}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D28D2E4-EC90-4D58-8832-B1778D952243}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9BEEE590-7931-4BA5-844C-4C33C2F7A02C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6883DB79-DB86-481C-94A8-5ADE4179E76B}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6883DB79-DB86-481C-94A8-5ADE4179E76B}" => Key deleted successfully. C:\Windows\System32\Tasks\{EFADC6C0-73EC-4DA0-98F2-A10461BD60B2} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EFADC6C0-73EC-4DA0-98F2-A10461BD60B2}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68F2E973-65BA-4617-8384-26040F3A5DCE}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68F2E973-65BA-4617-8384-26040F3A5DCE}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C6E2C7C1-9BDA-4C07-A826-33CC91A25B90}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B53F591-8A71-4832-BA39-A368A268E114}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B53F591-8A71-4832-BA39-A368A268E114}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B44EB6FE-548B-4CD7-AAF7-FAA783B54120}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EE15068-C548-408B-9682-E55BDED70000}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EE15068-C548-408B-9682-E55BDED70000}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F9F4A78D-C932-44A4-945F-A04CB6D2431A}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9701DF1D-04F0-4798-B7C2-DFE262D72DE2}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9701DF1D-04F0-4798-B7C2-DFE262D72DE2}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{86835054-A9B5-4DEE-8C9D-4889EF10967B}" => Key deleted successfully. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => Key deleted successfully. HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully. AdobeARMservice => Service deleted successfully. CLPSLS => Service deleted successfully. SDScannerService => Service deleted successfully. SDUpdateService => Service deleted successfully. SDWSCService => Service deleted successfully. dgderdrv => Service deleted successfully. ewusbnet => Service deleted successfully. ew_hwusbdev => Service deleted successfully. huawei_enumerator => Service deleted successfully. hwdatacard => Service deleted successfully. motccgp => Service deleted successfully. motccgpfl => Service deleted successfully. MotDev => Service deleted successfully. motmodem => Service deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MCODS" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\CLPSLS" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MCODS" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MpfService" => Key deleted successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value deleted successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Value was restored successfully. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully. "HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully. "HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully. "HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer" => Key not found. "HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer" => Key deleted successfully. C:\windows\system32\Adobe\Director\np32dsw_1204144.dll => Moved successfully. "HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2" => Key deleted successfully. "HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2" => Key deleted successfully. "HKLM\Software\MozillaPlugins\Adobe Reader" => Key not found. C:\windows\system32\Drivers\mfeavfk.sys => Moved successfully. C:\windows\system32\Drivers\mfebopk.sys => Moved successfully. C:\windows\system32\Drivers\mfehidk.sys => Moved successfully. C:\windows\system32\Drivers\mferkdk.sys => Moved successfully. C:\windows\system32\Drivers\mfesmfk.sys => Moved successfully. C:\windows\system32\Drivers\Mpfp.sys => Moved successfully. ========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= The system needed a reboot. ==== End of Fixlog ====