Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-08-2013 01
Ran by user (administrator) on USER-KOMPUTER on 31-08-2013 11:42:28
Running from C:\Users\user\Desktop\logi
Windows 7 Home Premium (X64) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

==================== Could not list processes ===============

==================== Registry (Whitelisted) ==================

HKCU\...\Policies\Explorer: [NoDriveAutoRun] 16
HKLM-x32\...\Run: [AVG_TRAY] - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [DataCardMonitor] - C:\Program Files (x86)\blueconnect\DataCardMonitor.exe [253952 2013-02-01] (Huawei Technologies Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
Handler: msdaipp - No CLSID Value - 
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msdaipp - No CLSID Value - 
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 89.108.202.21 89.108.195.21
Tcpip\..\Interfaces\{9EF3463F-29EA-4485-A05A-B6287F382AEF}: [NameServer]89.108.202.21 89.108.195.21
Tcpip\..\Interfaces\{E6FA3AF5-3AA7-4989-BEA8-734EB6826778}: [NameServer]89.108.202.21 89.108.195.21

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qv5awwpa.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
FF Extension: No Name - C:\Users\user\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] C:\Program Files (x86)\AVG\AVG2012\Firefox4\
FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\Firefox4\
FF HKLM-x32\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\
FF Extension: AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (AVG Internet Security) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [5174392 2012-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S3 PLAY ONLINE. RunOuc; C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe [246112 2013-07-15] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2148216 2012-08-23] (AVG)

==================== Drivers (Whitelisted) ====================

R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127328 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307040 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384800 2013-04-11] (AVG Technologies CZ, s.r.o.)
R3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [218624 2013-07-15] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [11880 2012-07-04] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-31 11:28 - 2013-08-31 11:28 - 00448512 _____ (OldTimer Tools) C:\Users\user\Downloads\TFC.exe
2013-08-31 11:09 - 2013-08-31 11:26 - 00000000 ____D C:\AdwCleaner
2013-08-31 11:09 - 2013-08-31 11:09 - 00994642 _____ C:\Users\user\Downloads\AdwCleaner.exe
2013-08-31 09:50 - 2013-08-31 09:50 - 00000000 ____D C:\Users\user\Downloads\zdjecia
2013-08-31 09:16 - 2013-08-31 09:16 - 00797784 _____ (Duplex Secure Ltd.) C:\Users\user\Downloads\SPTDinst-v183-x64.exe
2013-08-31 07:31 - 2013-08-31 07:31 - 00377856 _____ C:\Users\user\Downloads\tmj56y5t.exe
2013-08-31 07:06 - 2013-08-31 10:05 - 00064062 _____ C:\Users\user\Downloads\Extras.Txt
2013-08-31 07:05 - 2013-08-31 10:04 - 00171480 _____ C:\Users\user\Downloads\OTL.Txt
2013-08-31 06:54 - 2013-08-31 06:54 - 00602112 _____ (OldTimer Tools) C:\Users\user\Downloads\OTL.exe
2013-08-31 06:52 - 2013-08-31 11:42 - 00000000 ____D C:\Users\user\Desktop\logi
2013-08-31 06:51 - 2013-08-31 06:51 - 00030968 _____ C:\Users\user\Downloads\FRST.txt
2013-08-31 06:51 - 2013-08-31 06:51 - 00024914 _____ C:\Users\user\Downloads\Addition.txt
2013-08-31 06:49 - 2013-08-31 06:49 - 00000000 ____D C:\FRST
2013-08-29 15:42 - 2013-08-29 15:42 - 00000000 ____D C:\Users\user\AppData\Roaming\CyberLink
2013-08-29 15:42 - 2013-08-29 15:42 - 00000000 ____D C:\Users\Public\CyberLink

==================== One Month Modified Files and Folders =======

2013-08-31 11:43 - 2009-07-14 06:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-31 11:43 - 2009-07-14 06:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-31 11:42 - 2013-08-31 06:52 - 00000000 ____D C:\Users\user\Desktop\logi
2013-08-31 11:39 - 2009-08-03 21:55 - 00689160 _____ C:\Windows\system32\perfh015.dat
2013-08-31 11:39 - 2009-08-03 21:55 - 00132182 _____ C:\Windows\system32\perfc015.dat
2013-08-31 11:39 - 2009-07-14 07:13 - 01558616 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-31 11:38 - 2013-01-02 21:07 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-772571408-711275989-3610619051-1000UA.job
2013-08-31 11:35 - 2010-08-25 11:42 - 00001040 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-31 11:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-31 11:34 - 2013-07-15 14:09 - 00005076 _____ C:\Windows\PFRO.log
2013-08-31 11:34 - 2013-07-15 13:46 - 00042174 _____ C:\Windows\setupact.log
2013-08-31 11:33 - 2010-01-10 08:40 - 01444195 _____ C:\Windows\WindowsUpdate.log
2013-08-31 11:28 - 2013-08-31 11:28 - 00448512 _____ (OldTimer Tools) C:\Users\user\Downloads\TFC.exe
2013-08-31 11:26 - 2013-08-31 11:09 - 00000000 ____D C:\AdwCleaner
2013-08-31 11:09 - 2013-08-31 11:09 - 00994642 _____ C:\Users\user\Downloads\AdwCleaner.exe
2013-08-31 10:43 - 2012-02-05 08:25 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-31 10:43 - 2010-12-19 12:13 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-31 10:43 - 2010-12-19 12:12 - 00000000 ____D C:\Program Files\Alwil Software
2013-08-31 10:35 - 2010-08-25 11:42 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-31 10:05 - 2013-08-31 07:06 - 00064062 _____ C:\Users\user\Downloads\Extras.Txt
2013-08-31 10:04 - 2013-08-31 07:05 - 00171480 _____ C:\Users\user\Downloads\OTL.Txt
2013-08-31 09:50 - 2013-08-31 09:50 - 00000000 ____D C:\Users\user\Downloads\zdjecia
2013-08-31 09:16 - 2013-08-31 09:16 - 00797784 _____ (Duplex Secure Ltd.) C:\Users\user\Downloads\SPTDinst-v183-x64.exe
2013-08-31 07:31 - 2013-08-31 07:31 - 00377856 _____ C:\Users\user\Downloads\tmj56y5t.exe
2013-08-31 06:54 - 2013-08-31 06:54 - 00602112 _____ (OldTimer Tools) C:\Users\user\Downloads\OTL.exe
2013-08-31 06:51 - 2013-08-31 06:51 - 00030968 _____ C:\Users\user\Downloads\FRST.txt
2013-08-31 06:51 - 2013-08-31 06:51 - 00024914 _____ C:\Users\user\Downloads\Addition.txt
2013-08-31 06:49 - 2013-08-31 06:49 - 00000000 ____D C:\FRST
2013-08-31 06:23 - 2012-02-19 17:21 - 00000000 ____D C:\Windows\system32\Drivers\AVG
2013-08-29 15:42 - 2013-08-29 15:42 - 00000000 ____D C:\Users\user\AppData\Roaming\CyberLink
2013-08-29 15:42 - 2013-08-29 15:42 - 00000000 ____D C:\Users\Public\CyberLink
2013-08-29 15:42 - 2010-01-10 09:08 - 00000000 ____D C:\ProgramData\CyberLink
2013-08-29 13:16 - 2013-01-11 22:35 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-08-26 09:13 - 2010-08-25 11:42 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype
2013-08-16 20:38 - 2013-01-02 21:07 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-772571408-711275989-3610619051-1000Core.job
2013-08-06 13:37 - 2012-02-05 08:26 - 00002145 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-31 08:06

==================== End Of Log ============================