Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-08-2013 01 Ran by Kuba (administrator) on 25-08-2013 11:08:08 Running from G:\ Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe () C:\Windows\system32\srvany.exe () C:\Windows\KMService.exe (Skype Technologies) C:\Program Files\Skype\Updater\Updater.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (TOSHIBA Corporation.) C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (Chicony) C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ( ) C:\Program Files\ChomikBox\chomikbox.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe (TOSHIBA Corporation.) C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904 2008-08-14] (Synaptics, Inc.) HKLM\...\Run: [ITSecMng] - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION) HKLM\...\Run: [HDMICtrlMan] - C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [832856 2009-08-03] (TOSHIBA Corporation.) HKLM\...\Run: [Camera Assistant Software] - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [417792 2009-04-10] (Chicony) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [17418928 2012-07-13] (Skype Technologies S.A.) HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd) HKCU\...\Run: [ALLUpdate] - C:\Program Files\ALLPlayer\ALLUpdate.exe [2995712 2013-07-19] (ALLPlayer Group Ltd.) HKCU\...\Run: [ChomikBox] - C:\Program Files\ChomikBox\chomikbox.exe [5979648 2013-01-16] ( ) MountPoints2: {482e050e-b93a-11e0-a292-00215c29d691} - E:\MicroLauncher.exe MountPoints2: {5d84fd2b-e068-11e0-a70b-001e33551e82} - E:\Setup.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.) ==================== Internet (Whitelisted) ==================== BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 89.151.0.5 89.151.0.27 FireFox: ======== FF ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\9fhdhqkh.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Skype extension - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} Chrome: ======= CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll () CHR Plugin: (Skype Toolbars) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\npSkypeChromePlugin.dll (Skype Technologies S.A.) CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.) CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) CHR Extension: (Skype Extension) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0 CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx ========================== Services (Whitelisted) ================= R2 KMService; C:\Windows\system32\srvany.exe [8192 2011-07-05] () ==================== Drivers (Whitelisted) ==================== R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [232512 2011-09-16] (DT Soft Ltd) S3 hwusbfake; C:\Windows\System32\DRIVERS\ewusbfake.sys [103040 2009-08-04] (Huawei Technologies Co., Ltd.) R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [17960 2009-04-10] (Chicony Electronics Co., Ltd.) S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-25 11:05 - 2013-08-25 11:05 - 00001037 _____ C:\Users\Public\Desktop\ALL Media Server.lnk 2013-08-25 11:05 - 2013-08-25 11:05 - 00000000 ____D C:\Users\Kuba\AppData\Local\ALLMediaServer 2013-08-25 11:05 - 2013-08-25 11:05 - 00000000 ____D C:\Program Files\ALLMediaServer 2013-08-25 11:05 - 2013-04-05 21:26 - 00276992 _____ (IntelleSoft) C:\Windows\system32\BugTrap.dll 2013-08-25 11:04 - 2013-08-25 11:05 - 43868674 _____ (ALLPlayer ) C:\Users\Kuba\Downloads\ALLPlayerPL (1).exe 2013-08-25 02:21 - 2013-08-25 02:21 - 00000000 ____D C:\FRST 2013-08-24 18:53 - 2013-08-24 18:54 - 00000000 ____D C:\AdwCleaner 2013-08-24 18:53 - 2013-08-24 18:53 - 00000000 ____D C:\Users\Kuba\Desktop\Stare dane programu Firefox 2013-08-24 14:51 - 2013-08-24 14:51 - 00000570 _____ C:\Windows\PFRO.log 2013-08-24 14:23 - 2013-08-24 14:23 - 00002906 _____ C:\Users\Kuba\Documents\26.reg 2013-08-24 14:22 - 2013-08-24 14:22 - 00002926 _____ C:\Users\Kuba\Documents\25.reg 2013-08-14 21:32 - 2013-08-25 11:06 - 00028832 _____ C:\Windows\WindowsUpdate.log 2013-08-14 21:13 - 2013-08-25 11:06 - 00001460 _____ C:\Windows\setupact.log 2013-08-14 21:13 - 2013-08-14 21:13 - 00000000 _____ C:\Windows\setuperr.log 2013-07-27 20:47 - 2013-07-27 20:47 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk ==================== One Month Modified Files and Folders ======= 2013-08-25 11:07 - 2012-01-24 18:56 - 00000000 ____D C:\Users\Kuba\.gstreamer-0.10 2013-08-25 11:07 - 2011-07-10 12:21 - 00001028 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-08-25 11:06 - 2013-08-14 21:32 - 00028832 _____ C:\Windows\WindowsUpdate.log 2013-08-25 11:06 - 2013-08-14 21:13 - 00001460 _____ C:\Windows\setupact.log 2013-08-25 11:06 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-25 11:06 - 2009-07-14 06:34 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-25 11:06 - 2009-07-14 06:34 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-25 11:05 - 2013-08-25 11:05 - 00876544 _____ C:\Windows\isRS-000.tmp 2013-08-25 11:05 - 2013-08-25 11:05 - 00001037 _____ C:\Users\Public\Desktop\ALL Media Server.lnk 2013-08-25 11:05 - 2013-08-25 11:05 - 00000000 ____D C:\Users\Kuba\AppData\Local\ALLMediaServer 2013-08-25 11:05 - 2013-08-25 11:05 - 00000000 ____D C:\Program Files\ALLMediaServer 2013-08-25 11:05 - 2013-08-25 11:04 - 43868674 _____ (ALLPlayer ) C:\Users\Kuba\Downloads\ALLPlayerPL (1).exe 2013-08-25 11:05 - 2012-01-07 20:32 - 00000000 ____D C:\Users\Kuba\AppData\Local\ALLPlayer 2013-08-25 11:05 - 2012-01-07 20:32 - 00000000 ____D C:\Program Files\ALLPlayer 2013-08-25 11:03 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\LogFiles 2013-08-25 02:21 - 2013-08-25 02:21 - 00000000 ____D C:\FRST 2013-08-24 18:54 - 2013-08-24 18:53 - 00000000 ____D C:\AdwCleaner 2013-08-24 18:53 - 2013-08-24 18:53 - 00000000 ____D C:\Users\Kuba\Desktop\Stare dane programu Firefox 2013-08-24 16:02 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF 2013-08-24 14:51 - 2013-08-24 14:51 - 00000570 _____ C:\Windows\PFRO.log 2013-08-24 14:39 - 2011-07-05 18:08 - 01558616 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-24 14:39 - 2009-07-14 10:07 - 00701494 _____ C:\Windows\system32\perfh015.dat 2013-08-24 14:39 - 2009-07-14 10:07 - 00136480 _____ C:\Windows\system32\perfc015.dat 2013-08-24 14:23 - 2013-08-24 14:23 - 00002906 _____ C:\Users\Kuba\Documents\26.reg 2013-08-24 14:22 - 2013-08-24 14:22 - 00002926 _____ C:\Users\Kuba\Documents\25.reg 2013-08-14 21:13 - 2013-08-14 21:13 - 00000000 _____ C:\Windows\setuperr.log 2013-08-13 09:57 - 2012-11-04 23:33 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-08-13 09:44 - 2011-07-10 12:22 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-08-12 02:45 - 2011-07-10 12:22 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Skype 2013-08-05 00:00 - 2011-07-09 17:26 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\uTorrent 2013-08-03 00:42 - 2011-07-09 17:34 - 00000000 ____D C:\Filmy 2013-08-01 16:01 - 2011-07-10 12:22 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-07-27 20:47 - 2013-07-27 20:47 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk 2013-07-27 20:47 - 2011-07-10 12:21 - 00000000 ____D C:\Program Files\Google ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-02 16:54 ==================== End Of Log ============================