Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013 Ran by Gość (ATTENTION: The logged in user is not administrator) on KAMILA-KOMPUTER on 03-11-2013 18:44:31 Running from C:\Users\Gość\Downloads Windows 7 Ultimate Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Could not list processes =============== ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SetPoint] - C:\Program Files\Logitech\SetPoint\SetPoint.exe [434176 2005-03-31] (Logitech Inc.) HKLM\...\Run: [MMTray] - C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe [118784 2004-04-20] (MUSICMATCH, Inc.) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.) HKLM\...\Run: [OrderReminder] - C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [98304 2004-12-14] (Hewlett-Packard) HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2404376 2013-10-03] () HKLM\...\Run: [facemoods] - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe [362200 2011-09-05] (facemoods.com) HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.) Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation) HKCU\...\Run: [LDM] - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [32768 2011-10-05] (Logitech) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={DDA9A96A-BDBA-4CD9-830D-D78C70A733E0}&mid=a1840ec1b194d4f3128f37df7249ad6c-26daff4126c9cab5a9b43985ef4aefecb91d645f&lang=pl&ds=AVG&coid=avgtbavg&pr=pr&d=2013-10-02 18:31:54&v=17.0.1.12&pid=avg&sg=0&sap=dsp&q={searchTerms} SearchScopes: HKCU - {10DC9C4E-C8ED-4817-9F52-938D503D03BF} URL = http://search.avg.com/route/?d=4de4e957&v=7.4.22.4&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={DDA9A96A-BDBA-4CD9-830D-D78C70A733E0}&mid=a1840ec1b194d4f3128f37df7249ad6c-26daff4126c9cab5a9b43985ef4aefecb91d645f&lang=pl&ds=AVG&coid=avgtbavg&pr=pr&d=2013-10-02 18:31:54&v=17.0.1.12&pid=avg&sg=0&sap=dsp&q={searchTerms} BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.) BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll No File BHO: CescrtHlpr Object - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll (facemoods.com BHO) BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll (AVG Secure Search) BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly Technologies Ltd) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll (AVG Secure Search) Toolbar: HKLM - facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll (facemoods.com) Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File Toolbar: HKCU - No Name - {707DB484-2428-402D-AFB5-D85B387544C7} - No File Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: bw+0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw+0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw-0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw-0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw00 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw00s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw10 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw10s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw20 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw20s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw30 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw30s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw40 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw40s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw50 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw50s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw60 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw60s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw70 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw70s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw80 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw80s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw90 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw90s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwa0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwa0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwb0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwb0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwc0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwc0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwd0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwd0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwe0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwe0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwf0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwf0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwg0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwg0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwh0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwh0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwi0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwi0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwj0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwj0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwk0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwk0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwl0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwl0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwm0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwm0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwn0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwn0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwo0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwo0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwp0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwp0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwq0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwq0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwr0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwr0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bws0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bws0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwt0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwt0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwu0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwu0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwv0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwv0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bww0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bww0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwx0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwx0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwy0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwy0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwz0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwz0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) Handler: offline-8876480 - {016DA802-A2B8-4A29-AAAB-52F2A1BF96F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search) Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.) Tcpip\Parameters: [DhcpNameServer] 10.10.81.124 192.166.202.10 Chrome: ======= CHR Extension: (Google Docs) - C:\Users\GO9495~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (DealPly) - C:\Users\GO9495~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.5.3.0_0 CHR Extension: (Facemoods) - C:\Users\GO9495~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\9.4.1.1_0 CHR Extension: (Google Wallet) - C:\Users\GO9495~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\Kamila\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx CHR HKLM\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files\DealPly\DealPly.crx CHR HKLM\...\Chrome\Extension: [ihflimipbcaljfnojhhknppphnnciiif] - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoods.crx ========================== Services (Whitelisted) ================= S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S2 avgfws; C:\Program Files\AVG\AVG2014\avgfws.exe [1358944 2013-09-25] (AVG Technologies CZ, s.r.o.) S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.) R2 lmhosts; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) R2 NlaSvc; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) R2 nsi; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [204648 2009-07-01] (Sony Corporation) R2 vToolbarUpdater17.0.12; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-10-02] (AVG Secure Search) ==================== Drivers (Whitelisted) ==================== R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120632 2013-09-25] (AVG Technologies CZ, s.r.o.) R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209208 2013-09-02] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [145720 2013-09-02] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-10] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-09-02] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [223032 2013-09-02] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102200 2013-08-20] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-08] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-10-02] (AVG Technologies) R3 MxlW2k; C:\Windows\System32\Drivers\MxlW2k.sys [28352 2010-03-05] (MusicMatch, Inc.) R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; C:\Program Files\CyberLink\PowerDVD8\000.fcl [41456 2008-02-01] (Cyberlink Corp.) S3 cpuz132; \??\C:\Users\Kamila\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [x] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-03 18:43 - 2013-11-03 18:43 - 00259584 _____ (OldTimer Tools) C:\Users\Gość\Downloads\OTH.com 2013-11-03 18:42 - 2013-11-03 18:42 - 01089445 _____ (Farbar) C:\Users\Gość\Downloads\FRST.exe 2013-11-03 18:42 - 2013-11-03 18:42 - 00602112 _____ (OldTimer Tools) C:\Users\Gość\Downloads\OTL.com 2013-11-02 16:55 - 2013-11-02 17:02 - 211425680 _____ (Symantec Corporation) C:\Users\Gość\Downloads\N360-TW-21.1.0-PL.exe 2013-11-02 09:57 - 2013-11-02 09:57 - 00000000 ____D C:\Users\Gość\AppData\Local\Google 2013-11-02 09:55 - 2013-11-02 09:55 - 00000000 ____D C:\Users\Gość\AppData\Roaming\AVG2014 2013-11-02 09:55 - 2013-11-02 09:55 - 00000000 ____D C:\Users\Gość\AppData\Local\Avg2014 2013-10-10 00:58 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-10-10 00:58 - 2013-09-23 00:28 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-10-10 00:58 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-10-10 00:58 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-10-10 00:58 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-10-10 00:58 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-10-10 00:58 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-10-10 00:58 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-10-10 00:58 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-10-10 00:58 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-10-10 00:58 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-10-10 00:58 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-10-10 00:57 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-10-10 00:57 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-10-10 00:57 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-10-10 00:57 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-10-09 22:05 - 2013-09-14 01:48 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-10-09 22:05 - 2013-09-08 03:07 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-10-09 22:05 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2013-10-09 22:05 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2013-10-09 22:05 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-10-09 22:05 - 2013-08-29 02:50 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-10-09 22:05 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2013-10-09 22:05 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2013-10-09 22:05 - 2013-08-28 02:04 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-10-09 22:05 - 2013-08-28 01:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2013-10-09 22:05 - 2013-08-01 12:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-09 22:05 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 22:05 - 2013-07-12 11:08 - 00146816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2013-10-09 22:05 - 2013-07-12 11:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2013-10-09 22:05 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2013-10-09 22:05 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2013-10-09 22:05 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2013-10-09 22:05 - 2013-07-04 10:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2013-10-09 22:05 - 2013-07-03 05:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys 2013-10-09 22:05 - 2013-07-03 04:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2013-10-09 22:05 - 2013-07-03 04:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2013-10-09 22:05 - 2013-06-25 23:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2013-10-09 22:05 - 2013-06-06 05:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2013-10-09 22:05 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2013-10-09 22:05 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2013-10-09 22:05 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2013-10-09 22:05 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll ==================== One Month Modified Files and Folders ======= 2013-11-03 18:43 - 2013-11-03 18:43 - 00259584 _____ (OldTimer Tools) C:\Users\Gość\Downloads\OTH.com 2013-11-03 18:42 - 2013-11-03 18:42 - 01089445 _____ (Farbar) C:\Users\Gość\Downloads\FRST.exe 2013-11-03 18:42 - 2013-11-03 18:42 - 00602112 _____ (OldTimer Tools) C:\Users\Gość\Downloads\OTL.com 2013-11-03 18:21 - 2009-07-14 05:34 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-03 18:21 - 2009-07-14 05:34 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-03 18:16 - 2010-03-03 20:50 - 01615803 _____ C:\Windows\WindowsUpdate.log 2013-11-03 18:13 - 2009-07-14 05:39 - 00319990 _____ C:\Windows\setupact.log 2013-11-03 17:18 - 2012-03-12 17:18 - 00000000 ____D C:\Program Files\DealPly 2013-11-03 16:08 - 2011-05-31 13:59 - 00000000 ____D C:\ProgramData\MFAData 2013-11-02 17:02 - 2013-11-02 16:55 - 211425680 _____ (Symantec Corporation) C:\Users\Gość\Downloads\N360-TW-21.1.0-PL.exe 2013-11-02 09:58 - 2010-12-15 21:49 - 00097088 _____ C:\Users\Gość\AppData\Local\GDIPFONTCACHEV1.DAT 2013-11-02 09:57 - 2013-11-02 09:57 - 00000000 ____D C:\Users\Gość\AppData\Local\Google 2013-11-02 09:55 - 2013-11-02 09:55 - 00000000 ____D C:\Users\Gość\AppData\Roaming\AVG2014 2013-11-02 09:55 - 2013-11-02 09:55 - 00000000 ____D C:\Users\Gość\AppData\Local\Avg2014 2013-10-31 08:38 - 2010-03-03 21:11 - 01549932 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-31 08:38 - 2009-07-14 09:07 - 00698146 _____ C:\Windows\system32\perfh015.dat 2013-10-31 08:38 - 2009-07-14 09:07 - 00135224 _____ C:\Windows\system32\perfc015.dat 2013-10-25 11:57 - 2010-03-04 15:10 - 00020208 _____ C:\Windows\PFRO.log 2013-10-24 13:21 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache 2013-10-19 15:16 - 2013-06-09 10:00 - 00000000 _____ C:\sparkraw.log 2013-10-19 14:02 - 2013-04-17 16:21 - 00002137 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-10-18 11:57 - 2010-03-17 16:57 - 00000000 ____D C:\ProgramData\OpenFM 2013-10-11 12:02 - 2013-10-02 17:32 - 00000973 _____ C:\Users\Public\Desktop\AVG 2014.lnk 2013-10-11 12:01 - 2011-10-05 17:41 - 00000000 ___HD C:\$AVG 2013-10-10 12:30 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET 2013-10-10 11:45 - 2009-07-14 05:33 - 01716912 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-10 11:42 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\pl-PL 2013-10-10 11:40 - 2010-03-13 18:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-10 01:04 - 2010-03-03 21:58 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-10-10 01:03 - 2013-08-15 09:59 - 00000000 ____D C:\Windows\system32\MRT 2013-10-10 01:00 - 2010-03-03 21:13 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-10-08 23:49 - 2012-10-08 09:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2013-10-08 23:49 - 2011-10-02 00:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2013-10-06 23:40 - 2011-12-06 00:56 - 264915657 _____ C:\Windows\MEMORY.DMP 2013-10-06 23:40 - 2011-12-06 00:56 - 00000000 ____D C:\Windows\Minidump Files to move or delete: ==================== C:\ProgramData\PKP_DLbx.DAT Some content of TEMP: ==================== C:\Users\Kamila\AppData\Local\Temp\AMPing.exe C:\Users\Kamila\AppData\Local\Temp\avguidx.dll C:\Users\Kamila\AppData\Local\Temp\CommonInstaller.exe C:\Users\Kamila\AppData\Local\Temp\gg10.upgr.exe C:\Users\Kamila\AppData\Local\Temp\gg10_upgr_to_11790_from_11119.exe C:\Users\Kamila\AppData\Local\Temp\gg10_upgr_to_11999_from_11790.exe C:\Users\Kamila\AppData\Local\Temp\gg10_upgr_to_12096_from_11790.exe C:\Users\Kamila\AppData\Local\Temp\GLF1F6A.EXE C:\Users\Kamila\AppData\Local\Temp\GLF4245.EXE C:\Users\Kamila\AppData\Local\Temp\GLF6C4D.EXE C:\Users\Kamila\AppData\Local\Temp\GLF8B16.EXE C:\Users\Kamila\AppData\Local\Temp\GLF95B2.EXE C:\Users\Kamila\AppData\Local\Temp\GLFA09A.EXE C:\Users\Kamila\AppData\Local\Temp\GLFA0D5.EXE C:\Users\Kamila\AppData\Local\Temp\GLFA97F.EXE C:\Users\Kamila\AppData\Local\Temp\GLFE69.EXE C:\Users\Kamila\AppData\Local\Temp\GLFE96A.EXE C:\Users\Kamila\AppData\Local\Temp\GLFEE1B.EXE C:\Users\Kamila\AppData\Local\Temp\GLFFE7E.EXE C:\Users\Kamila\AppData\Local\Temp\GUR3800.exe C:\Users\Kamila\AppData\Local\Temp\GUR382F.exe C:\Users\Kamila\AppData\Local\Temp\GUR3E28.exe C:\Users\Kamila\AppData\Local\Temp\GUR43D2.exe C:\Users\Kamila\AppData\Local\Temp\GUR648.exe C:\Users\Kamila\AppData\Local\Temp\GUR672A.exe C:\Users\Kamila\AppData\Local\Temp\HomePageV9.exe C:\Users\Kamila\AppData\Local\Temp\IadHide5.dll C:\Users\Kamila\AppData\Local\Temp\iGearedHelper.dll C:\Users\Kamila\AppData\Local\Temp\InstallManager_BAB_BAB.exe C:\Users\Kamila\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe C:\Users\Kamila\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe C:\Users\Kamila\AppData\Local\Temp\MachineIdCreator.exe C:\Users\Kamila\AppData\Local\Temp\Mario_Forever.exe C:\Users\Kamila\AppData\Local\Temp\oi_{0C43E2D4-102F-45A5-A2EC-EA264174B0B9}.exe C:\Users\Kamila\AppData\Local\Temp\oi_{9D13E41E-4AEC-4EB3-8F3D-EEBF16A5647F}.exe C:\Users\Kamila\AppData\Local\Temp\SkypeSetup.exe C:\Users\Kamila\AppData\Local\Temp\Super_Bros_3_Mario_Forever.exe C:\Users\Kamila\AppData\Local\Temp\ToolbarInstaller.exe C:\Users\Kamila\AppData\Local\Temp\v9formalavida.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== End Of Log ============================