Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-08-2013 02 Ran by Ja (administrator) on 28-08-2013 00:54:19 Running from E:\ Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Symantec Corporation) C:\Program Files\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe (Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Electronic Arts) C:\Program Files\Electronic Arts\EADM\Core.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Symantec Corporation) C:\Program Files\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [20065896 2012-04-24] (Realtek Semiconductor Corp.) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [15512424 2012-09-23] (NVIDIA Corporation) HKLM\...\Run: [NvMediaCenter] - C:\Windows\System32\NvMCTray.dll [108392 2012-09-23] (NVIDIA Corporation) HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1634112 2012-09-23] () HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.) HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.) HKCU\...\Run: [EA Core] - C:\Program Files\Electronic Arts\EADM\Core.exe [3325952 2009-03-28] (Electronic Arts) HKCU\...\Run: [Google Update] - C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [116648 2013-05-15] (Google Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=20.3.1.22 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=20.3.1.22 HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = http://home.microsoft.com/access/autosearch.asp?p=%s HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm SearchScopes: HKLM - DefaultScope value is missing. BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation) BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360 Premier Edition\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation) Toolbar: HKCU -&Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU -&Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation) Toolbar: HKCU -Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\coIEPlg.dll (Symantec Corporation) Toolbar: HKCU -Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation) DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1350717382055 Handler: ipp - No CLSID Value - Handler: msdaipp - No CLSID Value - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Firefox\Profiles\4w08dffp.default FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Ja\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Extension: No Name - C:\Documents and Settings\Ja\Dane aplikacji\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF HKLM\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] C:\Documents and Settings\All Users\Dane aplikacji\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.3.3.19\coFFPlgn\ FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\coFFPlgn\ FF Extension: Norton Toolbar - C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\coFFPlgn\ FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\IPSFFPlgn\ FF Extension: Norton Vulnerability Protection - C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\IPSFFPlgn\ Chrome: ======= CHR HomePage: hxxp://www.google.com CHR DefaultSearchURL: (Google) - http://www.google.com/search?hl=pl&q={searchTerms} CHR DefaultSuggestURL: (Google) - "suggest_url": "" CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.57\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Extension: (YouTube) - C:\DOCUME~1\Ja\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Adblock Plus) - C:\DOCUME~1\Ja\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0 CHR Extension: (Flow Game ) - C:\DOCUME~1\Ja\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\hhkenkiidlghkpkihaiojpjnngfocahn\1.2_0 CHR Extension: (FVD Downloader) - C:\DOCUME~1\Ja\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.3.7_0 CHR Extension: (Leather II) - C:\DOCUME~1\Ja\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\mihpigjnaahldklgkiogdaoanijhoelj\1_0 CHR Extension: (Norton Identity Protection) - C:\DOCUME~1\Ja\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0 CHR Extension: (Google Wallet Service) - C:\DOCUME~1\Ja\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0 CHR Extension: (Norton Identity Protection) - C:\DOCUME~1\Ja\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2013.4.0.10_0 CHR Extension: (Gmail) - C:\DOCUME~1\Ja\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR Extension: (Canvas Rider) - C:\DOCUME~1\Ja\USTAWI~1\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk\0.71_0 CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton 360 Premier Edition\Engine\20.4.0.40\Exts\Chrome.crx CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\Exts\Chrome.crx ========================== Services (Whitelisted) ================= S2 appdrvrem01; C:\Windows\System32\appdrvrem01.exe [316888 2013-07-31] (Protection Technology) R2 N360; C:\Program Files\Norton 360 Premier Edition\Engine\20.4.0.40\diMaster.dll [556336 2013-05-30] (Symantec Corporation) R2 NCO; C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\diMaster.dll [556336 2013-05-30] (Symantec Corporation) S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x] R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x] ==================== Drivers (Whitelisted) ==================== S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [3333808 2013-07-31] (Protection Technology) R1 BHDrvx86; C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx86.sys [1002072 2013-05-31] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360\1404000.028\ccSetx86.sys [134744 2013-04-16] (Symantec Corporation) R1 ccSet_NST; C:\Windows\system32\drivers\NST\7DD04000.00A\ccSetx86.sys [134744 2013-04-16] (Symantec Corporation) R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2013-06-08] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106656 2013-06-08] (Symantec Corporation) S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2007-03-08] (HP) S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2007-03-08] (HP) S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2007-03-08] (HP) R3 IDSxpx86; C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130820.006\IDSxpx86.sys [380832 2013-08-20] (Symantec Corporation) S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) R3 NAVENG; C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130821.002\NAVENG.SYS [93272 2013-08-21] (Symantec Corporation) R3 NAVEX15; C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130821.002\NAVEX15.SYS [1611992 2013-08-21] (Symantec Corporation) R1 SRTSP; C:\Windows\System32\Drivers\N360\1404000.028\SRTSP.SYS [603224 2013-05-16] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360\1404000.028\SRTSPX.SYS [32344 2013-03-05] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\N360\1404000.028\SYMDS.SYS [367704 2013-05-21] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360\1404000.028\SYMEFA.SYS [934488 2013-05-23] (Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142496 2013-06-18] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360\1404000.028\Ironx86.SYS [175264 2013-03-05] (Symantec Corporation) R1 SYMTDI; C:\Windows\System32\Drivers\N360\1404000.028\SYMTDI.SYS [396760 2013-04-25] (Symantec Corporation) S4 IntelIde; No ImagePath U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-27 17:57 - 2013-08-27 17:57 - 00000000 ____D C:\FRST 2013-08-24 15:55 - 2013-08-24 15:56 - 00011962 _____ C:\WINDOWS\KB2862772-IE8.log 2013-08-24 15:54 - 2013-08-24 15:55 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-08-24 15:53 - 2013-08-24 15:53 - 00005178 _____ C:\WINDOWS\KB2863058.log 2013-08-24 15:53 - 2013-08-24 15:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$ 2013-08-24 15:53 - 2013-08-24 15:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$ 2013-08-24 15:53 - 2013-08-24 15:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$ 2013-08-24 15:53 - 2013-08-24 15:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$ 2013-08-21 13:01 - 2013-08-21 17:50 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-08-21 10:32 - 2013-08-24 15:53 - 00010819 _____ C:\WINDOWS\KB2859537.log 2013-08-21 10:32 - 2013-08-24 15:53 - 00009050 _____ C:\WINDOWS\KB2850869.log 2013-07-31 18:37 - 2013-07-31 18:37 - 03333808 _____ (Protection Technology) C:\WINDOWS\system32\Drivers\appdrv01.sys 2013-07-31 18:37 - 2013-07-31 18:37 - 00316888 _____ (Protection Technology) C:\WINDOWS\system32\appdrvrem01.exe 2013-07-31 16:43 - 2013-07-31 16:43 - 00000000 ____D C:\Documents and Settings\Ja\Dane aplikacji\Mount&Blade 2013-07-31 16:13 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll 2013-07-31 16:13 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll 2013-07-31 16:13 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll 2013-07-31 16:13 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll 2013-07-31 16:13 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll 2013-07-31 16:13 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll 2013-07-31 16:13 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll 2013-07-31 16:13 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll 2013-07-31 16:13 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll 2013-07-31 16:13 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll 2013-07-31 16:13 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll 2013-07-31 16:13 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll 2013-07-31 16:03 - 2013-07-31 16:43 - 00000000 ____D C:\Program Files\Ogniem i Mieczem 2013-07-31 16:03 - 2013-07-31 16:03 - 00000000 ____D C:\Documents and Settings\Ja\Dane aplikacji\InstallShield 2013-07-31 15:52 - 2013-07-31 16:28 - 00000000 ____D C:\Documents and Settings\Ja\Pulpit\!!----;WRZUC i WYRZUC!!----------;!!!!!!!!!!! ==================== One Month Modified Files and Folders ======= 2013-08-28 00:53 - 2012-10-20 00:42 - 01481821 _____ C:\WINDOWS\WindowsUpdate.log 2013-08-28 00:51 - 2012-10-20 11:31 - 00001024 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-08-28 00:51 - 2012-10-20 02:32 - 00000159 _____ C:\WINDOWS\wiadebug.log 2013-08-28 00:51 - 2012-10-20 02:32 - 00000000 _____ C:\WINDOWS\wiaservc.log 2013-08-28 00:51 - 2012-10-20 00:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-08-28 00:50 - 2012-10-20 00:51 - 00000188 ___SH C:\Documents and Settings\Ja\ntuser.ini 2013-08-28 00:50 - 2012-10-20 00:50 - 00032506 _____ C:\WINDOWS\SchedLgU.Txt 2013-08-28 00:47 - 2013-08-28 00:46 - 00000000 ____D C:\AdwCleaner 2013-08-28 00:47 - 2012-10-20 02:30 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2013-08-28 00:47 - 2012-10-20 00:51 - 00000000 __RHD C:\Documents and Settings\Ja\Dane aplikacji 2013-08-28 00:47 - 2012-10-20 00:51 - 00000000 ___RD C:\Documents and Settings\Ja\Menu Start\Programy 2013-08-28 00:47 - 2012-10-20 00:51 - 00000000 ___HD C:\DOCUME~1\Ja\USTAWI~1\Dane aplikacji 2013-08-28 00:47 - 2012-10-20 00:51 - 00000000 ____D C:\Documents and Settings\Ja 2013-08-28 00:40 - 2013-06-12 07:48 - 00120092 _____ C:\WINDOWS\setupapi.log 2013-08-28 00:15 - 2013-05-27 10:05 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-1275210071-682003330-1004UA.job 2013-08-27 23:51 - 2012-10-20 11:31 - 00001028 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-08-27 21:01 - 2012-10-20 10:58 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat 2013-08-27 18:29 - 2013-02-19 19:29 - 00000000 ____D C:\WINDOWS\Microsoft.NET 2013-08-27 17:57 - 2013-08-27 17:57 - 00000000 ____D C:\FRST 2013-08-26 20:15 - 2008-04-15 14:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl 2013-08-24 15:56 - 2013-08-24 15:55 - 00011962 _____ C:\WINDOWS\KB2862772-IE8.log 2013-08-24 15:56 - 2012-10-20 09:10 - 00098379 _____ C:\WINDOWS\updspapi.log 2013-08-24 15:56 - 2012-10-20 02:31 - 01093532 _____ C:\WINDOWS\FaxSetup.log 2013-08-24 15:56 - 2012-10-20 02:31 - 00532025 _____ C:\WINDOWS\ocgen.log 2013-08-24 15:56 - 2012-10-20 02:31 - 00423213 _____ C:\WINDOWS\tsoc.log 2013-08-24 15:56 - 2012-10-20 02:31 - 00375090 _____ C:\WINDOWS\comsetup.log 2013-08-24 15:56 - 2012-10-20 02:31 - 00225701 _____ C:\WINDOWS\ntdtcsetup.log 2013-08-24 15:56 - 2012-10-20 02:31 - 00173834 _____ C:\WINDOWS\iis6.log 2013-08-24 15:56 - 2012-10-20 02:31 - 00068435 _____ C:\WINDOWS\ocmsn.log 2013-08-24 15:56 - 2012-10-20 02:31 - 00054946 _____ C:\WINDOWS\msgsocm.log 2013-08-24 15:56 - 2012-10-20 02:31 - 00001374 _____ C:\WINDOWS\imsins.log 2013-08-24 15:55 - 2013-08-24 15:54 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-08-24 15:54 - 2012-10-20 09:50 - 75778376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2013-08-24 15:53 - 2013-08-24 15:53 - 00005178 _____ C:\WINDOWS\KB2863058.log 2013-08-24 15:53 - 2013-08-24 15:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$ 2013-08-24 15:53 - 2013-08-24 15:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$ 2013-08-24 15:53 - 2013-08-24 15:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$ 2013-08-24 15:53 - 2013-08-24 15:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$ 2013-08-24 15:53 - 2013-08-21 10:32 - 00010819 _____ C:\WINDOWS\KB2859537.log 2013-08-24 15:53 - 2013-08-21 10:32 - 00009050 _____ C:\WINDOWS\KB2850869.log 2013-08-24 15:53 - 2012-10-20 09:54 - 00018826 _____ C:\WINDOWS\system32\TZLog.log 2013-08-24 15:53 - 2012-10-20 02:31 - 00001374 _____ C:\WINDOWS\imsins.BAK 2013-08-24 15:52 - 2012-10-20 02:31 - 01044270 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-08-24 15:52 - 2008-04-15 14:00 - 00491050 _____ C:\WINDOWS\system32\perfh015.dat 2013-08-24 15:52 - 2008-04-15 14:00 - 00084302 _____ C:\WINDOWS\system32\perfc015.dat 2013-08-21 17:50 - 2013-08-21 13:01 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-08-21 17:50 - 2012-10-21 15:46 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2013-08-21 16:15 - 2013-05-27 10:05 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-1275210071-682003330-1004Core.job 2013-08-21 11:54 - 2012-10-20 11:19 - 00692104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2013-08-21 11:54 - 2012-10-20 11:19 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2013-08-21 11:07 - 2013-04-26 16:17 - 00000000 ____D C:\Program Files\Steam 2013-08-21 10:58 - 2012-10-20 10:52 - 00000000 ____D C:\Documents and Settings\Ja\Moje dokumenty\Pobieranie 2013-07-31 18:37 - 2013-07-31 18:37 - 03333808 _____ (Protection Technology) C:\WINDOWS\system32\Drivers\appdrv01.sys 2013-07-31 18:37 - 2013-07-31 18:37 - 00316888 _____ (Protection Technology) C:\WINDOWS\system32\appdrvrem01.exe 2013-07-31 16:43 - 2013-07-31 16:43 - 00000000 ____D C:\Documents and Settings\Ja\Dane aplikacji\Mount&Blade 2013-07-31 16:43 - 2013-07-31 16:03 - 00000000 ____D C:\Program Files\Ogniem i Mieczem 2013-07-31 16:28 - 2013-07-31 15:52 - 00000000 ____D C:\Documents and Settings\Ja\Pulpit\!!----;WRZUC i WYRZUC!!----------;!!!!!!!!!!! 2013-07-31 16:21 - 2012-10-20 02:30 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2013-07-31 16:13 - 2012-10-20 00:42 - 00000000 ____D C:\WINDOWS\system32\DirectX 2013-07-31 16:03 - 2013-07-31 16:03 - 00000000 ____D C:\Documents and Settings\Ja\Dane aplikacji\InstallShield 2013-07-31 16:03 - 2012-10-20 09:00 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2013-07-31 15:53 - 2012-10-20 00:51 - 00000000 ____D C:\Documents and Settings\Ja\Pulpit 2013-07-31 10:15 - 2012-10-21 15:46 - 00000000 ____D C:\Documents and Settings\Ja\Dane aplikacji\Mozilla ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2008-04-15 14:00] - [2008-04-15 14:00] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2008-04-15 14:00] - [2008-04-15 14:00] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\svchost.exe [2008-04-15 14:00] - [2008-04-15 14:00] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\Windows\System32\services.exe [2008-04-15 14:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\Windows\System32\User32.dll [2008-04-15 14:00] - [2008-04-15 14:00] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\Windows\System32\userinit.exe [2008-04-15 14:00] - [2008-04-15 14:00] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\Windows\System32\Drivers\volsnap.sys [2008-04-15 14:00] - [2008-04-15 14:00] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================