OTL logfile created on: 2014-11-06 18:00:49 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = E:\ 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16384) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,88 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 56,68% Memory free 7,88 Gb Paging File | 6,07 Gb Available in Paging File | 77,03% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 434,01 Gb Total Space | 373,94 Gb Free Space | 86,16% Space Free | Partition Type: NTFS Drive D: | 500,09 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive E: | 29,24 Gb Total Space | 24,32 Gb Free Space | 83,19% Space Free | Partition Type: NTFS Computer Name: VAIO-MAGDA | User Name: Magda | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-11-06 17:32:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\OTL.exe PRC - [2014-10-22 05:05:02 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2014-10-01 11:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe PRC - [2014-10-01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe PRC - [2014-10-01 11:09:20 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe PRC - [2012-08-18 06:36:14 | 000,188,072 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe PRC - [2012-08-18 06:36:14 | 000,068,776 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe PRC - [2012-08-18 01:04:28 | 000,068,776 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe PRC - [2012-08-08 12:23:28 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe PRC - [2012-08-08 12:23:08 | 001,091,520 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe PRC - [2012-07-27 16:08:52 | 000,474,208 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe PRC - [2012-07-27 16:03:40 | 000,724,576 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe PRC - [2012-07-25 03:51:25 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012-07-25 03:49:04 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe PRC - [2012-07-25 03:41:24 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe PRC - [2012-07-23 16:01:16 | 000,491,120 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe PRC - [2012-06-08 04:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-10-22 05:04:57 | 008,910,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll MOD - [2014-10-22 05:04:51 | 001,042,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll MOD - [2014-10-22 05:04:49 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll MOD - [2014-10-22 05:04:48 | 001,681,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll MOD - [2012-07-24 11:05:20 | 000,807,440 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll MOD - [2012-06-08 12:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll MOD - [2012-06-08 04:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-08-22 13:51:10 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2012-08-08 21:48:20 | 000,056,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService) SRV:[b]64bit:[/b] - [2012-08-06 11:28:56 | 000,156,672 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector) SRV:[b]64bit:[/b] - [2012-07-26 05:46:56 | 002,366,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:[b]64bit:[/b] - [2012-07-26 04:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:[b]64bit:[/b] - [2012-07-26 04:17:59 | 000,015,440 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:[b]64bit:[/b] - [2012-07-26 04:08:04 | 001,968,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:[b]64bit:[/b] - [2012-07-26 04:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:[b]64bit:[/b] - [2012-07-26 04:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:[b]64bit:[/b] - [2012-07-26 04:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:[b]64bit:[/b] - [2012-07-26 04:07:30 | 000,169,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:[b]64bit:[/b] - [2012-07-26 04:07:27 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:[b]64bit:[/b] - [2012-07-26 04:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:[b]64bit:[/b] - [2012-07-26 04:06:36 | 000,463,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:[b]64bit:[/b] - [2012-07-26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:[b]64bit:[/b] - [2012-07-26 04:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:[b]64bit:[/b] - [2012-07-26 04:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:[b]64bit:[/b] - [2012-07-26 04:06:00 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:[b]64bit:[/b] - [2012-07-26 04:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:[b]64bit:[/b] - [2012-07-26 04:05:38 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:[b]64bit:[/b] - [2012-07-26 04:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:[b]64bit:[/b] - [2012-07-26 04:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:[b]64bit:[/b] - [2012-07-26 04:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:[b]64bit:[/b] - [2012-07-26 04:05:11 | 000,174,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:[b]64bit:[/b] - [2012-07-26 04:05:08 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:[b]64bit:[/b] - [2012-07-26 04:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent) SRV:[b]64bit:[/b] - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:[b]64bit:[/b] - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:[b]64bit:[/b] - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:[b]64bit:[/b] - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:[b]64bit:[/b] - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:[b]64bit:[/b] - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:[b]64bit:[/b] - [2012-07-24 23:39:24 | 001,266,336 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update\VUAgent.exe -- (VUAgent) SRV:[b]64bit:[/b] - [2012-07-19 19:55:44 | 000,476,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV:[b]64bit:[/b] - [2012-07-18 13:14:38 | 002,699,568 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService) SRV:[b]64bit:[/b] - [2012-07-18 13:14:16 | 000,272,176 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:[b]64bit:[/b] - [2012-07-18 13:14:04 | 000,627,504 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:[b]64bit:[/b] - [2012-07-18 13:13:40 | 000,149,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:[b]64bit:[/b] - [2012-07-17 01:38:26 | 000,731,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3) SRV:[b]64bit:[/b] - [2012-06-22 08:38:04 | 000,177,144 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp) SRV:[b]64bit:[/b] - [2012-06-22 08:34:52 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire) SRV:[b]64bit:[/b] - [2012-06-22 08:33:12 | 000,237,920 | ---- | M] () [Auto | Start_Pending] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield) SRV:[b]64bit:[/b] - [2012-05-02 14:49:44 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) SRV:[b]64bit:[/b] - [2012-04-20 15:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV:[b]64bit:[/b] - [2011-12-01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService) SRV - [2014-10-01 11:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2014-10-01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012-08-22 14:05:51 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012-08-18 06:36:14 | 000,623,784 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe -- (NetworkSupport) SRV - [2012-08-18 06:36:14 | 000,068,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service) SRV - [2012-08-08 12:23:28 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service) SRV - [2012-08-08 12:23:08 | 001,091,520 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor) SRV - [2012-08-08 11:56:22 | 000,972,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2012-08-08 11:56:18 | 000,460,512 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms) SRV - [2012-08-08 11:23:30 | 000,123,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) SRV - [2012-08-08 11:23:30 | 000,078,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) SRV - [2012-07-27 16:08:52 | 000,474,208 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2012-07-26 04:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2012-07-26 04:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2012-07-25 03:52:34 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012-07-25 03:51:25 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012-07-25 03:49:04 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) SRV - [2012-07-25 03:41:24 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2014-11-06 17:57:55 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV:[b]64bit:[/b] - [2014-10-01 11:11:30 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mwac.sys -- (MBAMWebAccessControl) DRV:[b]64bit:[/b] - [2014-10-01 11:11:12 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2012-09-29 19:18:41 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA) DRV:[b]64bit:[/b] - [2012-08-24 03:27:44 | 000,447,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2012-08-24 03:12:40 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys -- (SmbDrvI) DRV:[b]64bit:[/b] - [2012-08-23 03:55:54 | 000,103,424 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rimssne64.sys -- (rimssne) DRV:[b]64bit:[/b] - [2012-08-23 03:34:22 | 000,104,960 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\risdsnxc64.sys -- (risdsnxc) DRV:[b]64bit:[/b] - [2012-08-22 16:24:08 | 000,035,496 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amdkmpfd.sys -- (amdkmpfd) DRV:[b]64bit:[/b] - [2012-08-22 14:51:42 | 008,982,208 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdpmd64.sys -- (intelkmd) DRV:[b]64bit:[/b] - [2012-08-22 14:51:42 | 008,982,208 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2012-08-22 13:53:12 | 010,280,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2012-08-22 13:53:12 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2012-08-22 13:30:13 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2012-08-09 20:29:54 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:[b]64bit:[/b] - [2012-08-09 20:29:54 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus) DRV:[b]64bit:[/b] - [2012-08-09 20:29:52 | 000,188,384 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort) DRV:[b]64bit:[/b] - [2012-08-09 20:29:52 | 000,048,096 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub) DRV:[b]64bit:[/b] - [2012-08-07 16:51:58 | 004,273,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64) DRV:[b]64bit:[/b] - [2012-07-26 06:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-07-26 06:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv) DRV:[b]64bit:[/b] - [2012-07-26 06:00:58 | 000,445,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3) DRV:[b]64bit:[/b] - [2012-07-26 06:00:58 | 000,337,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI) DRV:[b]64bit:[/b] - [2012-07-26 06:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:[b]64bit:[/b] - [2012-07-26 06:00:58 | 000,212,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000) DRV:[b]64bit:[/b] - [2012-07-26 06:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt) DRV:[b]64bit:[/b] - [2012-07-26 06:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor) DRV:[b]64bit:[/b] - [2012-07-26 06:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex) DRV:[b]64bit:[/b] - [2012-07-26 06:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport) DRV:[b]64bit:[/b] - [2012-07-26 06:00:55 | 000,120,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101) DRV:[b]64bit:[/b] - [2012-07-26 06:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci) DRV:[b]64bit:[/b] - [2012-07-26 06:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis) DRV:[b]64bit:[/b] - [2012-07-26 06:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2012-07-26 06:00:55 | 000,028,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32) DRV:[b]64bit:[/b] - [2012-07-26 06:00:54 | 000,056,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor) DRV:[b]64bit:[/b] - [2012-07-26 06:00:52 | 003,295,984 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2012-07-26 06:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2012-07-26 06:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS) DRV:[b]64bit:[/b] - [2012-07-26 06:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2012-07-26 06:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:[b]64bit:[/b] - [2012-07-26 06:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass) DRV:[b]64bit:[/b] - [2012-07-26 06:00:49 | 000,539,376 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2012-07-26 06:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2012-07-26 06:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware) DRV:[b]64bit:[/b] - [2012-07-26 06:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2012-07-26 06:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2012-07-26 05:59:35 | 000,193,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2012-07-26 05:59:35 | 000,148,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM) DRV:[b]64bit:[/b] - [2012-07-26 05:59:32 | 000,055,024 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam) DRV:[b]64bit:[/b] - [2012-07-26 05:58:00 | 000,068,848 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc) DRV:[b]64bit:[/b] - [2012-07-26 05:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS) DRV:[b]64bit:[/b] - [2012-07-26 05:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS) DRV:[b]64bit:[/b] - [2012-07-26 05:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci) DRV:[b]64bit:[/b] - [2012-07-26 05:44:30 | 000,258,288 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter) DRV:[b]64bit:[/b] - [2012-07-26 05:36:15 | 000,034,216 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot) DRV:[b]64bit:[/b] - [2012-07-26 04:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2012-07-26 04:17:38 | 000,027,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2012-07-26 03:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf) DRV:[b]64bit:[/b] - [2012-07-26 03:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay) DRV:[b]64bit:[/b] - [2012-07-26 03:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo) DRV:[b]64bit:[/b] - [2012-07-26 03:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender) DRV:[b]64bit:[/b] - [2012-07-26 03:28:27 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:[b]64bit:[/b] - [2012-07-26 03:27:58 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM) DRV:[b]64bit:[/b] - [2012-07-26 03:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter) DRV:[b]64bit:[/b] - [2012-07-26 03:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic) DRV:[b]64bit:[/b] - [2012-07-26 03:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime) DRV:[b]64bit:[/b] - [2012-07-26 03:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig) DRV:[b]64bit:[/b] - [2012-07-26 03:27:31 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid) DRV:[b]64bit:[/b] - [2012-07-26 03:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:[b]64bit:[/b] - [2012-07-26 03:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr) DRV:[b]64bit:[/b] - [2012-07-26 03:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd) DRV:[b]64bit:[/b] - [2012-07-26 03:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx) DRV:[b]64bit:[/b] - [2012-07-26 03:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx) DRV:[b]64bit:[/b] - [2012-07-26 03:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2012-07-26 03:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum) DRV:[b]64bit:[/b] - [2012-07-26 03:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2012-07-26 03:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2012-07-26 03:25:54 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c) DRV:[b]64bit:[/b] - [2012-07-26 03:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr) DRV:[b]64bit:[/b] - [2012-07-26 03:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum) DRV:[b]64bit:[/b] - [2012-07-26 03:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:[b]64bit:[/b] - [2012-07-26 03:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp) DRV:[b]64bit:[/b] - [2012-07-26 03:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu) DRV:[b]64bit:[/b] - [2012-07-25 03:44:51 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2012-07-25 03:40:38 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168) DRV:[b]64bit:[/b] - [2012-07-17 01:39:22 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP) DRV:[b]64bit:[/b] - [2012-07-17 01:39:22 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL) DRV:[b]64bit:[/b] - [2012-07-14 18:36:30 | 000,825,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf) DRV:[b]64bit:[/b] - [2012-07-11 13:33:28 | 000,014,336 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SFEP.sys -- (SFEP) DRV:[b]64bit:[/b] - [2012-07-04 13:31:40 | 000,055,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (iBtFltCoex) DRV:[b]64bit:[/b] - [2012-06-25 11:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive) DRV:[b]64bit:[/b] - [2012-06-22 08:40:58 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\cfwids.sys -- (cfwids) DRV:[b]64bit:[/b] - [2012-06-22 08:38:16 | 000,335,784 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\mfewfpk.sys -- (mfewfpk) DRV:[b]64bit:[/b] - [2012-06-22 08:36:54 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mferkdet.sys -- (mferkdet) DRV:[b]64bit:[/b] - [2012-06-22 08:36:12 | 000,752,672 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\mfehidk.sys -- (mfehidk) DRV:[b]64bit:[/b] - [2012-06-22 08:35:02 | 000,513,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfefirek.sys -- (mfefirek) DRV:[b]64bit:[/b] - [2012-06-22 08:34:22 | 000,300,392 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfeavfk.sys -- (mfeavfk) DRV:[b]64bit:[/b] - [2012-06-22 08:34:00 | 000,169,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mfeapfk.sys -- (mfeapfk) DRV:[b]64bit:[/b] - [2012-06-18 13:29:12 | 000,066,712 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mfeelamk.sys -- (mfeelamk) DRV:[b]64bit:[/b] - [2012-06-11 03:43:12 | 000,024,280 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\sows.sys -- (SOWS) DRV:[b]64bit:[/b] - [2012-06-02 15:31:39 | 000,283,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\e1y60x64.sys -- (e1yexpress) DRV:[b]64bit:[/b] - [2012-06-02 15:31:32 | 002,935,808 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2012-04-24 12:01:12 | 000,110,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-4106931729-1466076011-650411161-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vaioportal.sony.eu [binary data] IE - HKU\S-1-5-21-4106931729-1466076011-650411161-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-4106931729-1466076011-650411161-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://sony13.msn.com IE - HKU\S-1-5-21-4106931729-1466076011-650411161-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-4106931729-1466076011-650411161-1001\..\SearchScopes\{03A85942-8E4B-4570-82A3-57886C76E484}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS IE - HKU\S-1-5-21-4106931729-1466076011-650411161-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-4106931729-1466076011-650411161-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [color=#E56717]========== Chrome ==========[/color] CHR - plugin: Error reading preferences file CHR - Extension: No name found = C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ O1 HOSTS File: ([2014-11-06 17:33:30 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Motorola Solutions, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4106931729-1466076011-650411161-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4106931729-1466076011-650411161-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:[b]64bit:[/b] - Extra context menu item: Wyślij do Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm () O8 - Extra context menu item: Wyślij do Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm () O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.60 62.179.1.61 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5210CAAD-D927-4675-9C80-26F0D1724178}: DhcpNameServer = 62.179.1.60 62.179.1.61 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9D5B9C0-B7E9-4B96-BD46-6F3289EED94B}: DhcpNameServer = 10.100.10.2 10.100.10.1 O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-12-07 12:42:16 | 000,000,128 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-11-06 17:56:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2014-11-06 17:40:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2014-11-06 17:30:35 | 000,000,000 | ---D | C] -- C:\FRST [2014-11-06 17:15:39 | 000,000,000 | ---D | C] -- C:\ComboFix [2014-11-06 13:35:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz [2014-11-06 13:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Odkurzacz [2014-11-06 12:45:23 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Roaming\QuickScan [2014-11-06 12:24:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo [2014-11-06 12:24:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo [2014-11-06 12:16:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2014-11-06 12:14:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2014-11-06 10:56:41 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2014-11-06 10:56:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [2014-11-06 10:56:20 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys [2014-11-06 10:56:20 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys [2014-11-06 10:56:20 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2014-11-06 10:56:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware [2014-11-06 10:56:04 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Local\Programs [2014-11-06 10:43:06 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Roaming\Malwarebytes [2014-11-06 10:43:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2014-11-06 10:40:14 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Roaming\Macromedia [2014-11-06 10:22:21 | 000,000,000 | ---D | C] -- C:\Windows\temp [2014-11-06 10:22:21 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Local\temp [2014-11-06 10:10:29 | 005,591,672 | ---- | C] (Swearware) -- C:\Users\Magda\Desktop\ComboFix.exe [2014-11-06 09:27:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll [2014-11-06 09:27:27 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2014-11-06 09:27:27 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll [2014-11-06 09:27:27 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll [2014-11-06 09:27:26 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll [2014-11-06 09:27:26 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wushareduxresources.dll [2014-11-06 09:27:26 | 000,059,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2014-11-06 09:27:26 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2014-11-06 09:27:26 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2014-11-06 09:27:26 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuaext.dll [2014-11-06 09:27:25 | 001,623,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2014-11-06 09:27:25 | 000,773,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2014-11-06 09:27:25 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll [2014-11-06 09:27:17 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2014-11-06 09:27:17 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll [2014-11-06 09:27:17 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2014-11-06 09:27:17 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe [2014-11-06 09:01:54 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2014-11-06 09:01:54 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2014-11-06 09:01:54 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2014-11-06 09:01:54 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2014-11-06 09:01:46 | 000,000,000 | ---D | C] -- C:\Qoobox [2014-11-06 09:00:15 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2014-11-05 18:04:57 | 000,000,000 | ---D | C] -- C:\found.003 [2014-11-05 00:56:50 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2014-11-05 00:52:56 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Local\Google [2014-11-05 00:51:37 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Local\Apps [2014-11-05 00:51:34 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Local\Deployment [2014-11-05 00:50:42 | 000,000,000 | ---D | C] -- C:\Users\Magda\Documents\Sony PMB [2014-11-05 00:01:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT [2014-11-04 23:17:28 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Corporation [2014-11-04 23:13:09 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Roaming\iolo [2014-11-04 23:11:34 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Local\Diagnostics [2014-11-04 23:06:49 | 000,000,000 | ---D | C] -- C:\Config.Msi [2014-11-04 21:00:54 | 000,000,000 | ---D | C] -- C:\$SysReset [2014-11-04 19:45:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\VAIO Startup Setting Tool [2014-11-04 19:45:29 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Roaming\Sony Corporation [2014-11-04 19:45:19 | 000,000,000 | ---D | C] -- C:\Windows\pss [2014-11-04 19:44:19 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Local\Sony Corporation [2014-11-04 19:41:15 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Local\Power2Go8 [2014-11-04 19:40:01 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Roaming\ATI [2014-11-04 19:40:01 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Local\ATI [2014-11-04 19:38:34 | 000,000,000 | R--D | C] -- C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2014-11-04 19:38:34 | 000,000,000 | R--D | C] -- C:\Users\Magda\Searches [2014-11-04 19:38:34 | 000,000,000 | R--D | C] -- C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2014-11-04 19:38:23 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Roaming\Identities [2014-11-04 19:37:15 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Roaming\Adobe [2014-11-04 19:37:13 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Local\VirtualStore [2014-11-04 19:34:34 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Roaming\Intel [2014-11-04 19:32:47 | 000,000,000 | -HSD | C] -- C:\Users\Magda\Ustawienia lokalne [2014-11-04 19:32:47 | 000,000,000 | -HSD | C] -- C:\Users\Magda\AppData\Local\Temporary Internet Files [2014-11-04 19:32:47 | 000,000,000 | -HSD | C] -- C:\Users\Magda\Szablony [2014-11-04 19:32:47 | 000,000,000 | -HSD | C] -- C:\Users\Magda\SendTo [2014-11-04 19:32:47 | 000,000,000 | -HSD | C] -- C:\Users\Magda\Recent [2014-11-04 19:32:47 | 000,000,000 | -HSD | C] -- C:\Users\Magda\PrintHood [2014-11-04 19:32:47 | 000,000,000 | -HSD | C] -- C:\Users\Magda\NetHood [2014-11-04 19:32:47 | 000,000,000 | -HSD | C] -- C:\Users\Magda\Documents\Moje wideo [2014-11-04 19:32:47 | 000,000,000 | -HSD | C] -- C:\Users\Magda\Documents\Moje obrazy [2014-11-04 19:32:47 | 000,000,000 | -HSD | C] -- C:\Users\Magda\Moje dokumenty [2014-11-04 19:32:47 | 000,000,000 | -HSD | C] -- C:\Users\Magda\Documents\Moja muzyka [2014-11-04 19:32:47 | 000,000,000 | -HSD | C] -- C:\Users\Magda\Menu Start [2014-11-04 19:32:47 | 000,000,000 | -HSD | C] -- C:\Users\Magda\AppData\Local\Historia [2014-11-04 19:32:47 | 000,000,000 | -HSD | C] -- C:\Users\Magda\Dane aplikacji [2014-11-04 19:32:47 | 000,000,000 | -HSD | C] -- C:\Users\Magda\AppData\Local\Dane aplikacji [2014-11-04 19:32:47 | 000,000,000 | -HSD | C] -- C:\Users\Magda\Cookies [2014-11-04 19:32:46 | 000,000,000 | --SD | C] -- C:\Users\Magda\AppData\Roaming\Microsoft [2014-11-04 19:32:46 | 000,000,000 | R--D | C] -- C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2014-11-04 19:32:46 | 000,000,000 | R--D | C] -- C:\Users\Magda\Favorites [2014-11-04 19:32:46 | 000,000,000 | R--D | C] -- C:\Users\Magda\Desktop [2014-11-04 19:32:46 | 000,000,000 | R--D | C] -- C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2014-11-04 19:32:46 | 000,000,000 | R--D | C] -- C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2014-11-04 19:32:46 | 000,000,000 | -H-D | C] -- C:\Users\Magda\AppData [2014-11-04 19:32:46 | 000,000,000 | ---D | C] -- C:\Users\Magda\Roaming [2014-11-04 19:32:46 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Local\Microsoft [2014-11-04 19:32:46 | 000,000,000 | ---D | C] -- C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2014-11-04 19:31:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2014-11-04 19:31:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2014-11-04 19:31:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2014-11-04 19:31:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2014-11-04 19:31:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2014-11-04 19:31:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2014-11-04 19:31:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2014-11-04 19:31:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-11-06 17:58:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-11-06 17:58:03 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-11-06 17:57:55 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2014-11-06 17:56:09 | 573,801,561 | ---- | M] () -- C:\Windows\MEMORY.DMP [2014-11-06 17:56:09 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2014-11-06 17:56:06 | 3328,921,600 | -HS- | M] () -- C:\hiberfil.sys [2014-11-06 17:33:30 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2014-11-06 17:20:19 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-11-06 17:19:15 | 000,098,257 | ---- | M] () -- C:\ProgramData\1415290427.bdinstall.bin [2014-11-06 16:26:09 | 007,539,758 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014-11-06 16:26:09 | 000,794,946 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2014-11-06 16:26:09 | 000,776,694 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat [2014-11-06 16:26:09 | 000,730,544 | ---- | M] () -- C:\Windows\SysNative\perfh00E.dat [2014-11-06 16:26:09 | 000,718,298 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat [2014-11-06 16:26:09 | 000,712,522 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat [2014-11-06 16:26:09 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014-11-06 16:26:09 | 000,541,792 | ---- | M] () -- C:\Windows\SysNative\perfh008.dat [2014-11-06 16:26:09 | 000,455,676 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat [2014-11-06 16:26:09 | 000,440,762 | ---- | M] () -- C:\Windows\SysNative\perfh014.dat [2014-11-06 16:26:09 | 000,426,314 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat [2014-11-06 16:26:09 | 000,174,018 | ---- | M] () -- C:\Windows\SysNative\perfc00E.dat [2014-11-06 16:26:09 | 000,159,974 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat [2014-11-06 16:26:09 | 000,159,530 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2014-11-06 16:26:09 | 000,148,908 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat [2014-11-06 16:26:09 | 000,147,876 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat [2014-11-06 16:26:09 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014-11-06 16:26:09 | 000,088,858 | ---- | M] () -- C:\Windows\SysNative\perfc008.dat [2014-11-06 16:26:09 | 000,081,450 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat [2014-11-06 16:26:09 | 000,079,422 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat [2014-11-06 16:26:09 | 000,076,914 | ---- | M] () -- C:\Windows\SysNative\perfc014.dat [2014-11-06 13:35:51 | 000,001,019 | ---- | M] () -- C:\Users\Magda\Desktop\Odkurzacz.lnk [2014-11-06 12:24:38 | 000,001,146 | ---- | M] () -- C:\Users\Magda\Desktop\CrystalDiskInfo.lnk [2014-11-06 12:16:01 | 000,002,221 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014-11-06 11:59:13 | 001,998,336 | ---- | M] () -- C:\Users\Magda\Desktop\AdwCleaner.exe [2014-11-06 10:56:24 | 000,001,062 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2014-11-06 10:10:17 | 000,000,715 | ---- | M] () -- C:\Users\Magda\Desktop\ComboFix — skrót.lnk [2014-11-06 10:07:19 | 005,591,672 | ---- | M] (Swearware) -- C:\Users\Magda\Desktop\ComboFix.exe [2014-11-06 08:32:38 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2014-11-06 07:12:32 | 000,281,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014-11-05 18:05:09 | 000,003,920 | ---- | M] () -- C:\bootsqm.dat [2014-11-04 19:39:35 | 000,008,470 | ---- | M] () -- C:\Users\Magda\Desktop\Usunięte aplikacje.html [2014-11-04 19:33:11 | 000,017,148 | ---- | M] () -- C:\Windows\diagwrn.xml [2014-11-04 19:33:11 | 000,017,148 | ---- | M] () -- C:\Windows\diagerr.xml [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-11-06 17:56:09 | 573,801,561 | ---- | C] () -- C:\Windows\MEMORY.DMP [2014-11-06 17:19:15 | 000,098,257 | ---- | C] () -- C:\ProgramData\1415290427.bdinstall.bin [2014-11-06 13:35:51 | 000,001,019 | ---- | C] () -- C:\Users\Magda\Desktop\Odkurzacz.lnk [2014-11-06 12:24:38 | 000,001,146 | ---- | C] () -- C:\Users\Magda\Desktop\CrystalDiskInfo.lnk [2014-11-06 12:16:01 | 000,002,221 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014-11-06 12:14:46 | 000,001,068 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-11-06 12:14:43 | 000,001,064 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-11-06 11:59:13 | 001,998,336 | ---- | C] () -- C:\Users\Magda\Desktop\AdwCleaner.exe [2014-11-06 10:56:24 | 000,001,062 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2014-11-06 10:10:17 | 000,000,715 | ---- | C] () -- C:\Users\Magda\Desktop\ComboFix — skrót.lnk [2014-11-06 09:01:54 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2014-11-06 09:01:54 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2014-11-06 09:01:54 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2014-11-06 09:01:54 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2014-11-06 09:01:54 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2014-11-06 08:32:38 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2014-11-05 18:05:09 | 000,003,920 | ---- | C] () -- C:\bootsqm.dat [2014-11-04 19:37:15 | 000,001,308 | ---- | C] () -- C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2014-11-04 19:32:42 | 000,017,148 | ---- | C] () -- C:\Windows\diagwrn.xml [2014-11-04 19:32:42 | 000,017,148 | ---- | C] () -- C:\Windows\diagerr.xml [2012-11-20 20:28:09 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll [2012-11-20 18:51:18 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2012-11-20 18:51:09 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012-11-20 18:47:06 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl [color=#E56717]========== ZeroAccess Check ==========[/color] [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-07-26 04:07:16 | 019,779,584 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-07-26 04:19:59 | 017,559,552 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-07-26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012-07-26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-07-26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2012-11-20 20:28:09 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\iolo [2014-11-04 23:13:09 | 000,000,000 | ---D | M] -- C:\Users\Magda\AppData\Roaming\iolo [2014-11-06 13:05:59 | 000,000,000 | ---D | M] -- C:\Users\Magda\AppData\Roaming\QuickScan [color=#E56717]========== Purity Check ==========[/color] < End of report >