Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-11-2013 Ran by Kamila (administrator) on KAMILA-KOMPUTER on 15-11-2013 21:09:29 Running from C:\Users\Kamila\Downloads Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avguard.exe (Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Logitech Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe (MUSICMATCH, Inc.) C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avgnt.exe ( ) C:\Program Files\ChomikBox\chomikbox.exe (Logitech Inc.) C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE (Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.2.241.0\SeaPort.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SetPoint] - C:\Program Files\Logitech\SetPoint\SetPoint.exe [434176 2005-03-31] (Logitech Inc.) HKLM\...\Run: [MMTray] - C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe [118784 2004-04-20] (MUSICMATCH, Inc.) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.) HKLM\...\Run: [OrderReminder] - C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [98304 2004-12-14] (Hewlett-Packard) HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [vProt] - "C:\Program Files\AVG Secure Search\vprot.exe" HKLM\...\Run: [facemoods] - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe [362200 2011-09-05] (facemoods.com) HKLM\...\Run: [AVG_UI] - "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY HKLM\...\Run: [avgnt] - D:\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-12] (Avira Operations GmbH & Co. KG) Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation) HKCU\...\Run: [LDM] - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [32768 2011-10-05] (Logitech) HKCU\...\Run: [Facebook Update] - C:\Users\Kamila\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-13] (Facebook Inc.) HKCU\...\Run: [ChomikBox] - C:\Program Files\ChomikBox\chomikbox.exe [5979648 2012-11-15] ( ) HKCU\...\Policies\system: [LogonHoursAction] 2 HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 MountPoints2: {34c84aef-531f-11e0-9834-0024be7a46d6} - F:\USBAutoRun.exe MountPoints2: {3fc3a98e-c870-11e2-995f-0024be7a46d6} - F:\LaunchU3.exe -a HKU\Gość\...\Run: [LDM] - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [ 2011-10-05] (Logitech) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=SAMSUNGXHM320II_S207JD0S912996&ts=1355685030 SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=stonicpl&s={searchTerms}&f=4 SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&affID=110819&tt=060612_6_&babsrc=SP_ss&mntrId=081d249000000000000006265efddb16 SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com/web/?utm_source=b&utm_medium=mlv&from=mlv&uid=SAMSUNGXHM320II_S207JD0S912996&ts=1355685031 SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={DDA9A96A-BDBA-4CD9-830D-D78C70A733E0}&mid=a1840ec1b194d4f3128f37df7249ad6c-26daff4126c9cab5a9b43985ef4aefecb91d645f&lang=pl&ds=AVG&coid=avgtbavg&pr=pr&d=2013-10-02 18:31:54&v=17.0.0.12&pid=avg&sg=0&sap=dsp&q={searchTerms} BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.) BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO: CescrtHlpr Object - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll (facemoods.com BHO) BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll No File BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly Technologies Ltd) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll No File Toolbar: HKLM - facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll (facemoods.com) Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: bw+0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw+0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw-0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw-0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw00 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw00s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw10 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw10s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw20 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw20s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw30 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw30s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw40 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw40s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw50 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw50s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw60 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw60s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw70 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw70s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw80 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw80s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw90 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bw90s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwa0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwa0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwb0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwb0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwc0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwc0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwd0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwd0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwe0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwe0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwf0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwf0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwg0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwg0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwh0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwh0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwi0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwi0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwj0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwj0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwk0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwk0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwl0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwl0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwm0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwm0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwn0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwn0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwo0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwo0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwp0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwp0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwq0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwq0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwr0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwr0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bws0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bws0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwt0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwt0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwu0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwu0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwv0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwv0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bww0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bww0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwx0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwx0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwy0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwy0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwz0 - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: bwz0s - {016da802-a2b8-4a29-aaab-52f2a1bf96f0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) Handler: offline-8876480 - {016DA802-A2B8-4A29-AAAB-52F2A1BF96F0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. ) Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll No File Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.) Tcpip\Parameters: [DhcpNameServer] 10.10.81.124 192.166.202.10 Chrome: ======= CHR HomePage: hxxp://www.google.pl/ CHR RestoreOnStartup: "hxxp://www.wp.pl/" CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.180.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.) CHR Plugin: (Java(TM) Platform SE 6 U20) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll No File CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Kamila\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll () CHR Extension: (Google Docs) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (AVG Secure Search) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\15.5.0.2_0 CHR Extension: (Google Wallet) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR Extension: (Gmail) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\Kamila\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx CHR HKLM\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files\DealPly\DealPly.crx CHR HKLM\...\Chrome\Extension: [ihflimipbcaljfnojhhknppphnnciiif] - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoods.crx CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\\ChromeExt\\avg.crx ========================== Services (Whitelisted) ================= S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 AntiVirSchedulerService; D:\Avira\AntiVir Desktop\sched.exe [440376 2013-11-12] (Avira Operations GmbH & Co. KG) R2 AntiVirService; D:\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-12] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; D:\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-10-10] (Avira Operations GmbH & Co. KG) R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [204648 2009-07-01] (Sony Corporation) S2 vToolbarUpdater17.0.12; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [x] ==================== Drivers (Whitelisted) ==================== R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120632 2013-09-25] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [223032 2013-09-02] (AVG Technologies CZ, s.r.o.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-11-12] (Avira Operations GmbH & Co. KG) R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-10-02] (AVG Technologies) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-12] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-10] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [67680 2013-10-10] (Avira Operations GmbH & Co. KG) R3 MxlW2k; C:\Windows\System32\Drivers\MxlW2k.sys [28352 2010-03-05] (MusicMatch, Inc.) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-10-10] (Avira GmbH) R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; C:\Program Files\CyberLink\PowerDVD8\000.fcl [41456 2008-02-01] (Cyberlink Corp.) S0 AVGIDSHX; system32\DRIVERS\avgidshx.sys [x] S1 AVGIDSShim; system32\DRIVERS\avgidsshimx.sys [x] S3 cpuz132; \??\C:\Users\Kamila\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [x] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-15 21:09 - 2013-11-15 21:09 - 00028758 _____ C:\Users\Kamila\Downloads\FRST.txt 2013-11-15 21:09 - 2013-11-15 21:09 - 00000000 ____D C:\FRST 2013-11-15 21:08 - 2013-11-15 21:09 - 00377856 _____ C:\Users\Kamila\Downloads\9r6zsw9e.exe 2013-11-15 21:08 - 2013-11-15 21:08 - 00602112 _____ (OldTimer Tools) C:\Users\Kamila\Downloads\OTL.exe 2013-11-15 21:08 - 2013-11-15 21:08 - 00368705 _____ C:\Users\Kamila\Downloads\gm.zip 2013-11-15 21:06 - 2013-11-15 21:07 - 01090529 _____ (Farbar) C:\Users\Kamila\Downloads\FRST.exe 2013-11-14 21:27 - 2013-10-12 08:04 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-14 21:27 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-14 21:27 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-14 21:27 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-14 21:27 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-14 21:27 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-14 21:27 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-14 21:27 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-14 21:27 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-14 21:27 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-14 21:27 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-14 21:27 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-14 21:27 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-14 21:27 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-14 21:27 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-14 21:27 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-14 19:29 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-14 19:29 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-14 19:29 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-14 19:29 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-14 19:29 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-14 19:29 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-11-14 19:29 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-11-14 19:29 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-14 19:29 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-14 19:29 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-14 19:29 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-14 19:29 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-14 19:29 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-14 19:29 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-14 19:29 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-14 19:29 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-14 19:29 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-14 19:29 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-11-07 21:45 - 2013-11-07 21:45 - 00000000 ____D C:\Users\Kamila\AppData\Roaming\Avira 2013-11-07 21:39 - 2013-11-12 11:40 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-11-07 21:39 - 2013-11-12 11:40 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-11-07 21:39 - 2013-11-07 21:39 - 00000000 ____D C:\ProgramData\Avira 2013-11-07 21:39 - 2013-10-10 19:14 - 00067680 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2013-11-07 21:39 - 2013-10-10 19:14 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2013-11-07 21:39 - 2013-10-10 19:14 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys 2013-11-05 21:19 - 2013-11-05 21:28 - 00000000 ____D C:\AdwCleaner 2013-11-05 20:59 - 2013-11-07 18:12 - 00000000 ____D C:\Users\Gość\Desktop\raporty 2013-11-05 20:11 - 2013-11-05 20:11 - 00368705 _____ C:\Users\Gość\Downloads\gm.zip 2013-11-05 20:09 - 2013-11-05 20:09 - 00602112 _____ (OldTimer Tools) C:\Users\Gość\Downloads\OTL.com 2013-11-03 19:44 - 2013-11-03 19:44 - 00000000 ____D C:\Users\TEMP\AppData\Local\Avg2014 2013-11-03 19:06 - 2013-11-03 19:06 - 00368705 _____ C:\Users\Gość\Downloads\gm (1).zip 2013-11-03 19:06 - 2013-11-03 19:06 - 00167642 _____ C:\Users\Gość\Downloads\gmer.zip 2013-11-03 18:49 - 2013-11-03 18:49 - 00036595 _____ C:\Users\Gość\Downloads\FRST.txt 2013-11-03 18:49 - 2013-11-03 18:49 - 00007603 _____ C:\Users\Gość\Downloads\Addition.txt 2013-11-02 09:57 - 2013-11-02 09:57 - 00000000 ____D C:\Users\Gość\AppData\Local\Google 2013-11-02 09:55 - 2013-11-02 09:55 - 00000000 ____D C:\Users\Gość\AppData\Roaming\AVG2014 2013-11-02 09:55 - 2013-11-02 09:55 - 00000000 ____D C:\Users\Gość\AppData\Local\Avg2014 2013-11-02 09:46 - 2013-01-31 10:23 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\TuneUp Software 2013-11-02 09:46 - 2010-12-02 16:31 - 00000000 ____D C:\Users\TEMP\AppData\Local\Microsoft Help 2013-11-02 09:46 - 2009-07-14 05:42 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-11-02 09:46 - 2009-07-14 05:37 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance ==================== One Month Modified Files and Folders ======= 2013-11-15 21:09 - 2013-11-15 21:09 - 00028758 _____ C:\Users\Kamila\Downloads\FRST.txt 2013-11-15 21:09 - 2013-11-15 21:09 - 00000000 ____D C:\FRST 2013-11-15 21:09 - 2013-11-15 21:08 - 00377856 _____ C:\Users\Kamila\Downloads\9r6zsw9e.exe 2013-11-15 21:08 - 2013-11-15 21:08 - 00602112 _____ (OldTimer Tools) C:\Users\Kamila\Downloads\OTL.exe 2013-11-15 21:08 - 2013-11-15 21:08 - 00368705 _____ C:\Users\Kamila\Downloads\gm.zip 2013-11-15 21:07 - 2013-11-15 21:06 - 01090529 _____ (Farbar) C:\Users\Kamila\Downloads\FRST.exe 2013-11-15 20:53 - 2013-04-17 16:06 - 00001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-15 20:50 - 2010-03-03 20:50 - 01778903 _____ C:\Windows\WindowsUpdate.log 2013-11-15 20:48 - 2012-10-08 09:03 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-11-15 19:59 - 2013-04-17 16:21 - 00002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-11-15 19:44 - 2012-07-08 14:36 - 00001082 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1976282385-4076430714-1945598826-1000UA.job 2013-11-15 19:26 - 2009-07-14 05:34 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-15 19:26 - 2009-07-14 05:34 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-15 19:19 - 2012-12-07 14:39 - 00000000 ____D C:\Users\Kamila\.gstreamer-0.10 2013-11-15 19:18 - 2013-06-03 22:25 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job 2013-11-15 19:18 - 2013-04-17 16:06 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-15 19:18 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-15 19:18 - 2009-07-14 05:39 - 00321558 _____ C:\Windows\setupact.log 2013-11-15 08:49 - 2010-03-03 21:11 - 01549932 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-15 08:49 - 2009-07-14 09:07 - 00698146 _____ C:\Windows\system32\perfh015.dat 2013-11-15 08:49 - 2009-07-14 09:07 - 00135224 _____ C:\Windows\system32\perfc015.dat 2013-11-14 22:13 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\pl-PL 2013-11-14 21:30 - 2010-03-03 21:58 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-11-14 21:27 - 2013-08-15 09:59 - 00000000 ____D C:\Windows\system32\MRT 2013-11-14 21:25 - 2010-03-03 21:13 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-11-12 12:13 - 2011-02-15 14:23 - 00000000 ____D C:\Users\Kamila\Desktop\Nowy folder 2013-11-12 11:40 - 2013-11-07 21:39 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-11-12 11:40 - 2013-11-07 21:39 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-11-07 22:05 - 2010-03-04 15:10 - 00117532 _____ C:\Windows\PFRO.log 2013-11-07 21:45 - 2013-11-07 21:45 - 00000000 ____D C:\Users\Kamila\AppData\Roaming\Avira 2013-11-07 21:39 - 2013-11-07 21:39 - 00000000 ____D C:\ProgramData\Avira 2013-11-07 18:56 - 2010-03-03 21:39 - 00000000 ____D C:\ProgramData\avg9 2013-11-07 18:55 - 2009-07-14 05:53 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-11-07 18:16 - 2011-12-19 13:37 - 00000000 ____D C:\ProgramData\AVG Secure Search 2013-11-07 18:14 - 2010-12-02 12:41 - 00000000 ____D C:\Users\Gość 2013-11-07 18:12 - 2013-11-05 20:59 - 00000000 ____D C:\Users\Gość\Desktop\raporty 2013-11-07 18:12 - 2012-03-12 17:18 - 00000000 ____D C:\Program Files\DealPly 2013-11-07 18:12 - 2012-02-01 12:09 - 00000000 ____D C:\Program Files\facemoods.com 2013-11-07 18:12 - 2010-03-03 21:01 - 00000000 ____D C:\Users\Kamila 2013-11-07 18:12 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\wfp 2013-11-07 18:12 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration 2013-11-05 21:28 - 2013-11-05 21:19 - 00000000 ____D C:\AdwCleaner 2013-11-05 20:11 - 2013-11-05 20:11 - 00368705 _____ C:\Users\Gość\Downloads\gm.zip 2013-11-05 20:09 - 2013-11-05 20:09 - 00602112 _____ (OldTimer Tools) C:\Users\Gość\Downloads\OTL.com 2013-11-05 19:55 - 2011-05-31 13:59 - 00000000 ____D C:\ProgramData\MFAData 2013-11-05 19:49 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\AppCompat 2013-11-03 19:44 - 2013-11-03 19:44 - 00000000 ____D C:\Users\TEMP\AppData\Local\Avg2014 2013-11-03 19:06 - 2013-11-03 19:06 - 00368705 _____ C:\Users\Gość\Downloads\gm (1).zip 2013-11-03 19:06 - 2013-11-03 19:06 - 00167642 _____ C:\Users\Gość\Downloads\gmer.zip 2013-11-03 18:49 - 2013-11-03 18:49 - 00036595 _____ C:\Users\Gość\Downloads\FRST.txt 2013-11-03 18:49 - 2013-11-03 18:49 - 00007603 _____ C:\Users\Gość\Downloads\Addition.txt 2013-11-02 09:58 - 2010-12-15 21:49 - 00097088 _____ C:\Users\Gość\AppData\Local\GDIPFONTCACHEV1.DAT 2013-11-02 09:57 - 2013-11-02 09:57 - 00000000 ____D C:\Users\Gość\AppData\Local\Google 2013-11-02 09:55 - 2013-11-02 09:55 - 00000000 ____D C:\Users\Gość\AppData\Roaming\AVG2014 2013-11-02 09:55 - 2013-11-02 09:55 - 00000000 ____D C:\Users\Gość\AppData\Local\Avg2014 2013-10-29 22:22 - 2012-12-20 22:35 - 00000000 ___RD C:\Users\Kamila\Desktop\miau 2013-10-24 13:21 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache 2013-10-19 15:16 - 2013-06-09 10:00 - 00000000 _____ C:\sparkraw.log 2013-10-18 11:57 - 2010-03-17 16:57 - 00000000 ____D C:\ProgramData\OpenFM Files to move or delete: ==================== C:\ProgramData\PKP_DLbx.DAT Some content of TEMP: ==================== C:\Users\Kamila\AppData\Local\Temp\AMPing.exe C:\Users\Kamila\AppData\Local\Temp\avgnt.exe C:\Users\Kamila\AppData\Local\Temp\avguidx.dll C:\Users\Kamila\AppData\Local\Temp\CommonInstaller.exe C:\Users\Kamila\AppData\Local\Temp\gg10.upgr.exe C:\Users\Kamila\AppData\Local\Temp\gg10_upgr_to_11790_from_11119.exe C:\Users\Kamila\AppData\Local\Temp\gg10_upgr_to_11999_from_11790.exe C:\Users\Kamila\AppData\Local\Temp\gg10_upgr_to_12096_from_11790.exe C:\Users\Kamila\AppData\Local\Temp\GLF1F6A.EXE C:\Users\Kamila\AppData\Local\Temp\GLF4245.EXE C:\Users\Kamila\AppData\Local\Temp\GLF6C4D.EXE C:\Users\Kamila\AppData\Local\Temp\GLF8B16.EXE C:\Users\Kamila\AppData\Local\Temp\GLF95B2.EXE C:\Users\Kamila\AppData\Local\Temp\GLFA09A.EXE C:\Users\Kamila\AppData\Local\Temp\GLFA0D5.EXE C:\Users\Kamila\AppData\Local\Temp\GLFA97F.EXE C:\Users\Kamila\AppData\Local\Temp\GLFE69.EXE C:\Users\Kamila\AppData\Local\Temp\GLFE96A.EXE C:\Users\Kamila\AppData\Local\Temp\GLFEE1B.EXE C:\Users\Kamila\AppData\Local\Temp\GLFFE7E.EXE C:\Users\Kamila\AppData\Local\Temp\GUR3800.exe C:\Users\Kamila\AppData\Local\Temp\GUR382F.exe C:\Users\Kamila\AppData\Local\Temp\GUR3E28.exe C:\Users\Kamila\AppData\Local\Temp\GUR43D2.exe C:\Users\Kamila\AppData\Local\Temp\GUR648.exe C:\Users\Kamila\AppData\Local\Temp\GUR672A.exe C:\Users\Kamila\AppData\Local\Temp\HomePageV9.exe C:\Users\Kamila\AppData\Local\Temp\IadHide5.dll C:\Users\Kamila\AppData\Local\Temp\iGearedHelper.dll C:\Users\Kamila\AppData\Local\Temp\InstallManager_BAB_BAB.exe C:\Users\Kamila\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe C:\Users\Kamila\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe C:\Users\Kamila\AppData\Local\Temp\MachineIdCreator.exe C:\Users\Kamila\AppData\Local\Temp\Mario_Forever.exe C:\Users\Kamila\AppData\Local\Temp\oi_{0C43E2D4-102F-45A5-A2EC-EA264174B0B9}.exe C:\Users\Kamila\AppData\Local\Temp\oi_{9D13E41E-4AEC-4EB3-8F3D-EEBF16A5647F}.exe C:\Users\Kamila\AppData\Local\Temp\SkypeSetup.exe C:\Users\Kamila\AppData\Local\Temp\Super_Bros_3_Mario_Forever.exe C:\Users\Kamila\AppData\Local\Temp\ToolbarInstaller.exe C:\Users\Kamila\AppData\Local\Temp\v9formalavida.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-15 20:52 ==================== End Of Log ============================