Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-12-2014 02 Ran by tomek at 2014-12-13 09:43:45 Run:1 Running from C:\Users\tomek\Downloads Loaded Profile: tomek (Available profiles: tomek) Boot Mode: Normal ============================================== Content of fixlist: ***************** S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X] Task: {0031B9EB-2F29-44FF-80A8-52927428F84D} - System32\Tasks\{191544E6-9E7D-446A-9E69-8DD9B120C8D4} => pcalua.exe -a "C:\Program Files\HWiNFO32\HW32inst.EXE" -d "C:\Program Files\HWiNFO32" Task: {09D5F98B-7067-4C3E-AF29-4E5DBAAB965A} - System32\Tasks\{715CD22D-1D0C-448F-BEB1-B3DD424A5B30} => pcalua.exe -a C:\Windows\system32\ijjiSetup.exe -d C:\Windows\system32 -c -x "<PARAM><FORCEDELETE>1</FORCEDELETE><MODE>reactor</MODE><SOURCE>http://cdn.ijjimax.com/nhnusa/dist/hansetup/newcontrolff.xml</SOURCE></PARAM>" -w 131682 Task: {427997FA-48D6-40EE-AEBC-43A0F875838D} - System32\Tasks\{6BF9B1F9-6B88-4ADF-B743-AB38331BF8EB} => pcalua.exe -a C:\Users\tomek\Downloads\ARMA2Free_setup(dobreprogramy.pl)\ARMA2Free_setup.exe -d C:\Users\tomek\Downloads\ARMA2Free_setup(dobreprogramy.pl) Task: {43AAA14B-B513-4B2C-819F-7CCB32330862} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe Task: {78F1E2B3-DBC6-499B-9F82-B65C1D685782} - System32\Tasks\{FEE68D86-1812-4E11-A415-089B9D393A40} => pcalua.exe -a C:\Users\tomek\Downloads\VCR446Free.exe -d C:\Users\tomek\Downloads Task: {A8F0992D-DE5D-4A7A-B101-6FEA91D98EAC} - System32\Tasks\{E13F2A9F-D018-48C3-8A3A-E27A55748982} => pcalua.exe -a C:\Users\tomek\Downloads\10-2_legacy_vista32-64_dd_ccc.exe -d C:\Users\tomek\Downloads HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension C:\Program Files\mozilla firefox\plugins C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension C:\Windows\system32\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯⹹慤 Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\InCD" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msejfClient" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SecurDisc" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent" /f CMD: sc config hpqddsvc start= demand EmptyTemp: ***************** pccsmcfd => Service deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0031B9EB-2F29-44FF-80A8-52927428F84D}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0031B9EB-2F29-44FF-80A8-52927428F84D}" => Key deleted successfully. C:\Windows\System32\Tasks\{191544E6-9E7D-446A-9E69-8DD9B120C8D4} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{191544E6-9E7D-446A-9E69-8DD9B120C8D4}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09D5F98B-7067-4C3E-AF29-4E5DBAAB965A}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09D5F98B-7067-4C3E-AF29-4E5DBAAB965A}" => Key deleted successfully. C:\Windows\System32\Tasks\{715CD22D-1D0C-448F-BEB1-B3DD424A5B30} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{715CD22D-1D0C-448F-BEB1-B3DD424A5B30}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{427997FA-48D6-40EE-AEBC-43A0F875838D}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{427997FA-48D6-40EE-AEBC-43A0F875838D}" => Key deleted successfully. C:\Windows\System32\Tasks\{6BF9B1F9-6B88-4ADF-B743-AB38331BF8EB} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6BF9B1F9-6B88-4ADF-B743-AB38331BF8EB}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43AAA14B-B513-4B2C-819F-7CCB32330862}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43AAA14B-B513-4B2C-819F-7CCB32330862}" => Key deleted successfully. C:\Windows\System32\Tasks\Java Update Scheduler => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Java Update Scheduler" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{78F1E2B3-DBC6-499B-9F82-B65C1D685782}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78F1E2B3-DBC6-499B-9F82-B65C1D685782}" => Key deleted successfully. C:\Windows\System32\Tasks\{FEE68D86-1812-4E11-A415-089B9D393A40} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FEE68D86-1812-4E11-A415-089B9D393A40}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A8F0992D-DE5D-4A7A-B101-6FEA91D98EAC}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8F0992D-DE5D-4A7A-B101-6FEA91D98EAC}" => Key deleted successfully. C:\Windows\System32\Tasks\{E13F2A9F-D018-48C3-8A3A-E27A55748982} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E13F2A9F-D018-48C3-8A3A-E27A55748982}" => Key deleted successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully. HKLM\Software\Mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} => value deleted successfully. C:\Program Files\mozilla firefox\plugins => Moved successfully. C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension => Moved successfully. C:\Windows\system32\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯⹹慤 => Moved successfully. ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\InCD" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msejfClient" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SecurDisc" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent" /f ========= The operation completed successfully. ========= End of Reg: ========= ========= sc config hpqddsvc start= demand ========= [SC] ChangeServiceConfig SUCCESS ========= End of CMD: ========= EmptyTemp: => Removed 42.4 MB temporary data. The system needed a reboot. ==== End of Fixlog ====