FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by aniol (administrator) on BETA on 30-05-2015 16:53:04
Running from G:\od jara
Loaded Profiles: aniol (Available Profiles: aniol)
Platform: Windows 8.1 Enterprise (X64) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Users\aniol\AppData\Roaming\03000200-1428684891-0500-0006-000700080009\nsu9B3B.tmp
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
() C:\Users\aniol\AppData\Roaming\03000200-1428684891-0500-0006-000700080009\jnszC638.tmp
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-27] (Panda Security, S.L.)
HKLM-x32\...\Run: [V0420Mon.exe] => C:\Windows\V0420Mon.exe [32768 2007-04-30] (Creative Technology Ltd.)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
HKU\S-1-5-21-4217446776-3866989794-3294244416-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2765256 2014-11-03] (ALLPlayer Group Ltd.)
HKU\S-1-5-21-4217446776-3866989794-3294244416-1001\...\Run: [ALLPlayer WiFi Remote] => C:\Program Files (x86)\ALLPlayer Remote\ALLPlayerRemoteControl.exe
HKU\S-1-5-21-4217446776-3866989794-3294244416-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-4217446776-3866989794-3294244416-1001\...\Run: [Creative Live! Cam Manager] => C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe [155648 2007-06-07] (Creative Technology Ltd.)
HKU\S-1-5-21-4217446776-3866989794-3294244416-1001\...\MountPoints2: {eb2046f0-99ac-11e4-8250-bc5ff476ffd4} - "G:\setup.exe" 
HKU\S-1-5-21-4217446776-3866989794-3294244416-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-4217446776-3866989794-3294244416-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
HKU\S-1-5-21-4217446776-3866989794-3294244416-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp
URLSearchHook: HKLM-x32 - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-20] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-20] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 10.200.6.1

FireFox:
========
FF ProfilePath: C:\Users\aniol\AppData\Roaming\Mozilla\Firefox\Profiles\0ok35rk7.default-1425135927556
FF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=616_pr__alt__ddc_dss_bd_com&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\Program Files (x86)\Common Files\Nero\BrowserPlugin\npBrowserPlugin.dll [2014-11-27] (Nero AG)
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2321 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2006-01-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1483 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2006-01-28] (RealNetworks, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4217446776-3866989794-3294244416-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\aniol\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\aniol\AppData\Roaming\Mozilla\Firefox\Profiles\0ok35rk7.default-1425135927556\searchplugins\dsrlte1.xml [2015-04-10]
FF SearchPlugin: C:\Users\aniol\AppData\Roaming\Mozilla\Firefox\Profiles\0ok35rk7.default-1425135927556\searchplugins\luckysearches.xml [2015-05-30]
FF SearchPlugin: C:\Users\aniol\AppData\Roaming\Mozilla\Firefox\Profiles\0ok35rk7.default-1425135927556\searchplugins\search-simple.xml [2015-04-10]
FF Extension: jid05R3LLpyrG0a1kPDXAA8ZKmM0bgMjetpack - C:\Users\aniol\AppData\Roaming\Mozilla\Firefox\Profiles\0ok35rk7.default-1425135927556\Extensions\jid0-5R3LLpyrG0a1kPDXAA8ZKmM0bgM@jetpack [2015-04-14]
FF Extension: Mozilla Firefox Hotfixer - C:\Users\aniol\AppData\Roaming\Mozilla\Firefox\Profiles\0ok35rk7.default-1425135927556\Extensions\veggy@veggyAddon.com [2015-04-20]
FF Extension: b555dfc956a840a48619fab2c7ab2c59 - C:\Users\aniol\AppData\Roaming\Mozilla\Firefox\Profiles\0ok35rk7.default-1425135927556\Extensions\{b555dfc9-56a8-40a4-8619-fab2c7ab2c59} [2015-04-14]
FF Extension: Zoom It - C:\Users\aniol\AppData\Roaming\Mozilla\Firefox\Pro...