Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015 Ran by aniol (administrator) on BETA on 30-05-2015 16:53:04 Running from G:\od jara Loaded Profiles: aniol (Available Profiles: aniol) Platform: Windows 8.1 Enterprise (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () C:\Users\aniol\AppData\Roaming\03000200-1428684891-0500-0006-000700080009\nsu9B3B.tmp (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe () C:\Users\aniol\AppData\Roaming\03000200-1428684891-0500-0006-000700080009\jnszC638.tmp (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-27] (Panda Security, S.L.) HKLM-x32\...\Run: [V0420Mon.exe] => C:\Windows\V0420Mon.exe [32768 2007-04-30] (Creative Technology Ltd.) HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe, HKU\S-1-5-21-4217446776-3866989794-3294244416-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2765256 2014-11-03] (ALLPlayer Group Ltd.) HKU\S-1-5-21-4217446776-3866989794-3294244416-1001\...\Run: [ALLPlayer WiFi Remote] => C:\Program Files (x86)\ALLPlayer Remote\ALLPlayerRemoteControl.exe HKU\S-1-5-21-4217446776-3866989794-3294244416-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.) HKU\S-1-5-21-4217446776-3866989794-3294244416-1001\...\Run: [Creative Live! Cam Manager] => C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe [155648 2007-06-07] (Creative Technology Ltd.) HKU\S-1-5-21-4217446776-3866989794-3294244416-1001\...\MountPoints2: {eb2046f0-99ac-11e4-8250-bc5ff476ffd4} - "G:\setup.exe" HKU\S-1-5-21-4217446776-3866989794-3294244416-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKU\S-1-5-21-4217446776-3866989794-3294244416-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/ HKU\S-1-5-21-4217446776-3866989794-3294244416-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp URLSearchHook: HKLM-x32 - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-20] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-20] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 10.200.6.1 FireFox: ======== FF ProfilePath: C:\Users\aniol\AppData\Roaming\Mozilla\Firefox\Profiles\0ok35rk7.default-1425135927556 FF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=616_pr__alt__ddc_dss_bd_com&p= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] () FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-20] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\Program Files (x86)\Common Files\Nero\BrowserPlugin\npBrowserPlugin.dll [2014-11-27] (Nero AG) FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2321 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2006-01-28] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1483 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2006-01-28] (RealNetworks, Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-4217446776-3866989794-3294244416-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\aniol\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\aniol\AppData\Roaming\Mozilla\Firefox\Profiles\0ok35rk7.default-1425135927556\searchplugins\dsrlte1.xml [2015-04-10] FF SearchPlugin: C:\Users\aniol\AppData\Roaming\Mozilla\Firefox\Profiles\0ok35rk7.default-1425135927556\searchplugins\luckysearches.xml [2015-05-30] FF SearchPlugin: C:\Users\aniol\AppData\Roaming\Mozilla\Firefox\Profiles\0ok35rk7.default-1425135927556\searchplugins\search-simple.xml [2015-04-10] FF Extension: jid05R3LLpyrG0a1kPDXAA8ZKmM0bgMjetpack - C:\Users\aniol\AppData\Roaming\Mozilla\Firefox\Profiles\0ok35rk7.default-1425135927556\Extensions\jid0-5R3LLpyrG0a1kPDXAA8ZKmM0bgM@jetpack [2015-04-14] FF Extension: Mozilla Firefox Hotfixer - C:\Users\aniol\AppData\Roaming\Mozilla\Firefox\Profiles\0ok35rk7.default-1425135927556\Extensions\veggy@veggyAddon.com [2015-04-20] FF Extension: b555dfc956a840a48619fab2c7ab2c59 - C:\Users\aniol\AppData\Roaming\Mozilla\Firefox\Profiles\0ok35rk7.default-1425135927556\Extensions\{b555dfc9-56a8-40a4-8619-fab2c7ab2c59} [2015-04-14] FF Extension: Zoom It - C:\Users\aniol\AppData\Roaming\Mozilla\Firefox\Pro...
kopara1