Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-06-2014
Ran by Kasia (administrator) on A45F7D7627C54C0 on 03-06-2014 13:20:49
Running from D:\
Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Cherished Technololgy LIMITED) C:\Documents and Settings\All Users\Dane aplikacji\WPM\wprotectmanager.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\21.3.0.12\NAV.exe
(Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2014.7.0.43\NST.exe
() C:\Program Files\Rock Turner\updater.exe
(Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2014.7.0.43\NST.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\WINDOWS\system32\dumprep.exe
(Microsoft Corporation) C:\WINDOWS\system32\dumprep.exe
(Microsoft Corporation) C:\WINDOWS\system32\dumprep.exe
(Microsoft Corporation) C:\WINDOWS\system32\dumprep.exe
(Microsoft Corporation) C:\WINDOWS\system32\dumprep.exe
(Microsoft Corporation) C:\WINDOWS\system32\dumprep.exe
(Microsoft Corporation) C:\WINDOWS\system32\dumprep.exe
(Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\21.3.0.12\NAV.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [fst_pl_46] => [X]
HKLM\...\Run: [upfst_pl_46.exe] => C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\fst_pl_46\upfst_pl_46.exe -runhelper
HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [DApp] => C:\Program Files\PCDApp\start.vbs
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\Run: [Torntv Downloader] => C:\Program Files\TornTV.com\Torntv Downloader.exe /c=startup
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\Run: [LiveSupport] => "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\Run: [Skype] => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\Run: [AmitiAntivirus] => C:\Program Files\NETGATE\Amiti Antivirus\AmitiAv.exe
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\MountPoints2: {09d24942-75aa-11e0-bec1-001b247dc597} - F:\2u.com
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\MountPoints2: {2581062b-4491-11e3-80e7-0017c406f923} - F:\2u.com
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\MountPoints2: {34554238-7c81-11e3-80f9-0017c406f923} - F:\2u.com
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\MountPoints2: {36cd63d0-05af-11df-bd42-0017c406f923} - F:\2u.com
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\MountPoints2: {3d24557e-7f87-11e0-bed4-001b247dc597} - F:\2u.com
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\MountPoints2: {4e3e1818-986d-11e1-bfc5-001b247dc597} - F:\2u.com
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\MountPoints2: {531874a7-fcdf-11e1-8015-001b247dc597} - F:\2u.com
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\MountPoints2: {5a969b0e-d307-11e3-817b-0017c406f923} - F:\2u.com
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\MountPoints2: {703b9576-9ee1-11df-bde3-0017c406f923} - F:\2u.com
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\MountPoints2: {70eb39f9-723f-11e2-8076-0017c406f923} - F:\2u.com
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\MountPoints2: {9bda1e18-9517-11e1-bfbf-001b247dc597} - F:\2u.com
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\MountPoints2: {a1e3269e-5b38-11df-bda7-0017c406f923} - F:\AutoRun.exe
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\MountPoints2: {a1e326a1-5b38-11df-bda7-0017c406f923} - F:\AutoRun.exe
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\MountPoints2: {cd5e5024-05f6-11e0-be65-0017c406f923} - G:\Install.exe
HKU\S-1-5-21-1844237615-1326574676-1417001333-1003\...\MountPoints2: {ef3045f5-1fc3-11df-bd6b-0017c406f923} - F:\2u.com

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pl.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1391784748&from=tt4u&uid=FUJITSUXMHW2120BH_NZ2MT782A413T782A413X&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pl.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&ts=1391784748&from=tt4u&uid=FUJITSUXMHW2120BH_NZ2MT782A413T782A413X&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE8ENUS/701
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.bing.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/
URLSearchHook: HKLM - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&affID=112670&tt=251212_ctrl_5212_3&babsrc=SP_sst&mntrId=0c8056020000000000000017c406f923
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Rock Turner - {527b365c-1bd3-4a66-906f-8729805ce78c} - C:\Program Files\Rock Turner\RockTurnerbho.dll (Rock Turner)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 23.253.94.129 128.199.225.64

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Kasia\Dane aplikacji\Mozilla\Firefox\Profiles\yeonsexl.default
FF SearchEngineOrder.3: Bing 
FF Homepage: www.google.pl
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @java.com/DTPlugin,version=1.6.0_45 - C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Documents and Settings\Kasia\Dane aplikacji\Mozilla\Firefox\Profiles\yeonsexl.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\Kasia\Dane aplikacji\Mozilla\Firefox\Profiles\yeonsexl.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Documents and Settings\Kasia\Dane aplikacji\Mozilla\Firefox\Profiles\yeonsexl.default\searchplugins\buenosearch.xml
FF Extension: Site Finder - C:\Documents and Settings\Kasia\Dane aplikacji\Mozilla\Firefox\Profiles\yeonsexl.default\Extensions\sitefinder@sitefinder.com [2014-06-03]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2014-05-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2014-03-15]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.3.0.12\IPSFF
FF Extension: Norton Vulnerability Protection - C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.3.0.12\IPSFF [2014-06-03]
FF HKLM\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\Documents and Settings\All Users\Dane aplikacji\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn\
FF Extension: Norton Identity Safe Toolbar - C:\Documents and Settings\All Users\Dane aplikacji\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn\ []

Chrome: 
=======
CHR HomePage: hxxp://home.sweetim.com/?barid={53F781C3-D4B1-48E2-A7B5-491FC7A8FBAF}
CHR RestoreOnStartup: "hxxp://home.sweetim.com/?barid={53F781C3-D4B1-48E2-A7B5-491FC7A8FBAF}&st=14"
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files\Norton Identity Safe\Engine\2014.7.0.43\Exts\Chrome.crx [2014-06-01]

========================== Services (Whitelisted) =================

R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [158128 2014-03-15] (Sun Microsystems, Inc.)
R2 NAV; C:\Program Files\Norton AntiVirus\Engine\21.3.0.12\NAV.exe [262968 2014-05-11] (Symantec Corporation)
R2 NCO; C:\Program Files\Norton Identity Safe\Engine\2014.7.0.43\NST.exe [130104 2014-03-11] (Symantec Corporation)
S2 Update Rock Turner; C:\Program Files\Rock Turner\updateRockTurner.exe [317728 2014-06-01] ()
R2 UpdaterSvcRockTurner; C:\Program Files\Rock Turner\updater.exe [109568 2014-06-01] ()
R2 Wpm; C:\Documents and Settings\All Users\Dane aplikacji\WPM\wprotectmanager.exe [510608 2014-03-05] (Cherished Technololgy LIMITED)
S2 SkypeUpdate; "C:\Program Files\Skype\Updater\Updater.exe" [X]

==================== Drivers (Whitelisted) ====================

R3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [488992 2006-03-23] (Atheros Communications, Inc.)
R1 BHDrvx86; C:\Program Files\Norton AntiVirus\NortonData\21.3.0.12\Definitions\BASHDefs\20140214.001\BHDrvx86.sys [1098968 2013-12-23] (Symantec Corporation)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 ccSet_NAV; C:\WINDOWS\system32\drivers\NAV\1503000.00C\ccSetx86.sys [127064 2014-02-21] (Symantec Corporation)
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NST\7DE07000.02B\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2014-05-31] (Symantec Corporation)
S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [145920 2005-01-07] (Windows (R) Server 2003 DDK provider)
R3 IDSxpx86; C:\Program Files\Norton AntiVirus\NortonData\21.3.0.12\Definitions\IPSDefs\20140224.002\IDSxpx86.sys [383128 2014-02-21] (Symantec Corporation)
R3 NAVENG; C:\Program Files\Norton AntiVirus\NortonData\21.3.0.12\Definitions\VirusDefs\20140531.004\NAVENG.SYS [93272 2014-05-31] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton AntiVirus\NortonData\21.3.0.12\Definitions\VirusDefs\20140531.004\NAVEX15.SYS [1612376 2014-05-31] (Symantec Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-14] (Realtek Semiconductor Corporation)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2010-12-12] ()
R1 SRTSP; C:\WINDOWS\system32\drivers\NAV\1503000.00C\SRTSP.SYS [664280 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NAV\1503000.00C\SRTSPX.SYS [32344 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\WINDOWS\System32\drivers\NAV\1503000.00C\SYMDS.SYS [367704 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\WINDOWS\System32\drivers\NAV\1503000.00C\SYMEFA.SYS [936152 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142936 2014-06-01] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NAV\1503000.00C\Ironx86.SYS [206936 2013-10-30] (Symantec Corporation)
R1 SYMTDI; C:\WINDOWS\system32\drivers\NAV\1503000.00C\SYMTDI.SYS [423256 2014-02-18] (Symantec Corporation)
R1 {b2db3058-74ee-4ace-bcd8-8cd0fbe3a4f6}t; C:\WINDOWS\System32\drivers\{b2db3058-74ee-4ace-bcd8-8cd0fbe3a4f6}t.sys [55224 2014-05-19] (StdLib)
S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S4 IntelIde; No ImagePath
S1 SpyEmrg; System32\Drivers\spyemrg.sys [X]
S2 SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [X]
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-03 13:15 - 2014-06-03 13:15 - 00000000 ____D () C:\Documents and Settings\Kasia\Pulpit\Nowy folder
2014-06-03 13:05 - 2014-06-03 13:05 - 00000803 _____ () C:\Documents and Settings\Kasia\Menu Start\Programy\Internet Explorer.lnk
2014-06-03 13:04 - 2014-06-03 13:04 - 00000000 __SHD () C:\Documents and Settings\Kasia\IETldCache
2014-06-03 13:04 - 2014-06-03 13:04 - 00000000 ____D () C:\Program Files\xerox
2014-06-03 13:04 - 2014-06-03 13:04 - 00000000 ____D () C:\Program Files\windows nt
2014-06-03 13:04 - 2014-06-03 13:04 - 00000000 ____D () C:\Program Files\msn gaming zone
2014-06-03 13:04 - 2014-06-03 13:04 - 00000000 ____D () C:\Program Files\movie maker
2014-06-03 13:04 - 2014-06-03 13:04 - 00000000 ____D () C:\Program Files\microsoft frontpage
2014-06-03 13:02 - 2014-06-03 13:02 - 00000000 ___DC () C:\TDSSKiller_Quarantine
2014-06-02 00:33 - 2014-06-03 13:23 - 00000000 ___DC () C:\FRST
2014-06-01 22:39 - 2014-06-01 22:39 - 01347418 ____C () C:\Documents and Settings\Administrator\Pulpit\wyniki Norton antywirusa.txt
2014-06-01 18:14 - 2014-06-03 13:13 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-06-01 18:14 - 2014-06-01 18:14 - 00142936 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
2014-06-01 18:14 - 2014-06-01 18:14 - 00008194 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT.CAT
2014-06-01 18:14 - 2014-06-01 18:14 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NST
2014-06-01 18:14 - 2014-06-01 18:14 - 00000000 ____D () C:\Program Files\Symantec
2014-06-01 18:14 - 2014-06-01 18:14 - 00000000 ____D () C:\Program Files\Norton Identity Safe
2014-06-01 18:14 - 2014-06-01 18:14 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Norton Identity Safe
2014-06-01 18:13 - 2014-06-01 18:13 - 00001885 _____ () C:\Documents and Settings\All Users\Pulpit\Norton AntiVirus.LNK
2014-06-01 18:12 - 2014-06-03 13:05 - 00000000 ___DC () C:\Documents and Settings\All Users\Dane aplikacji\Norton
2014-06-01 18:12 - 2014-06-01 18:13 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Norton AntiVirus
2014-06-01 18:12 - 2014-06-01 18:12 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NAV
2014-06-01 18:12 - 2014-06-01 18:12 - 00000000 ____D () C:\Program Files\Norton AntiVirus
2014-06-01 18:03 - 2014-06-01 18:03 - 294185016 ____C (Symantec Corporation) C:\Documents and Settings\Administrator\Moje dokumenty\NAV-ESD-21.3.0-PL.exe
2014-06-01 17:21 - 2014-06-01 17:21 - 123790440 ____C (Copyright © 2012 TrustPort, a.s. ) C:\Documents and Settings\Administrator\Moje dokumenty\TrustPort_USB_Antivirus_14.0.3.5256.exe
2014-06-01 17:18 - 2014-06-01 17:18 - 00000176 ____C () C:\Documents and Settings\Administrator\avgrep.txt
2014-06-01 16:57 - 2014-06-01 16:57 - 00000000 ___DC () C:\Documents and Settings\Administrator\Dane aplikacji\TuneUp Software
2014-06-01 16:47 - 2014-06-01 20:22 - 00000000 ___DC () C:\Documents and Settings\All Users\Dane aplikacji\MFAData
2014-06-01 16:47 - 2014-06-01 20:22 - 00000000 ____D () C:\Program Files\Rock Turner
2014-06-01 16:47 - 2014-06-01 16:47 - 04487240 ____C (AVG Technologies) C:\Documents and Settings\Administrator\Moje dokumenty\avg_avct_stb_all_2014_4592.exe
2014-06-01 16:47 - 2014-06-01 16:47 - 00000000 ___DC () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MFAData
2014-06-01 16:31 - 2014-06-01 16:31 - 00000667 _____ () C:\Documents and Settings\Administrator\Pulpit\Skrót do iexplore.lnk
2014-06-01 16:31 - 2014-06-01 16:31 - 00000000 _SHDC () C:\Documents and Settings\Administrator\PrivacIE
2014-06-01 16:30 - 2014-06-01 16:30 - 00000000 _SHDC () C:\Documents and Settings\Administrator\IETldCache
2014-06-01 16:26 - 2014-06-01 16:28 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2014-06-01 16:24 - 2014-06-01 16:26 - 00071482 _____ () C:\WINDOWS\ie8.log
2014-06-01 16:24 - 2014-06-01 16:26 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-06-01 16:24 - 2014-06-01 16:25 - 00000000 __HDC () C:\WINDOWS\ie8
2014-06-01 16:23 - 2014-06-01 16:27 - 00038563 _____ () C:\WINDOWS\ie8_main.log
2014-06-01 14:38 - 2014-06-01 14:46 - 00000000 ___DC () C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie
2014-06-01 14:26 - 2014-06-01 14:26 - 00021920 ____C () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2014-06-01 14:20 - 2014-06-01 14:20 - 00000000 ___DC () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe
2014-06-01 14:20 - 2014-06-01 14:20 - 00000000 ___DC () C:\Documents and Settings\Administrator\Dane aplikacji\Adobe
2014-06-01 14:15 - 2014-06-01 14:15 - 00000000 ___DC () C:\Documents and Settings\Administrator\Dane aplikacji\ipla
2014-06-01 13:37 - 2014-06-01 13:37 - 00000000 ___DC () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla
2014-06-01 13:37 - 2014-06-01 13:37 - 00000000 ___DC () C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla
2014-06-01 08:10 - 2014-06-01 08:10 - 00000000 ___DC () C:\Documents and Settings\All Users\Dane aplikacji\Package Cache
2014-06-01 08:10 - 2014-06-01 08:10 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-06-01 02:11 - 2014-06-01 02:11 - 299454696 _____ (Arcabit Ltd.) C:\Documents and Settings\Kasia\Moje dokumenty\ArcabitSetup_av_demo.exe
2014-06-01 01:51 - 2014-06-01 01:51 - 00000000 ____D () C:\Documents and Settings\Kasia\Dane aplikacji\Amiti Antivirus
2014-06-01 01:44 - 2014-06-01 01:44 - 08165432 _____ (NETGATE Technologies s.r.o. ) C:\Documents and Settings\Kasia\Moje dokumenty\aa-setup-ngt.exe
2014-06-01 01:40 - 2009-01-07 18:21 - 00018976 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg.dll
2014-06-01 01:39 - 2014-06-01 01:40 - 00015219 _____ () C:\WINDOWS\KB942288-v3.log
2014-06-01 01:39 - 2014-06-01 01:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB942288-v3$
2014-06-01 01:38 - 2014-06-01 01:38 - 00000000 ___DC () C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
2014-06-01 01:37 - 2014-06-01 01:37 - 01724552 _____ () C:\Documents and Settings\Kasia\Moje dokumenty\Adaware_Installer.exe
2014-06-01 01:30 - 2014-06-01 01:30 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-01 01:30 - 2014-06-01 01:30 - 00000000 ____D () C:\Program Files\Adobe
2014-06-01 00:53 - 2014-06-03 12:55 - 00000000 __SHD () C:\WINDOWS\CSC
2014-05-31 19:56 - 2014-05-31 19:56 - 17938608 _____ (Adobe Systems Incorporated) C:\Documents and Settings\Kasia\Moje dokumenty\install_flash_player.exe
2014-05-31 19:46 - 2014-06-01 01:30 - 00000000 ____D () C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\Adobe
2014-05-30 01:44 - 2014-05-30 01:44 - 00000608 _____ () C:\Documents and Settings\Kasia\Menu Start\Skrót do Nowy OpenDocument Dokument tekstowy.lnk
2014-05-30 01:19 - 2014-05-30 01:19 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-28 19:05 - 2014-05-28 19:05 - 00000000 ____D () C:\Documents and Settings\Kasia\Pulpit\magda
2014-05-23 18:32 - 2014-05-31 16:25 - 00000000 _____ () C:\WINDOWS\system32\s.o
2014-05-22 22:10 - 2014-05-19 15:30 - 00055224 _____ (StdLib) C:\WINDOWS\system32\Drivers\{b2db3058-74ee-4ace-bcd8-8cd0fbe3a4f6}t.sys
2014-05-22 20:38 - 2014-05-22 20:38 - 00000548 _____ () C:\Documents and Settings\Kasia\Pulpit\Smurfs.lnk
2014-05-22 20:36 - 2014-06-03 13:06 - 00000378 _____ () C:\WINDOWS\Tasks\AmiUpdXp.job
2014-05-22 20:36 - 2014-05-22 20:36 - 00000000 ____D () C:\Documents and Settings\Kasia\Dane aplikacji\23300
2014-05-22 19:09 - 2014-05-22 19:09 - 00000000 ____D () C:\Documents and Settings\Kasia\Pulpit\warcraft
2014-05-22 19:03 - 2014-05-25 21:09 - 00000000 ____D () C:\Documents and Settings\Kasia\Moje dokumenty\Gameforge Live
2014-05-22 19:03 - 2014-05-22 19:03 - 00000000 ____D () C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\Gameforge4d
2014-05-22 19:02 - 2014-06-01 14:15 - 00000000 ____D () C:\Program Files\GameforgeLive
2014-05-17 20:19 - 2014-05-17 20:21 - 00000000 ____D () C:\Documents and Settings\Kasia\Pulpit\SETTLER II + dodatek Nowe misje (PL)
2014-05-09 23:57 - 2014-05-10 00:06 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-04 23:32 - 2014-05-04 23:32 - 00098304 _____ () C:\WINDOWS\Minidump\Mini050414-01.dmp

==================== One Month Modified Files and Folders =======

2014-06-03 13:24 - 2010-01-16 17:13 - 00000000 ____D () C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp
2014-06-03 13:23 - 2014-06-02 00:33 - 00000000 ___DC () C:\FRST
2014-06-03 13:15 - 2014-06-03 13:15 - 00000000 ____D () C:\Documents and Settings\Kasia\Pulpit\Nowy folder
2014-06-03 13:15 - 2010-01-16 17:13 - 00000000 ____D () C:\Documents and Settings\Kasia\Pulpit
2014-06-03 13:13 - 2014-06-01 18:14 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-06-03 13:06 - 2014-05-22 20:36 - 00000378 _____ () C:\WINDOWS\Tasks\AmiUpdXp.job
2014-06-03 13:06 - 2010-01-16 15:30 - 01762671 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-03 13:05 - 2014-06-03 13:05 - 00000803 _____ () C:\Documents and Settings\Kasia\Menu Start\Programy\Internet Explorer.lnk
2014-06-03 13:05 - 2014-06-01 18:12 - 00000000 ___DC () C:\Documents and Settings\All Users\Dane aplikacji\Norton
2014-06-03 13:05 - 2010-01-20 02:26 - 00011310 ____C () C:\WINDOWS\spupdsvc.log
2014-06-03 13:05 - 2010-01-16 17:13 - 00000000 ___RD () C:\Documents and Settings\Kasia\Ulubione
2014-06-03 13:05 - 2010-01-16 17:13 - 00000000 ___RD () C:\Documents and Settings\Kasia\Moje dokumenty\Moje obrazy
2014-06-03 13:05 - 2010-01-16 17:13 - 00000000 ___RD () C:\Documents and Settings\Kasia\Moje dokumenty\Moja muzyka
2014-06-03 13:05 - 2010-01-16 17:13 - 00000000 ___RD () C:\Documents and Settings\Kasia\Moje dokumenty
2014-06-03 13:05 - 2010-01-16 17:13 - 00000000 ___RD () C:\Documents and Settings\Kasia\Menu Start\Programy\Akcesoria
2014-06-03 13:05 - 2010-01-16 17:13 - 00000000 ___RD () C:\Documents and Settings\Kasia\Menu Start\Programy
2014-06-03 13:04 - 2014-06-03 13:04 - 00000000 __SHD () C:\Documents and Settings\Kasia\IETldCache
2014-06-03 13:04 - 2014-06-03 13:04 - 00000000 ____D () C:\Program Files\xerox
2014-06-03 13:04 - 2014-06-03 13:04 - 00000000 ____D () C:\Program Files\windows nt
2014-06-03 13:04 - 2014-06-03 13:04 - 00000000 ____D () C:\Program Files\msn gaming zone
2014-06-03 13:04 - 2014-06-03 13:04 - 00000000 ____D () C:\Program Files\movie maker
2014-06-03 13:04 - 2014-06-03 13:04 - 00000000 ____D () C:\Program Files\microsoft frontpage
2014-06-03 13:04 - 2010-01-16 17:13 - 00000000 ____D () C:\Documents and Settings\Kasia
2014-06-03 13:04 - 2010-01-16 17:11 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-03 13:04 - 2010-01-16 17:11 - 00000000 ____D () C:\Documents and Settings\LocalService\Ustawienia lokalne\Temp
2014-06-03 13:04 - 2010-01-16 16:23 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-06-03 13:04 - 2010-01-16 16:23 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-06-03 13:04 - 2008-04-15 14:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-06-03 13:02 - 2014-06-03 13:02 - 00000000 ___DC () C:\TDSSKiller_Quarantine
2014-06-03 13:02 - 2014-01-23 23:14 - 00000188 __SHC () C:\Documents and Settings\Administrator\ntuser.ini
2014-06-03 13:02 - 2014-01-23 23:14 - 00000000 ___DC () C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp
2014-06-03 12:55 - 2014-06-01 00:53 - 00000000 __SHD () C:\WINDOWS\CSC
2014-06-02 01:05 - 2010-01-16 16:19 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy
2014-06-02 01:04 - 2014-01-23 23:14 - 00000000 ___DC () C:\Documents and Settings\Administrator\Pulpit
2014-06-01 22:39 - 2014-06-01 22:39 - 01347418 ____C () C:\Documents and Settings\Administrator\Pulpit\wyniki Norton antywirusa.txt
2014-06-01 20:22 - 2014-06-01 16:47 - 00000000 ___DC () C:\Documents and Settings\All Users\Dane aplikacji\MFAData
2014-06-01 20:22 - 2014-06-01 16:47 - 00000000 ____D () C:\Program Files\Rock Turner
2014-06-01 20:22 - 2014-01-23 23:14 - 00000000 _RHDC () C:\Documents and Settings\Administrator\Dane aplikacji
2014-06-01 20:22 - 2014-01-23 23:14 - 00000000 __HDC () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji
2014-06-01 20:22 - 2010-01-16 16:18 - 00000000 _RHDC () C:\Documents and Settings\All Users\Dane aplikacji
2014-06-01 18:14 - 2014-06-01 18:14 - 00142936 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
2014-06-01 18:14 - 2014-06-01 18:14 - 00008194 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT.CAT
2014-06-01 18:14 - 2014-06-01 18:14 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NST
2014-06-01 18:14 - 2014-06-01 18:14 - 00000000 ____D () C:\Program Files\Symantec
2014-06-01 18:14 - 2014-06-01 18:14 - 00000000 ____D () C:\Program Files\Norton Identity Safe
2014-06-01 18:14 - 2014-06-01 18:14 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Norton Identity Safe
2014-06-01 18:13 - 2014-06-01 18:13 - 00001885 _____ () C:\Documents and Settings\All Users\Pulpit\Norton AntiVirus.LNK
2014-06-01 18:13 - 2014-06-01 18:12 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Start\Programy\Norton AntiVirus
2014-06-01 18:13 - 2010-01-16 16:19 - 00000000 ____D () C:\Documents and Settings\All Users\Pulpit
2014-06-01 18:12 - 2014-06-01 18:12 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NAV
2014-06-01 18:12 - 2014-06-01 18:12 - 00000000 ____D () C:\Program Files\Norton AntiVirus
2014-06-01 18:03 - 2014-06-01 18:03 - 294185016 ____C (Symantec Corporation) C:\Documents and Settings\Administrator\Moje dokumenty\NAV-ESD-21.3.0-PL.exe
2014-06-01 18:03 - 2014-01-23 23:14 - 00000000 ___DC () C:\Documents and Settings\Administrator\Moje dokumenty
2014-06-01 17:21 - 2014-06-01 17:21 - 123790440 ____C (Copyright © 2012 TrustPort, a.s. ) C:\Documents and Settings\Administrator\Moje dokumenty\TrustPort_USB_Antivirus_14.0.3.5256.exe
2014-06-01 17:18 - 2014-06-01 17:18 - 00000176 ____C () C:\Documents and Settings\Administrator\avgrep.txt
2014-06-01 17:18 - 2014-01-23 23:14 - 00000000 ___DC () C:\Documents and Settings\Administrator
2014-06-01 16:57 - 2014-06-01 16:57 - 00000000 ___DC () C:\Documents and Settings\Administrator\Dane aplikacji\TuneUp Software
2014-06-01 16:57 - 2010-01-16 16:18 - 00927870 _____ () C:\WINDOWS\setupapi.log
2014-06-01 16:47 - 2014-06-01 16:47 - 04487240 ____C (AVG Technologies) C:\Documents and Settings\Administrator\Moje dokumenty\avg_avct_stb_all_2014_4592.exe
2014-06-01 16:47 - 2014-06-01 16:47 - 00000000 ___DC () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MFAData
2014-06-01 16:31 - 2014-06-01 16:31 - 00000667 _____ () C:\Documents and Settings\Administrator\Pulpit\Skrót do iexplore.lnk
2014-06-01 16:31 - 2014-06-01 16:31 - 00000000 _SHDC () C:\Documents and Settings\Administrator\PrivacIE
2014-06-01 16:31 - 2014-01-23 23:14 - 00000000 ___DC () C:\Documents and Settings\Administrator\Ulubione
2014-06-01 16:30 - 2014-06-01 16:30 - 00000000 _SHDC () C:\Documents and Settings\Administrator\IETldCache
2014-06-01 16:29 - 2010-01-16 16:09 - 00000000 ____D () C:\WINDOWS\system32\pl-pl
2014-06-01 16:29 - 2010-01-16 16:09 - 00000000 ____D () C:\WINDOWS\Help
2014-06-01 16:28 - 2014-06-01 16:26 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2014-06-01 16:27 - 2014-06-01 16:23 - 00038563 _____ () C:\WINDOWS\ie8_main.log
2014-06-01 16:26 - 2014-06-01 16:24 - 00071482 _____ () C:\WINDOWS\ie8.log
2014-06-01 16:26 - 2014-06-01 16:24 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-06-01 16:26 - 2010-01-20 02:24 - 00049847 ____C () C:\WINDOWS\updspapi.log
2014-06-01 16:26 - 2010-01-16 16:19 - 00522164 ____C () C:\WINDOWS\iis6.log
2014-06-01 16:26 - 2010-01-16 16:19 - 00435905 ____C () C:\WINDOWS\FaxSetup.log
2014-06-01 16:26 - 2010-01-16 16:19 - 00226996 ____C () C:\WINDOWS\ocgen.log
2014-06-01 16:26 - 2010-01-16 16:19 - 00208882 ____C () C:\WINDOWS\tsoc.log
2014-06-01 16:26 - 2010-01-16 16:19 - 00157599 ____C () C:\WINDOWS\comsetup.log
2014-06-01 16:26 - 2010-01-16 16:19 - 00147382 ____C () C:\WINDOWS\msmqinst.log
2014-06-01 16:26 - 2010-01-16 16:19 - 00094897 ____C () C:\WINDOWS\ntdtcsetup.log
2014-06-01 16:26 - 2010-01-16 16:19 - 00077728 ____C () C:\WINDOWS\netfxocm.log
2014-06-01 16:26 - 2010-01-16 16:19 - 00031316 ____C () C:\WINDOWS\MedCtrOC.log
2014-06-01 16:26 - 2010-01-16 16:19 - 00027575 ____C () C:\WINDOWS\ocmsn.log
2014-06-01 16:26 - 2010-01-16 16:19 - 00022952 ____C () C:\WINDOWS\tabletoc.log
2014-06-01 16:26 - 2010-01-16 16:19 - 00022481 ____C () C:\WINDOWS\msgsocm.log
2014-06-01 16:26 - 2010-01-16 16:19 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-06-01 16:25 - 2014-06-01 16:24 - 00000000 __HDC () C:\WINDOWS\ie8
2014-06-01 16:25 - 2010-01-16 16:09 - 00000000 ____D () C:\WINDOWS\Media
2014-06-01 14:46 - 2014-06-01 14:38 - 00000000 ___DC () C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie
2014-06-01 14:26 - 2014-06-01 14:26 - 00021920 ____C () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
2014-06-01 14:22 - 2014-01-23 23:14 - 00000000 __HDC () C:\Documents and Settings\Administrator\Ustawienia lokalne
2014-06-01 14:20 - 2014-06-01 14:20 - 00000000 ___DC () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe
2014-06-01 14:20 - 2014-06-01 14:20 - 00000000 ___DC () C:\Documents and Settings\Administrator\Dane aplikacji\Adobe
2014-06-01 14:15 - 2014-06-01 14:15 - 00000000 ___DC () C:\Documents and Settings\Administrator\Dane aplikacji\ipla
2014-06-01 14:15 - 2014-05-22 19:02 - 00000000 ____D () C:\Program Files\GameforgeLive
2014-06-01 14:15 - 2010-01-16 16:19 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start
2014-06-01 14:11 - 2010-01-16 16:19 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
2014-06-01 14:10 - 2012-05-01 15:20 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-06-01 13:37 - 2014-06-01 13:37 - 00000000 ___DC () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla
2014-06-01 13:37 - 2014-06-01 13:37 - 00000000 ___DC () C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla
2014-06-01 10:00 - 2010-01-16 17:13 - 00000188 ___SH () C:\Documents and Settings\Kasia\ntuser.ini
2014-06-01 08:10 - 2014-06-01 08:10 - 00000000 ___DC () C:\Documents and Settings\All Users\Dane aplikacji\Package Cache
2014-06-01 08:10 - 2014-06-01 08:10 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-06-01 02:11 - 2014-06-01 02:11 - 299454696 _____ (Arcabit Ltd.) C:\Documents and Settings\Kasia\Moje dokumenty\ArcabitSetup_av_demo.exe
2014-06-01 01:56 - 2014-01-16 15:31 - 00000000 ____D () C:\Documents and Settings\Kasia\Moje dokumenty\Pobieranie
2014-06-01 01:51 - 2014-06-01 01:51 - 00000000 ____D () C:\Documents and Settings\Kasia\Dane aplikacji\Amiti Antivirus
2014-06-01 01:51 - 2010-01-16 17:13 - 00000000 __RHD () C:\Documents and Settings\Kasia\Dane aplikacji
2014-06-01 01:44 - 2014-06-01 01:44 - 08165432 _____ (NETGATE Technologies s.r.o. ) C:\Documents and Settings\Kasia\Moje dokumenty\aa-setup-ngt.exe
2014-06-01 01:40 - 2014-06-01 01:39 - 00015219 _____ () C:\WINDOWS\KB942288-v3.log
2014-06-01 01:40 - 2014-06-01 01:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB942288-v3$
2014-06-01 01:40 - 2010-01-16 16:19 - 00001355 _____ () C:\WINDOWS\imsins.BAK
2014-06-01 01:38 - 2014-06-01 01:38 - 00000000 ___DC () C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
2014-06-01 01:37 - 2014-06-01 01:37 - 01724552 _____ () C:\Documents and Settings\Kasia\Moje dokumenty\Adaware_Installer.exe
2014-06-01 01:30 - 2014-06-01 01:30 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-01 01:30 - 2014-06-01 01:30 - 00000000 ____D () C:\Program Files\Adobe
2014-06-01 01:30 - 2014-05-31 19:46 - 00000000 ____D () C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\Adobe
2014-06-01 01:30 - 2010-01-20 01:37 - 00000000 ___DC () C:\Documents and Settings\All Users\Dane aplikacji\Adobe
2014-06-01 01:29 - 2010-01-16 17:13 - 00000000 ___HD () C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji
2014-06-01 01:19 - 2010-01-16 17:11 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-06-01 01:19 - 2010-01-16 15:35 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-06-01 01:19 - 2010-01-16 15:27 - 00000000 ____D () C:\WINDOWS\Registration
2014-06-01 01:13 - 2012-08-27 23:22 - 00000000 ____D () C:\Documents and Settings\Kasia\Dane aplikacji\.minecraft
2014-06-01 00:47 - 2010-01-16 18:06 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2014-05-31 21:30 - 2008-04-15 14:00 - 00000579 _____ () C:\WINDOWS\win.ini
2014-05-31 19:56 - 2014-05-31 19:56 - 17938608 _____ (Adobe Systems Incorporated) C:\Documents and Settings\Kasia\Moje dokumenty\install_flash_player.exe
2014-05-31 16:25 - 2014-05-23 18:32 - 00000000 _____ () C:\WINDOWS\system32\s.o
2014-05-31 16:25 - 2012-08-14 23:17 - 00000000 ____D () C:\Documents and Settings\Kasia\Dane aplikacji\Skype
2014-05-30 01:44 - 2014-05-30 01:44 - 00000608 _____ () C:\Documents and Settings\Kasia\Menu Start\Skrót do Nowy OpenDocument Dokument tekstowy.lnk
2014-05-30 01:44 - 2010-01-16 17:13 - 00000000 ___RD () C:\Documents and Settings\Kasia\Menu Start
2014-05-30 01:19 - 2014-05-30 01:19 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-30 01:19 - 2012-08-11 17:06 - 00000000 ____D () C:\Documents and Settings\All Users\Dane aplikacji\Skype
2014-05-30 01:17 - 2010-01-16 17:11 - 00032578 _____ () C:\WINDOWS\SchedLgU.Txt
2014-05-29 12:57 - 2014-03-19 23:56 - 00000800 _____ () C:\Documents and Settings\Kasia\Pulpit\Skrót do MinecraftSP.lnk
2014-05-28 19:05 - 2014-05-28 19:05 - 00000000 ____D () C:\Documents and Settings\Kasia\Pulpit\magda
2014-05-25 21:09 - 2014-05-22 19:03 - 00000000 ____D () C:\Documents and Settings\Kasia\Moje dokumenty\Gameforge Live
2014-05-22 20:38 - 2014-05-22 20:38 - 00000548 _____ () C:\Documents and Settings\Kasia\Pulpit\Smurfs.lnk
2014-05-22 20:36 - 2014-05-22 20:36 - 00000000 ____D () C:\Documents and Settings\Kasia\Dane aplikacji\23300
2014-05-22 19:09 - 2014-05-22 19:09 - 00000000 ____D () C:\Documents and Settings\Kasia\Pulpit\warcraft
2014-05-22 19:03 - 2014-05-22 19:03 - 00000000 ____D () C:\Documents and Settings\Kasia\Ustawienia lokalne\Dane aplikacji\Gameforge4d
2014-05-21 21:44 - 2014-01-22 23:16 - 00000000 ____D () C:\Documents and Settings\Kasia\Moje dokumenty\OpenTTD
2014-05-21 16:00 - 2010-06-13 18:53 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-05-19 15:30 - 2014-05-22 22:10 - 00055224 _____ (StdLib) C:\WINDOWS\system32\Drivers\{b2db3058-74ee-4ace-bcd8-8cd0fbe3a4f6}t.sys
2014-05-17 20:21 - 2014-05-17 20:19 - 00000000 ____D () C:\Documents and Settings\Kasia\Pulpit\SETTLER II + dodatek Nowe misje (PL)
2014-05-15 23:58 - 2014-01-16 15:29 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-10 00:06 - 2014-05-09 23:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-04 23:32 - 2014-05-04 23:32 - 00098304 _____ () C:\WINDOWS\Minidump\Mini050414-01.dmp
2014-05-04 23:32 - 2012-11-02 14:49 - 00000000 ____D () C:\WINDOWS\Minidump

Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\{A1289D6D-8231-42A9-860A-97D0F95FC64A}.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\5.2.30.7-EasyShrx.Dll
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\647ff7ee-ee53-4470-824b-a475896cc827.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\76463b1e-4908-4d3d-a5ed-97d1d4dd959c.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\appshat_generic.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\AutoRun.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\AutoRunGUI.dll
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\AxToolbarSetup.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\BingBarSetup-Partner.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\CmdLineExtInstallerExe.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\DataCard_Setup.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\different.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\drm_dialogs.dll
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\drm_dyndata_7350007.dll
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\drm_dyndata_7370012.dll
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\drm_dyndata_7380011.dll
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\drm_dyndata_7400006.dll
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD1.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD10.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD11.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD12.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD13.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD14.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD15.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD16.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD17.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD18.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD19.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD1A.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD1B.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD1C.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD1D.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD1E.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD1F.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD2.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD20.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD21.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD22.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD23.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD24.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD25.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD26.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD27.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD28.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD29.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD2A.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD2B.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD2C.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD2D.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD2E.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD2F.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD3.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD30.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD31.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD32.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD33.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD34.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD35.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD36.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD37.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD38.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD39.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD3A.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD4.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD5.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD6.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD6CF.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD7.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD750.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD8.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD8F8.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EAD9.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EADA.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EADB.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EADC.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EADC2.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EADD.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EADD39.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EADE.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\EADF.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\eauninstall.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\fp_pl_pfs_installer-1.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\FP_PL_PFS_INSTALLER.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\free-downloads.net.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\FULL-DISKfighterSetup_partner516_1.3.61Full.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\gg10.upgr.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ggdrive-menu.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ggdrive-overlay.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\HulaTooSetup.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ICReinstall_nsnFF9.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ICReinstall_Setup.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\installstats.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ipl1.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ipl12.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ipl177.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ipl1D3.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ipl2.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ipl28.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ipl3EC.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ipl6CD.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ipl701.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ipl75F.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ipl810.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ipl814.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ipl815.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ipl816.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ipl9D3.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\jre-6u17-windows-i586-iftw-rv.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\jre-6u35-windows-i586-iftw.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\jre-6u39-windows-i586-iftw.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\LiveSupport_setup.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\LollipopInstaller_notifications.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\mgsqlite3.dll
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\Mobogenie_Setup_2.2.2_506.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\MyBabylonTB(1).exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\MyBabylonTB.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\nsd100C.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\nsfFF6.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\nsh1008.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\OptimizerPro.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\Play.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\ResetDevice.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\setup_wm.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\setup__6272.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\Shortcut_SweetIMSetup.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\SIMEEI2Installer.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\SkypeSetup.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\sof_ar_20139619370_dosearches.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\SQLite.dll
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\SweetIESetup.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\The Sims 2_uninst.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\Toolbar_Toggle.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\Updater.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\utt1260.tmp.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\VP6Install.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\VP6VFW.dll
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\Yontoo-C2.exe
C:\Documents and Settings\Kasia\Ustawienia lokalne\Temp\YontooSetup-S.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2008-04-15 14:00] - [2008-04-15 14:00] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a 

C:\WINDOWS\system32\winlogon.exe
[2008-04-15 14:00] - [2008-04-15 14:00] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 

C:\WINDOWS\system32\svchost.exe
[2008-04-15 14:00] - [2008-04-15 14:00] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce 

C:\WINDOWS\system32\services.exe
[2008-04-15 14:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f 

C:\WINDOWS\system32\User32.dll
[2008-04-15 14:00] - [2008-04-15 14:00] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 

C:\WINDOWS\system32\userinit.exe
[2008-04-15 14:00] - [2008-04-15 14:00] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 

C:\WINDOWS\system32\rpcss.dll
[2008-04-15 14:00] - [2009-02-09 12:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2008-04-15 14:00] - [2008-04-15 14:00] - 0052864 ___AC (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 


==================== End Of Log ============================