Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-02-2014 01
Ran by SYSTEM on MINWINPC on 12-02-2014 18:52:05
Running from G:\
Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Recovery

The current controlset is ControlSet001
[b]ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.[/b]


The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904 2008-08-14] (Synaptics, Inc.)
HKLM\...\Run: [ITSecMng] - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [75136 2007-09-28] ( TOSHIBA CORPORATION)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6037504 2008-04-08] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Camera Assistant Software] - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [417792 2008-04-29] (Chicony)
HKLM\...\Run: [HDMICtrlMan] - C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [716800 2008-04-26] (TOSHIBA Corporation.)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [54608 2007-10-31] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [716800 2008-03-19] (TOSHIBA Corporation)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [tvncontrol] - C:\Program Files\TightVNC\tvnserver.exe [1690096 2013-07-19] (GlavSoft LLC.)
HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-20] (Microsoft Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-04-24] (TOSHIBA)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-04-24] (TOSHIBA)
HKU\Klaudia\...\Run: [TOSCDSPD] - TOSCDSPD.EXE
HKU\Klaudia\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\Klaudia\...\Run: [ChomikBox] - C:\Program Files\ChomikBox\chomikbox.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

========================== Services (Whitelisted) =================

S2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2008-04-16] (TOSHIBA CORPORATION)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-07-15] (Google)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
S3 SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [73728 2008-04-24] (Toshiba)
S2 TempoMonitoringService; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [99720 2008-04-24] (Toshiba Europe GmbH)
S2 TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [126976 2007-12-03] (TOSHIBA Corporation)
S2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1690096 2013-07-19] (GlavSoft LLC.)
S2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)

==================== Drivers (Whitelisted) ====================

S3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [34128 2008-03-04] (DemoForge, LLC)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [75480 2014-02-12] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107224 2014-02-12] (Malwarebytes Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S1 MpKsl4766e679; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1A63E705-2415-4E54-8906-2A51A09337C1}\MpKsl4766e679.sys [40392 2014-02-12] (Microsoft Corporation)
S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [141408 2008-02-27] (Realtek Semiconductor Corp.)
S3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [18432 2007-12-17] (Chicony Electronics Co., Ltd.)
S1 abuodihm; \??\C:\Windows\system32\drivers\abuodihm.sys [X]
S1 akdlfeuy; \??\C:\Windows\system32\drivers\akdlfeuy.sys [X]
S1 bdlptnii; \??\C:\Windows\system32\drivers\bdlptnii.sys [X]
S1 dsxqgelt; \??\C:\Windows\system32\drivers\dsxqgelt.sys [X]
S1 ethtrwpv; \??\C:\Windows\system32\drivers\ethtrwpv.sys [X]
S1 eztpateu; \??\C:\Windows\system32\drivers\eztpateu.sys [X]
S1 gtyuxiio; \??\C:\Windows\system32\drivers\gtyuxiio.sys [X]
S1 gxxpbglm; \??\C:\Windows\system32\drivers\gxxpbglm.sys [X]
S1 huncqdbp; \??\C:\Windows\system32\drivers\huncqdbp.sys [X]
S3 igfx; system32\DRIVERS\igdkmd32.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 jyrorhts; \??\C:\Windows\system32\drivers\jyrorhts.sys [X]
S1 lymajafs; \??\C:\Windows\system32\drivers\lymajafs.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 oghyxvei; \??\C:\Windows\system32\drivers\oghyxvei.sys [X]
S1 owdqcwib; \??\C:\Windows\system32\drivers\owdqcwib.sys [X]
S1 oyzhkdgo; \??\C:\Windows\system32\drivers\oyzhkdgo.sys [X]
S1 qhrurfmc; \??\C:\Windows\system32\drivers\qhrurfmc.sys [X]
S1 qlvfpilp; \??\C:\Windows\system32\drivers\qlvfpilp.sys [X]
S1 qrzmwtrp; \??\C:\Windows\system32\drivers\qrzmwtrp.sys [X]
S1 riwlfdod; \??\C:\Windows\system32\drivers\riwlfdod.sys [X]
S1 tjijogan; \??\C:\Windows\system32\drivers\tjijogan.sys [X]
S3 Tosrfcom; No ImagePath
S1 tvlprrrn; \??\C:\Windows\system32\drivers\tvlprrrn.sys [X]
S1 uvsucsal; \??\C:\Windows\system32\drivers\uvsucsal.sys [X]
S1 vepcxnbt; \??\C:\Windows\system32\drivers\vepcxnbt.sys [X]
S1 vwkdeeux; \??\C:\Windows\system32\drivers\vwkdeeux.sys [X]
S1 wljgevkq; \??\C:\Windows\system32\drivers\wljgevkq.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-12 18:51 - 2014-02-12 18:51 - 00000000 ____D () C:\FRST
2014-02-12 09:36 - 2014-02-12 09:39 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-12 09:36 - 2014-02-12 09:36 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-02-12 09:35 - 2014-02-12 09:35 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-02-12 09:35 - 2014-02-12 09:35 - 00000000 ____D () C:\Users\Klaudia\Desktop\mbar
2014-02-10 15:46 - 2014-02-10 15:46 - 00033533 _____ () C:\Users\Klaudia\Desktop\gmer.txt
2014-02-10 14:55 - 2014-02-10 14:55 - 00104960 _____ (GMER) C:\fwldqpow.sys
2014-02-10 05:28 - 2014-02-10 05:28 - 00043734 _____ () C:\Users\Klaudia\Desktop\Extras.Txt
2014-02-10 05:27 - 2014-02-10 05:27 - 00239758 _____ () C:\Users\Klaudia\Desktop\OTL.Txt
2014-02-10 04:03 - 2014-02-10 04:03 - 00602112 _____ (OldTimer Tools) C:\Users\Klaudia\Desktop\OTL.exe
2014-02-03 11:39 - 2014-01-08 08:43 - 00083728 _____ () C:\Users\Klaudia\Desktop\12 Years a Slave (2013) DVDSCR XviD-MAXSPEED www.torentz.3xforum.ro.txt
2014-02-03 11:38 - 2014-02-03 10:43 - 00089159 _____ () C:\Users\Klaudia\Desktop\Blue.Jasmine.2013.DVDScr.XVID.AC3.HQ.Hive-CM8.txt
2014-02-03 11:38 - 2014-01-30 11:18 - 1462572576 ____R () C:\Users\Klaudia\Desktop\12 Years a Slave (2013) DVDSCR XviD-MAXSPEED www.torentz.3xforum.ro.avi
2014-02-03 11:37 - 2014-01-06 03:04 - 1437388800 ____R () C:\Users\Klaudia\Desktop\Blue.Jasmine.2013.DVDScr.XVID.AC3.HQ.Hive-CM8.avi
2014-01-30 13:31 - 2014-01-30 13:31 - 00000911 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-30 12:23 - 2014-01-30 12:23 - 00000809 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-01-30 12:23 - 2014-01-30 12:23 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-30 12:19 - 2014-01-30 12:19 - 00000000 ____D () C:\Program Files\DemoForge
2014-01-30 12:19 - 2008-03-04 15:00 - 00034128 _____ (DemoForge, LLC) C:\Windows\System32\Drivers\dfmirage.sys
2014-01-30 12:19 - 2008-03-04 15:00 - 00032976 _____ (DemoForge, LLC) C:\Windows\System32\dfmirage.dll
2014-01-30 12:15 - 2014-01-30 12:15 - 00000000 ____D () C:\ProgramData\TightVNC
2014-01-30 12:15 - 2014-01-30 12:15 - 00000000 ____D () C:\Program Files\TightVNC

==================== One Month Modified Files and Folders =======

2014-02-12 18:51 - 2014-02-12 18:51 - 00000000 ____D () C:\FRST
2014-02-12 09:39 - 2014-02-12 09:36 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-12 09:36 - 2014-02-12 09:36 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-02-12 09:35 - 2014-02-12 09:35 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-02-12 09:35 - 2014-02-12 09:35 - 00000000 ____D () C:\Users\Klaudia\Desktop\mbar
2014-02-12 09:22 - 2008-12-25 07:38 - 01886281 _____ () C:\Windows\WindowsUpdate.log
2014-02-12 09:08 - 2006-11-02 04:47 - 00003344 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-12 09:08 - 2006-11-02 04:47 - 00003344 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-10 15:49 - 2009-02-01 11:43 - 00000000 ____D () C:\Users\Klaudia\AppData\Roaming\uTorrent
2014-02-10 15:46 - 2014-02-10 15:46 - 00033533 _____ () C:\Users\Klaudia\Desktop\gmer.txt
2014-02-10 14:55 - 2014-02-10 14:55 - 00104960 _____ (GMER) C:\fwldqpow.sys
2014-02-10 05:28 - 2014-02-10 05:28 - 00043734 _____ () C:\Users\Klaudia\Desktop\Extras.Txt
2014-02-10 05:27 - 2014-02-10 05:27 - 00239758 _____ () C:\Users\Klaudia\Desktop\OTL.Txt
2014-02-10 04:51 - 2008-12-25 09:04 - 00000680 _____ () C:\Users\Klaudia\AppData\Local\d3d9caps.dat
2014-02-10 04:04 - 2013-08-31 02:49 - 00000000 ____D () C:\Users\Klaudia\Desktop\Pulpit
2014-02-10 04:03 - 2014-02-10 04:03 - 00602112 _____ (OldTimer Tools) C:\Users\Klaudia\Desktop\OTL.exe
2014-02-10 04:00 - 2008-07-04 02:24 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-02-05 22:05 - 2008-01-20 22:23 - 00000000 ____D () C:\Windows\WindowsMobile
2014-02-04 09:21 - 2006-11-02 04:52 - 00175739 _____ () C:\Windows\setupact.log
2014-02-03 10:43 - 2014-02-03 11:38 - 00089159 _____ () C:\Users\Klaudia\Desktop\Blue.Jasmine.2013.DVDScr.XVID.AC3.HQ.Hive-CM8.txt
2014-01-31 11:53 - 2010-02-04 10:53 - 00000000 ____D () C:\Users\Klaudia\Desktop\PRACA
2014-01-31 11:34 - 2013-08-06 09:19 - 00000000 ____D () C:\Users\Klaudia\AppData\Roaming\BabSolution
2014-01-30 14:18 - 2008-01-20 18:47 - 00077394 _____ () C:\Windows\PFRO.log
2014-01-30 14:12 - 2013-08-06 09:19 - 00000000 ____D () C:\Users\Klaudia\AppData\Roaming\DigitalSite
2014-01-30 14:09 - 2013-11-21 11:37 - 00000000 ____D () C:\ProgramData\surf  and keeupp
2014-01-30 14:09 - 2013-11-21 11:37 - 00000000 ____D () C:\Program Files\surf  and keeupp
2014-01-30 13:32 - 2011-11-22 07:59 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-01-30 13:31 - 2014-01-30 13:31 - 00000911 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-30 12:50 - 2013-11-21 11:37 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker
2014-01-30 12:50 - 2013-11-21 11:37 - 00000000 ____D () C:\ProgramData\surf! and Keep
2014-01-30 12:43 - 2013-11-21 11:37 - 00000000 ____D () C:\ProgramData\b2dd94201aa43280
2014-01-30 12:42 - 2013-11-21 11:37 - 00000000 ____D () C:\Program Files\surf! and Keep
2014-01-30 12:40 - 2009-11-02 09:33 - 00001729 _____ () C:\Users\Klaudia\Desktop\Mozilla Firefox.lnk
2014-01-30 12:23 - 2014-01-30 12:23 - 00000809 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-01-30 12:23 - 2014-01-30 12:23 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-30 12:19 - 2014-01-30 12:19 - 00000000 ____D () C:\Program Files\DemoForge
2014-01-30 12:19 - 2008-12-25 08:57 - 00000000 ____D () C:\users\Klaudia
2014-01-30 12:15 - 2014-01-30 12:15 - 00000000 ____D () C:\ProgramData\TightVNC
2014-01-30 12:15 - 2014-01-30 12:15 - 00000000 ____D () C:\Program Files\TightVNC
2014-01-30 11:18 - 2014-02-03 11:38 - 1462572576 ____R () C:\Users\Klaudia\Desktop\12 Years a Slave (2013) DVDSCR XviD-MAXSPEED www.torentz.3xforum.ro.avi
2014-01-18 23:32 - 2009-10-02 07:58 - 00231584 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\Klaudia\AppData\Local\Temp\Quarantine.exe


==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2014-02-10 03:59:19
Restore point made on: 2014-02-10 04:44:34
Restore point made on: 2014-02-12 09:14:32

==================== Memory info =========================== 

Percentage of memory in use: 13%
Total physical RAM: 4093.07 MB
Available physical RAM: 3534.39 MB
Total Pagefile: 3754.51 MB
Available Pagefile: 3592.31 MB
Total Virtual: 2047.88 MB
Available Virtual: 1963.84 MB

==================== Drives ================================

Drive c: (Vista) (Fixed) (Total:116.29 GB) (Free:13.09 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:115.13 GB) (Free:78.91 GB) NTFS
Drive f: (WinRE) (Fixed) (Total:1.46 GB) (Free:1.23 GB) NTFS
Drive g: () (Removable) (Total:14.64 GB) (Free:8.84 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: BC5A7234)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=115 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 15 GB) (Disk ID: 386A4705)
Partition 1: (Active) - (Size=15 GB) - (Type=07 NTFS)


LastRegBack: 2014-02-12 09:22

==================== End Of Log ============================