Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014 Ran by iwa (administrator) on IWA-KOMPUTER on 21-07-2014 16:54:19 Running from D:\Downloads\skany Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\stacsv64.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe () D:\Programy\CDBurnerXP\NMSAccessU.exe () C:\Windows\SysWOW64\PSIService.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe (ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (Greenshot) C:\Program Files\Greenshot\Greenshot.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIILE.EXE (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (ASUS) C:\Windows\AsScrPro.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [635784 2010-01-13] (ELAN Microelectronic Corp.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2009-11-27] (IDT, Inc.) HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-01] (AlcorMicro Co., Ltd.) HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO) HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [499712 2013-05-20] (Greenshot) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296096 2012-10-29] (RealNetworks, Inc.) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION) HKU\.DEFAULT\...\Run: [Copy] => C:\Users\iwa\AppData\Roaming\Copy\CopyAgent.exe [15229072 2013-07-19] (Barracuda Networks, Inc.) HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-1081637463-3444327729-3069715732-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1081637463-3444327729-3069715732-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\iwa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled () ShellIconOverlayIdentifiers: 1aCopyShExtError -> {83BEA36E-7680-4598-A4DF-994426F6E78D} => C:\Users\iwa\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 2aCopyShExtSynced -> {845B7388-6F85-4F32-9FD5-F02DC7882B89} => C:\Users\iwa\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 3aCopyShExtSyncing -> {F6378A7A-F753-449B-AE1B-997A96132E61} => C:\Users\iwa\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 4aCopyShExtSyncingProg1 -> {3A511828-777D-46F8-82F4-5B530C1B3D9E} => C:\Users\iwa\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 5aCopyShExtSyncingProg2 -> {C8C88204-5B14-40EC-BA72-8AEBC762047E} => C:\Users\iwa\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 6aCopyShExtSyncingProg3 -> {ACFF45C3-3EEB-4351-86C2-6696BA264239} => C:\Users\iwa\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 7aCopyShExtSyncingProg4 -> {29AF997F-488B-46F0-AE78-7146F1B89CC3} => C:\Users\iwa\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 8aCopyShExtSyncingProg5 -> {03F9AD29-1C78-4B66-8890-B177B5430C53} => C:\Users\iwa\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Pomocnik rejestracji usługi Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: QUICKfind BHO Object -> {C08DF07A-3E49-4E25-9AB0-D3882835F153} -> C:\Program Files (x86)\TEXTware\QUICKfind\PlugIns\IEHelp.dll () BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler: textwareilluminatorbase - {CE5CD329-1650-414A-8DB0-4CBF72FAED87} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: textwareilluminatorbase - {CE5CD329-1650-414A-8DB0-4CBF72FAED87} - C:\Windows\SysWow64\textwareilluminatorbaseProtocol.dll () Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\iwa\AppData\Roaming\Mozilla\Firefox\Profiles\0yae52fc.default-1361200542086 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - D:\Programy\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer) FF Extension: aTube Toolbar - C:\Users\iwa\AppData\Roaming\Mozilla\Firefox\Profiles\u5vis3im.default\Extensions\{bfc39e47-d643-4dc2-aa1d-61377501c844} [2012-06-20] FF Extension: Greasemonkey - C:\Users\iwa\AppData\Roaming\Mozilla\Firefox\Profiles\u5vis3im.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012-08-03] FF Extension: Freecorder YouTube Download Wizard - C:\Users\iwa\AppData\Roaming\Mozilla\Firefox\Profiles\u5vis3im.default\Extensions\ytvdw@pgport.com.xpi [2012-06-20] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-06-23] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-25] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-25] FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-10-29] FF StartMenuInternet: FIREFOX.EXE - D:\Programy\Mozilla Firefox\firefox.exe Chrome: ======= CHR HomePage: https://www.google.pl/ CHR StartupUrls: "https://www.google.pl/" CHR Plugin: (Widevine Content Decryption Module) - C:\Users\iwa\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (RealPlayer Version Plugin) - D:\Programy\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) CHR Plugin: (RealJukebox NS Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) CHR Extension: (little owl) - C:\Users\iwa\AppData\Local\Google\Chrome\User Data\Default\Extensions\alopfckdopopebdogneaajhpajfbkane [2013-10-09] CHR Extension: (Dysk Google) - C:\Users\iwa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-03] CHR Extension: (WOT) - C:\Users\iwa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-02-25] CHR Extension: (YouTube) - C:\Users\iwa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-17] CHR Extension: (Szukaj w Google) - C:\Users\iwa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-17] CHR Extension: (Video download helper) - C:\Users\iwa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbkchnicaiglcjpgbmpfmoafckkomdcm [2014-06-12] CHR Extension: (EditThisCookie) - C:\Users\iwa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2012-01-26] CHR Extension: (AdBlock) - C:\Users\iwa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2011-04-14] CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\iwa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2013-05-14] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\iwa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-06-20] CHR Extension: (Skype Click to Call) - C:\Users\iwa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-04-19] CHR Extension: (Quick Note) - C:\Users\iwa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2013-03-23] CHR Extension: (Google Wallet) - C:\Users\iwa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23] CHR Extension: (Gmail) - C:\Users\iwa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-17] CHR Extension: (RSS Feed Reader) - C:\Users\iwa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2012-10-31] CHR Extension: (IRC to Mibbit) - C:\Users\iwa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pohpiiceeffdepjkcikeifcpecegppod [2013-03-22] CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\iwa\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-08-02] CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-10-29] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11] ==================== Services (Whitelisted) ================= R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation) R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) S4 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed] R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed] R2 NMSAccess; D:\Programy\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] () R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed] R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [174656 2006-11-02] () [File not signed] S2 SkypeUpdate; D:\Programy\skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies) R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe [243712 2009-11-27] (IDT, Inc.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed] R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2013-12-17] (Wacom Technology, Corp.) ==================== Drivers (Whitelisted) ==================== R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO) S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [116864 2009-03-17] (Huawei Technologies Co., Ltd.) [File not signed] R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1799680 2009-08-12] () S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2009-11-12] () [File not signed] S3 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed] U3 tmlwf; U3 tmwfp; S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-21 16:51 - 2014-07-21 16:54 - 00000000 ____D () C:\FRST 2014-07-20 20:54 - 2014-07-21 15:26 - 00003344 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1081637463-3444327729-3069715732-1000 2014-07-20 20:54 - 2014-07-21 15:26 - 00003206 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1081637463-3444327729-3069715732-1000 2014-07-14 15:13 - 2014-07-14 15:13 - 00013026 _____ () C:\Users\iwa\Documents\zyciorys.odt 2014-07-09 14:34 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-09 14:34 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 14:34 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-09 14:34 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-09 14:34 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-09 14:34 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-09 14:34 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-09 14:34 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-09 14:34 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-09 14:34 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-09 14:34 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 14:34 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-09 14:34 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-09 14:34 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 14:34 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-09 14:34 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 14:34 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 14:34 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-09 14:34 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 14:34 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-09 14:34 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 14:34 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 14:34 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 14:34 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-09 14:34 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-09 14:34 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-09 14:34 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-09 14:34 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 14:34 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-09 14:34 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 14:34 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 14:34 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 14:34 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 14:34 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 14:34 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-09 14:34 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 14:34 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 14:34 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-09 14:34 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 14:34 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 14:34 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-09 14:34 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-09 14:34 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 14:34 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-09 14:34 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-09 14:34 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 14:34 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-09 14:33 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-09 14:33 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-09 14:33 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-09 14:33 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-09 14:33 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-09 14:33 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-09 14:33 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-09 14:33 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-09 14:33 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-09 14:33 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-09 14:33 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-09 14:33 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-09 14:33 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-09 14:33 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-09 14:33 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-09 14:33 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-09 14:33 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-09 14:33 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-08 21:58 - 2014-07-21 15:26 - 00002408 _____ () C:\Windows\setupact.log 2014-07-08 21:58 - 2014-07-08 21:58 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-08 14:39 - 2014-07-08 14:39 - 00008894 _____ () C:\Users\iwa\Documents\cc_20140708_143926.reg 2014-07-07 20:01 - 2014-07-07 20:01 - 00018253 _____ () C:\Users\iwa\Documents\charaktery.odt 2014-07-06 16:14 - 2014-07-06 16:14 - 00005841 _____ () C:\Users\iwa\AppData\Local\recently-used.xbel 2014-07-04 11:07 - 2014-07-04 15:10 - 00021296 _____ () C:\Users\iwa\Documents\szkola rysowania.odt ==================== One Month Modified Files and Folders ======= 2014-07-21 16:54 - 2014-07-21 16:51 - 00000000 ____D () C:\FRST 2014-07-21 16:53 - 2010-03-26 18:45 - 00001062 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-21 16:46 - 2013-06-26 10:16 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat 2014-07-21 15:57 - 2012-06-20 18:29 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-21 15:34 - 2009-07-14 06:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-21 15:34 - 2009-07-14 06:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-21 15:30 - 2013-06-26 10:11 - 01997359 _____ () C:\Windows\WindowsUpdate.log 2014-07-21 15:26 - 2014-07-20 20:54 - 00003344 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1081637463-3444327729-3069715732-1000 2014-07-21 15:26 - 2014-07-20 20:54 - 00003206 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1081637463-3444327729-3069715732-1000 2014-07-21 15:26 - 2014-07-08 21:58 - 00002408 _____ () C:\Windows\setupact.log 2014-07-21 15:26 - 2013-01-24 22:35 - 00000354 _____ () C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job 2014-07-21 15:26 - 2010-03-26 18:45 - 00001058 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-21 15:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-21 08:30 - 2010-10-08 19:32 - 00000000 ____D () C:\Users\iwa\AppData\Local\Adobe 2014-07-20 12:54 - 2013-03-14 17:15 - 00000000 ____D () C:\Users\iwa\AppData\Roaming\AIMP3 2014-07-20 09:45 - 2009-08-03 21:55 - 00739932 _____ () C:\Windows\system32\perfh015.dat 2014-07-20 09:45 - 2009-08-03 21:55 - 00155474 _____ () C:\Windows\system32\perfc015.dat 2014-07-20 09:45 - 2009-07-14 07:13 - 01668226 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-20 09:33 - 2013-07-14 10:01 - 00000000 ____D () C:\Users\iwa\aTubeCatcher 2014-07-19 13:50 - 2014-04-06 17:20 - 00000000 ____D () C:\ProgramData\69B6DBD2-8E05-476F-B662-CF8D235FD499 2014-07-19 13:44 - 2012-04-19 20:23 - 00000000 ____D () C:\Users\iwa\AppData\Roaming\Skype 2014-07-15 19:27 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-07-14 15:13 - 2014-07-14 15:13 - 00013026 _____ () C:\Users\iwa\Documents\zyciorys.odt 2014-07-11 21:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-07-10 10:15 - 2009-07-14 06:45 - 05067392 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-10 10:12 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-10 00:28 - 2013-07-30 23:26 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-10 00:24 - 2010-10-26 17:10 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-09 17:54 - 2011-06-03 11:08 - 00000132 _____ () C:\Users\iwa\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG 2014-07-09 14:58 - 2012-06-20 18:29 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-09 14:57 - 2012-06-20 18:29 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-09 14:57 - 2012-06-20 18:29 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-09 14:55 - 2013-08-02 07:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-07-08 21:58 - 2014-07-08 21:58 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-08 14:39 - 2014-07-08 14:39 - 00008894 _____ () C:\Users\iwa\Documents\cc_20140708_143926.reg 2014-07-08 11:59 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries 2014-07-07 20:01 - 2014-07-07 20:01 - 00018253 _____ () C:\Users\iwa\Documents\charaktery.odt 2014-07-07 16:15 - 2014-04-18 21:23 - 00000000 ____D () C:\Users\iwa\Documents\dalan 2014-07-06 16:14 - 2014-07-06 16:14 - 00005841 _____ () C:\Users\iwa\AppData\Local\recently-used.xbel 2014-07-06 13:50 - 2010-10-06 14:15 - 00000000 ____D () C:\Users\iwa 2014-07-06 11:18 - 2012-04-10 22:03 - 00000000 ____D () C:\Users\iwa\.gimp-2.6 2014-07-06 10:50 - 2010-10-08 17:36 - 00000000 ____D () C:\Users\iwa\AppData\Roaming\gtk-2.0 2014-07-04 15:10 - 2014-07-04 11:07 - 00021296 _____ () C:\Users\iwa\Documents\szkola rysowania.odt 2014-07-02 14:29 - 2012-04-19 20:22 - 00000000 ____D () C:\ProgramData\Skype 2014-06-25 06:45 - 2013-07-13 21:01 - 00000000 ____D () C:\Users\iwa\AppData\Local\Greenshot 2014-06-22 17:48 - 2010-03-26 18:45 - 00004058 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-22 17:48 - 2010-03-26 18:45 - 00003806 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-22 11:58 - 2014-05-21 12:22 - 00000000 ____D () C:\Users\iwa\AppData\Roaming\Epson ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-18 09:02 ==================== End Of Log ============================