Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-01-2015
Ran by Justyna at 2015-01-07 10:28:56 Run:1
Running from C:\Users\Justyna\Desktop\Do logów
Loaded Profile: Justyna (Available profiles: Justyna)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
CreateRestorePoint:
S1 ElRawDisk; \??\C:\Windows\system32\drivers\rsdrvx64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
Task: {8AD4C0C5-A4BB-44E4-85D1-3737047DC28D} - System32\Tasks\{ACA4A858-16A6-47DB-8CDA-86B66BD22196} => pcalua.exe -a F:\SETUP.EXE -d F:\
HKLM-x32\...\Run: [DXM6Patch_981116] => C:\Windows\p_981116.exe /Q:A
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1264171829-1937904821-877429023-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1264171829-1937904821-877429023-1001\...\Policies\Explorer: [NoControlPanel] 0
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1264171829-1937904821-877429023-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-1264171829-1937904821-877429023-1001 -> {szukaj.gazeta.pl} URL = http://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms}
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Justyna\AppData\Roaming\Mozilla\Firefox\Profiles\ul984mml.default\extensions\detgdp@gmail.com
C:\ProgramData\Temp
Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f
EmptyTemp:
*****************

Processes closed successfully.
Error: (0) Failed to create a restore point.
ElRawDisk => Service deleted successfully.
MBAMSwissArmy => Service deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8AD4C0C5-A4BB-44E4-85D1-3737047DC28D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AD4C0C5-A4BB-44E4-85D1-3737047DC28D}" => Key deleted successfully.
C:\Windows\System32\Tasks\{ACA4A858-16A6-47DB-8CDA-86B66BD22196} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ACA4A858-16A6-47DB-8CDA-86B66BD22196}" => Key deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DXM6Patch_981116 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value deleted successfully.
HKU\S-1-5-21-1264171829-1937904821-877429023-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value deleted successfully.
HKU\S-1-5-21-1264171829-1937904821-877429023-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. 
HKU\S-1-5-21-1264171829-1937904821-877429023-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-1264171829-1937904821-877429023-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{szukaj.gazeta.pl}" => Key deleted successfully.
HKCR\CLSID\{szukaj.gazeta.pl} => Key not found. 
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\detgdp@gmail.com => value deleted successfully.
C:\ProgramData\Temp => Moved successfully.

========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f =========

Operacja ukoäczona pomylnie.


========= End of Reg: =========

EmptyTemp: => Removed 367 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 10:29:32 ====