Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-02-2014 01 Ran by Greg (administrator) on GS on 23-02-2014 10:41:11 Running from D:\Narzedzia\FRST Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AVAST Software) D:\Programy\AVAST Software\AvastSvc.exe (AVAST Software) D:\Programy\AVAST Software\AvastUI.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe (VIA Technologies, Inc.) C:\WINDOWS\system32\KaraokeSer.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Opera Software) D:\Programy\Opera\opera.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [33603584 2009-04-06] (VIA Technologies, Inc.) HKLM\...\Run: [AvastUI.exe] - D:\Programy\AVAST Software\AvastUI.exe [3767096 2014-01-24] (AVAST Software) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\S-1-5-21-861567501-1604221776-839522115-1003\...\Run: [Odkurzacz] - C:\Program Files\Odkurzacz\odkurzacz.exe [905216 2013-09-21] (FranmoSoftware) HKU\S-1-5-21-861567501-1604221776-839522115-1003\...\Policies\Explorer: [NoSharedDocuments] 1 HKU\S-1-5-21-861567501-1604221776-839522115-1003\...\Policies\Explorer: [NoSMConfigurePrograms] 1 ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.ru/cnt/9134 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Strona wyszukiwania = http://www.msn.com/access/allinone.asp HKCU\Software\Microsoft\Internet Explorer\Main,Strona początkowa = http://www.microsoft.com/msoffice/ URLSearchHook: HKCU - (No Name) - {09900DE8-1DCA-443F-9243-26FF581438AF} - No File SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {679356D6-F9A6-420C-9FD5-8829ECAD92B0} URL = http://www.idg.pl?q={searchTerms} SearchScopes: HKCU - {BE160BDE-6222-4602-9663-9B949D4FA329} URL = http://www.idg.pl?q={searchTerms} SearchScopes: HKCU - {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO: No Name - {8984B388-A5BB-4DF7-B274-77B879E179DB} - No File BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programy\AVAST Software\aswWebRepIE.dll (AVAST Software) BHO: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Greg.GS\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) Toolbar: HKLM - No Name - {09900DE8-1DCA-443F-9243-26FF581438AF} - No File Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Programy\AVAST Software\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 ========================== Services (Whitelisted) ================= R2 avast! Antivirus; D:\Programy\AVAST Software\AvastSvc.exe [50344 2014-01-24] (AVAST Software) R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) R2 KaraokeService; C:\WINDOWS\system32\KaraokeSer.exe [88696 2012-11-30] (VIA Technologies, Inc.) S4 Guard.Mail.ru; C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe [X] ==================== Drivers (Whitelisted) ==================== S3 3xHybrid; C:\WINDOWS\System32\DRIVERS\3xHybrid.sys [908544 2009-03-13] (NXP Semiconductors Germany GmbH) S2 713xTVCard; C:\WINDOWS\System32\DRIVERS\SAA713x.sys [277504 2005-03-15] (Philips Semiconductors) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-02-05] (AVAST Software) R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-01-24] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2013-10-21] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-01-24] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410784 2014-01-24] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-01-24] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180248 2013-12-18] () R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices) R3 Cap7134; C:\WINDOWS\System32\DRIVERS\Cap7134.sys [353792 2003-09-16] (Philips Semiconductors) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) R0 JRAID; C:\WINDOWS\System32\DRIVERS\jraid.sys [106296 2012-09-17] (JMicron Technology Corp.) R3 L1e; C:\WINDOWS\System32\DRIVERS\l1e51x86.sys [46632 2010-03-19] (Atheros Communications, Inc.) S3 monfilt; C:\WINDOWS\System32\drivers\monfilt.sys [1389056 2008-02-14] (Creative Technology Ltd.) S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation) R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) R3 PhTVTune; C:\WINDOWS\System32\DRIVERS\PhTVTune.sys [25344 2003-09-13] (Philips Semiconductors) R3 RtlWlanu; C:\WINDOWS\System32\DRIVERS\rtwlanu.sys [1343760 2012-11-07] (Realtek Semiconductor Corporation ) S3 SAA713x; C:\WINDOWS\System32\DRIVERS\saa713x.sys [277504 2005-03-15] (Philips Semiconductors) S3 ssm_bus; C:\WINDOWS\System32\DRIVERS\ssm_bus.sys [104448 2010-12-21] (MCCI Corporation) S3 ssm_mdfl; C:\WINDOWS\System32\DRIVERS\ssm_mdfl.sys [14848 2010-12-21] (MCCI Corporation) S3 ssm_mdm; C:\WINDOWS\System32\DRIVERS\ssm_mdm.sys [132608 2010-12-21] (MCCI Corporation) R1 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5632 2006-07-24] () R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [2558712 2012-11-30] (VIA Technologies, Inc.) R3 VX1000; C:\WINDOWS\System32\DRIVERS\VX1000.sys [1961072 2010-05-20] (Microsoft Corporation) S3 catchme; \??\C:\DOCUME~1\Greg.GS\USTAWI~1\Temp\catchme.sys [X] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-23 10:41 - 2014-02-23 10:41 - 00000000 ____D () C:\FRST 2014-02-20 14:05 - 2014-02-20 14:05 - 00058953 _____ () C:\Documents and Settings\Greg.GS\Pulpit\uwaga2.jpeg 2014-02-20 13:45 - 2014-02-20 13:45 - 00058460 _____ () C:\Documents and Settings\Greg.GS\Pulpit\uwaga1.jpeg 2014-02-18 20:53 - 2014-02-23 09:57 - 00040802 _____ () C:\WINDOWS\WindowsUpdate.log 2014-02-18 20:47 - 2014-02-18 20:47 - 00000000 ____D () C:\Documents and Settings\Greg.GS\Moje dokumenty\Garbage Truck Simulator 2014-02-17 18:22 - 2014-02-17 18:22 - 00000000 ____D () C:\Documents and Settings\Greg.GS\Moje dokumenty\Corel User Files 2014-02-14 18:21 - 2014-02-21 23:15 - 00000000 ____D () C:\Documents and Settings\Greg.GS\Menu Start\Programy\Roblox 2014-02-14 18:21 - 2014-02-21 23:14 - 00000188 _____ () C:\Documents and Settings\Greg.GS\Ustawienia lokalne\Dane aplikacji\rbxcsettings.rbx 2014-02-14 18:21 - 2014-02-21 23:13 - 00000000 ____D () C:\Documents and Settings\Greg.GS\Ustawienia lokalne\Dane aplikacji\RobloxVersions 2014-02-14 18:21 - 2014-02-14 18:24 - 00000000 ____D () C:\Documents and Settings\Greg.GS\Ustawienia lokalne\Dane aplikacji\Roblox 2014-02-14 18:21 - 2014-02-14 18:21 - 00001210 _____ () C:\Documents and Settings\Greg.GS\Pulpit\ROBLOX Player.lnk 2014-02-12 16:17 - 2014-02-12 16:55 - 00010133 _____ () C:\Documents and Settings\Greg.GS\Pulpit\Kesik.txt 2014-02-10 20:52 - 2014-02-11 20:46 - 00008192 _____ () C:\WINDOWS\Greg.pcb 2014-02-10 19:33 - 2010-09-13 15:01 - 00458129 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll 2014-02-10 19:33 - 2010-09-13 15:01 - 00458129 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll 2014-02-10 19:33 - 2010-09-13 15:00 - 00475410 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll 2014-02-10 19:33 - 2010-09-13 15:00 - 00475410 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll 2014-02-10 19:33 - 2008-06-18 11:49 - 00249344 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll 2014-02-10 19:33 - 2008-06-18 11:49 - 00249344 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll 2014-02-10 19:28 - 2014-02-10 19:28 - 00000000 ____D () C:\Documents and Settings\Greg~GS\USTAWI~1 2014-02-10 19:28 - 2014-02-10 19:28 - 00000000 ____D () C:\Documents and Settings\Greg~GS 2014-02-10 19:28 - 2007-09-07 17:33 - 00135168 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\EEBAPI.dll 2014-02-10 19:28 - 2007-03-28 18:26 - 00065536 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\EEBUtil.dll 2014-02-10 19:28 - 2006-12-19 18:31 - 00110592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\EEBDSCVR.dll 2014-02-10 19:28 - 2006-12-19 18:20 - 00077824 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\EBAPI.dll 2014-02-10 19:28 - 2003-12-17 01:01 - 00055808 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\EEBSDKIF.dll 2014-02-10 10:05 - 2014-02-10 10:05 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\GP SOFT 2014-02-09 18:17 - 2009-05-01 00:00 - 00128392 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esdevapp.exe 2014-02-09 11:59 - 2014-02-10 19:33 - 00000000 ____D () C:\Program Files\EpsonNet 2014-02-09 11:59 - 2014-02-10 11:16 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\EPSON 2014-02-09 11:47 - 2014-02-09 11:47 - 00000000 ____D () C:\Program Files\Epson Software 2014-02-09 11:46 - 2014-02-09 11:59 - 00000000 ____D () C:\Program Files\EpsonNet(2) ==================== One Month Modified Files and Folders ======= 2014-02-23 10:41 - 2014-02-23 10:41 - 00000000 ____D () C:\FRST 2014-02-23 09:57 - 2014-02-18 20:53 - 00040802 _____ () C:\WINDOWS\WindowsUpdate.log 2014-02-23 09:57 - 2013-08-15 01:35 - 00000342 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2014-02-23 09:56 - 2013-08-15 02:55 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-02-23 09:56 - 2013-08-15 02:55 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-02-23 09:56 - 2013-08-15 01:04 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-02-23 01:04 - 2013-08-15 01:05 - 00000188 ___SH () C:\Documents and Settings\Greg.GS\ntuser.ini 2014-02-23 01:04 - 2013-08-15 01:04 - 00032532 _____ () C:\WINDOWS\SchedLgU.Txt 2014-02-23 00:54 - 2013-08-15 02:52 - 00000000 __RHD () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji 2014-02-23 00:54 - 2013-08-15 01:04 - 00000188 ___SH () C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\ntuser.ini 2014-02-22 22:22 - 2013-09-25 18:39 - 00019758 _____ () C:\Documents and Settings\Greg.GS\Pulpit\zdrowie.txt 2014-02-21 23:15 - 2014-02-14 18:21 - 00000000 ____D () C:\Documents and Settings\Greg.GS\Menu Start\Programy\Roblox 2014-02-21 23:15 - 2013-08-15 01:05 - 00000000 ____D () C:\Documents and Settings\Greg.GS\Pulpit 2014-02-21 23:14 - 2014-02-14 18:21 - 00000188 _____ () C:\Documents and Settings\Greg.GS\Ustawienia lokalne\Dane aplikacji\rbxcsettings.rbx 2014-02-21 23:14 - 2013-08-15 01:05 - 00000000 ____D () C:\Documents and Settings\Greg.GS 2014-02-21 23:13 - 2014-02-14 18:21 - 00000000 ____D () C:\Documents and Settings\Greg.GS\Ustawienia lokalne\Dane aplikacji\RobloxVersions 2014-02-20 16:33 - 2013-08-15 02:52 - 00000000 __RHD () C:\Documents and Settings\Default User.WINDOWS\Ustawienia lokalne 2014-02-20 16:33 - 2013-08-15 01:05 - 00000000 ___HD () C:\Documents and Settings\Greg.GS\Ustawienia lokalne 2014-02-20 16:33 - 2013-08-15 01:04 - 00000000 ___HD () C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT\Ustawienia lokalne 2014-02-20 16:33 - 2013-08-15 01:04 - 00000000 ___HD () C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Ustawienia lokalne 2014-02-20 16:33 - 2008-05-02 22:39 - 00000000 __RHD () C:\Documents and Settings\Default User\Ustawienia lokalne 2014-02-20 16:33 - 2008-05-02 20:56 - 00000000 ___HD () C:\Documents and Settings\greg\Ustawienia lokalne 2014-02-20 16:31 - 2001-07-21 21:15 - 00000254 _____ () C:\WINDOWS\system.ini 2014-02-20 16:29 - 2013-08-15 01:05 - 00000000 __RHD () C:\Documents and Settings\Greg.GS\Dane aplikacji 2014-02-20 14:05 - 2014-02-20 14:05 - 00058953 _____ () C:\Documents and Settings\Greg.GS\Pulpit\uwaga2.jpeg 2014-02-20 13:45 - 2014-02-20 13:45 - 00058460 _____ () C:\Documents and Settings\Greg.GS\Pulpit\uwaga1.jpeg 2014-02-20 01:20 - 2013-12-04 19:23 - 00001065 _____ () C:\WINDOWS\winamp.ini 2014-02-18 20:50 - 2013-08-15 02:52 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Pulpit 2014-02-18 20:49 - 2013-09-15 10:51 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Techland 2014-02-18 20:47 - 2014-02-18 20:47 - 00000000 ____D () C:\Documents and Settings\Greg.GS\Moje dokumenty\Garbage Truck Simulator 2014-02-18 20:47 - 2013-08-15 01:05 - 00000000 ___RD () C:\Documents and Settings\Greg.GS\Moje dokumenty 2014-02-18 16:03 - 2013-12-13 21:09 - 01170024 _____ () C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat 2014-02-18 16:03 - 2013-08-15 01:04 - 00000000 ___HD () C:\Documents and Settings\LocalService.ZARZĄDZANIE NT\Ustawienia lokalne\Dane aplikacji 2014-02-17 19:44 - 2001-07-21 21:16 - 00000554 _____ () C:\WINDOWS\win.ini 2014-02-17 18:22 - 2014-02-17 18:22 - 00000000 ____D () C:\Documents and Settings\Greg.GS\Moje dokumenty\Corel User Files 2014-02-16 23:56 - 2013-09-18 16:23 - 00004690 _____ () C:\Documents and Settings\Greg.GS\Pulpit\Astra.txt 2014-02-15 16:24 - 2013-11-29 08:01 - 00000078 _____ () C:\Documents and Settings\Greg.GS\Pulpit\telefony.txt 2014-02-14 18:24 - 2014-02-14 18:21 - 00000000 ____D () C:\Documents and Settings\Greg.GS\Ustawienia lokalne\Dane aplikacji\Roblox 2014-02-14 18:22 - 2013-08-15 09:23 - 00000000 ___RD () C:\Documents and Settings\Greg.GS\Moje dokumenty\Moje wideo 2014-02-14 18:21 - 2014-02-14 18:21 - 00001210 _____ () C:\Documents and Settings\Greg.GS\Pulpit\ROBLOX Player.lnk 2014-02-14 18:21 - 2013-08-15 01:05 - 00000000 ___RD () C:\Documents and Settings\Greg.GS\Menu Start\Programy 2014-02-14 18:21 - 2013-08-15 01:05 - 00000000 ___HD () C:\Documents and Settings\Greg.GS\Ustawienia lokalne\Dane aplikacji 2014-02-12 16:55 - 2014-02-12 16:17 - 00010133 _____ () C:\Documents and Settings\Greg.GS\Pulpit\Kesik.txt 2014-02-12 16:02 - 2013-08-30 10:02 - 00007006 _____ () C:\WINDOWS\Greg8.xlb 2014-02-11 20:46 - 2014-02-10 20:52 - 00008192 _____ () C:\WINDOWS\Greg.pcb 2014-02-11 09:01 - 2013-08-15 02:51 - 00476352 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-02-10 21:04 - 2013-08-14 22:41 - 00148008 _____ () C:\Documents and Settings\Greg.GS\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2014-02-10 19:57 - 2013-08-16 07:49 - 00000000 ____D () C:\Documents and Settings\Greg.GS\Menu Start\Programy\Microsoft Office 2014-02-10 19:33 - 2014-02-09 11:59 - 00000000 ____D () C:\Program Files\EpsonNet 2014-02-10 19:33 - 2008-05-02 21:18 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-02-10 19:28 - 2014-02-10 19:28 - 00000000 ____D () C:\Documents and Settings\Greg~GS\USTAWI~1 2014-02-10 19:28 - 2014-02-10 19:28 - 00000000 ____D () C:\Documents and Settings\Greg~GS 2014-02-10 19:28 - 2013-08-20 17:04 - 00000000 ____D () C:\Program Files\Common Files\EPSON 2014-02-10 19:28 - 2013-08-15 02:52 - 00000000 ___HD () C:\Documents and Settings\All Users.WINDOWS\Szablony 2014-02-10 11:16 - 2014-02-09 11:59 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\EPSON 2014-02-10 11:16 - 2013-08-20 16:17 - 00000000 ____D () C:\Program Files\epson 2014-02-10 11:15 - 2013-08-20 16:08 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\EPSON 2014-02-10 10:05 - 2014-02-10 10:05 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\GP SOFT 2014-02-10 10:05 - 2013-08-15 02:52 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy 2014-02-09 14:22 - 2008-05-03 12:48 - 00000000 ___HD () C:\WINDOWS\$hf_mig$ 2014-02-09 14:21 - 2013-09-05 22:21 - 00000000 ____D () C:\WINDOWS\ie8updates 2014-02-09 14:21 - 2013-08-16 22:18 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\Skype 2014-02-09 14:21 - 2008-05-03 12:48 - 00000000 ____D () C:\WINDOWS\Downloaded Installations 2014-02-09 12:01 - 2001-07-21 21:17 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2014-02-09 12:00 - 2013-11-24 17:58 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\ipla 2014-02-09 12:00 - 2013-11-04 20:03 - 00000000 ____D () C:\Documents and Settings\Greg.GS\Dane aplikacji\ipla 2014-02-09 12:00 - 2013-08-15 01:04 - 00000000 __SHD () C:\Documents and Settings\NetworkService.ZARZĄDZANIE NT 2014-02-09 12:00 - 2013-08-15 01:04 - 00000000 __SHD () C:\Documents and Settings\LocalService.ZARZĄDZANIE NT 2014-02-09 12:00 - 2008-05-02 20:47 - 00000000 ____D () C:\WINDOWS\Registration 2014-02-09 11:59 - 2014-02-09 11:46 - 00000000 ____D () C:\Program Files\EpsonNet(2) 2014-02-09 11:59 - 2008-05-02 22:33 - 00000000 ____D () C:\WINDOWS\twain_32 2014-02-09 11:48 - 2008-05-02 21:16 - 00000000 ____D () C:\Program Files\Common Files\InstallShield 2014-02-09 11:47 - 2014-02-09 11:47 - 00000000 ____D () C:\Program Files\Epson Software 2014-02-05 15:21 - 2013-08-15 14:57 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys 2014-01-24 15:21 - 2013-08-15 02:18 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2014-01-24 15:21 - 2013-08-15 02:18 - 00410784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys 2014-01-24 15:21 - 2013-08-15 02:18 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys 2014-01-24 15:21 - 2013-08-15 02:18 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys 2014-01-24 15:21 - 2013-08-15 02:17 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2014-01-24 15:21 - 2013-08-15 02:17 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr Some content of TEMP: ==================== C:\Documents and Settings\Greg.GS\Ustawienia lokalne\temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe [2004-08-03 23:44] - [2008-04-14 18:21] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\WINDOWS\system32\winlogon.exe [2004-08-03 23:44] - [2008-04-14 18:21] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\WINDOWS\system32\svchost.exe [2004-08-03 23:44] - [2008-04-14 18:21] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\WINDOWS\system32\services.exe [2004-08-03 23:44] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\WINDOWS\system32\User32.dll [2004-08-03 23:44] - [2008-04-14 18:20] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\WINDOWS\system32\userinit.exe [2004-08-03 23:44] - [2008-04-14 18:21] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\WINDOWS\system32\rpcss.dll [2004-08-03 23:44] - [2009-02-09 11:53] - 0401408 ____A (Microsoft Corporation) a37311d9d628c1042a2836731787f0f3 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. C:\WINDOWS\system32\Drivers\volsnap.sys [2004-08-03 23:36] - [2008-04-14 17:01] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================