Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014 Ran by Magda (administrator) on VAIO-MAGDA on 06-11-2014 19:35:46 Running from E:\ Loaded Profile: Magda (Available profiles: Magda & Administrator) Platform: Windows 8 (X64) OS Language: Polski (Polska) Internet Explorer Version 10 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-22] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-22] (Realtek Semiconductor) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sony13.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vaioportal.sony.eu HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-4106931729-1466076011-650411161-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - {03A85942-8E4B-4570-82A3-57886C76E484} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 62.179.1.60 62.179.1.61 FireFox: ======== FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) Chrome: ======= CHR Profile: C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Wallet) - C:\Users\Magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-06] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-25] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-25] (Intel Corporation) S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] () S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation) S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation) S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation) R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation) R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1266336 2012-07-24] (Sony Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-08-22] (Advanced Micro Devices, Inc.) U5 AppMgmt; C:\Windows\system32\svchost.exe [30208 2012-07-26] (Microsoft Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-06] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation) R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation) R3 rimssne; C:\Windows\System32\drivers\rimssne64.sys [103424 2012-08-23] (REDC) R3 risdsnxc; C:\Windows\System32\drivers\risdsnxc64.sys [104960 2012-08-23] (REDC) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated) R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation) S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider) S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider) S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-06 19:33 - 2014-11-06 19:33 - 00000117 _____ () C:\Windows\system32\netcfg-82859.txt 2014-11-06 19:31 - 2014-11-06 19:31 - 00000117 _____ () C:\Windows\system32\netcfg-4050359.txt 2014-11-06 19:09 - 2014-11-06 19:09 - 00003134 _____ () C:\Windows\System32\Tasks\USER_ESRV_SVC 2014-11-06 19:09 - 2014-11-06 19:03 - 00013792 _____ () C:\Windows\system32\Drivers\semav6thermal64ro.sys 2014-11-06 19:08 - 2014-11-06 19:08 - 00002044 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk 2014-11-06 19:08 - 2014-11-06 19:08 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care 2014-11-06 18:24 - 2014-11-06 18:24 - 00284720 _____ () C:\Windows\Minidump\110614-32890-01.dmp 2014-11-06 18:00 - 2014-11-06 18:00 - 00000117 _____ () C:\Windows\system32\netcfg-403062.txt 2014-11-06 17:56 - 2014-11-06 18:24 - 1088656723 _____ () C:\Windows\MEMORY.DMP 2014-11-06 17:56 - 2014-11-06 18:24 - 00000000 ____D () C:\Windows\Minidump 2014-11-06 17:56 - 2014-11-06 17:57 - 00000117 _____ () C:\Windows\system32\netcfg-184656.txt 2014-11-06 17:56 - 2014-11-06 17:56 - 00284472 _____ () C:\Windows\Minidump\110614-142953-01.dmp 2014-11-06 17:48 - 2014-11-06 17:48 - 00000117 _____ () C:\Windows\system32\netcfg-312734.txt 2014-11-06 17:43 - 2014-11-06 17:43 - 00000117 _____ () C:\Windows\system32\netcfg-54890.txt 2014-11-06 17:42 - 2014-11-06 17:42 - 00000117 _____ () C:\Windows\system32\netcfg-2434359.txt 2014-11-06 17:40 - 2014-11-06 17:40 - 00017110 _____ () C:\ComboFix.txt 2014-11-06 17:30 - 2014-11-06 19:35 - 00000000 ____D () C:\FRST 2014-11-06 17:22 - 2014-11-06 17:22 - 00000117 _____ () C:\Windows\system32\netcfg-1274515.txt 2014-11-06 17:22 - 2014-11-06 17:22 - 00000117 _____ () C:\Windows\system32\netcfg-1271375.txt 2014-11-06 17:19 - 2014-11-06 17:19 - 00098257 _____ () C:\ProgramData\1415290427.bdinstall.bin 2014-11-06 17:15 - 2014-11-06 17:40 - 00000000 ____D () C:\ComboFix 2014-11-06 17:01 - 2014-11-06 17:01 - 00000117 _____ () C:\Windows\system32\netcfg-4271843.txt 2014-11-06 16:22 - 2014-11-06 16:22 - 00000117 _____ () C:\Windows\system32\netcfg-1954781.txt 2014-11-06 16:22 - 2014-11-06 16:22 - 00000117 _____ () C:\Windows\system32\netcfg-1951703.txt 2014-11-06 16:22 - 2014-11-06 16:22 - 00000117 _____ () C:\Windows\system32\netcfg-1940109.txt 2014-11-06 16:22 - 2014-11-06 16:22 - 00000117 _____ () C:\Windows\system32\netcfg-1939984.txt 2014-11-06 16:22 - 2014-11-06 16:22 - 00000117 _____ () C:\Windows\system32\netcfg-1939328.txt 2014-11-06 15:54 - 2014-11-06 15:54 - 00000117 _____ () C:\Windows\system32\netcfg-274734.txt 2014-11-06 15:50 - 2014-11-06 19:32 - 00116510 _____ () C:\Windows\PFRO.log 2014-11-06 15:48 - 2014-11-06 15:48 - 00000117 _____ () C:\Windows\system32\netcfg-20783687.txt 2014-11-06 15:48 - 2014-11-06 15:48 - 00000117 _____ () C:\Windows\system32\netcfg-20767656.txt 2014-11-06 15:32 - 2014-11-06 15:32 - 00000117 _____ () C:\Windows\system32\netcfg-19770484.txt 2014-11-06 15:32 - 2014-11-06 15:32 - 00000117 _____ () C:\Windows\system32\netcfg-19770125.txt 2014-11-06 13:35 - 2014-11-06 13:35 - 00001019 _____ () C:\Users\Magda\Desktop\Odkurzacz.lnk 2014-11-06 13:35 - 2014-11-06 13:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz 2014-11-06 13:35 - 2014-11-06 13:35 - 00000000 ____D () C:\Program Files (x86)\Odkurzacz 2014-11-06 13:34 - 2014-11-06 13:34 - 04610053 _____ (FranmoSoftware ) C:\Users\Magda\Downloads\odk13.5.0.1911setup.exe 2014-11-06 13:12 - 2014-11-06 18:28 - 00003714 _____ () C:\Windows\setupact.log 2014-11-06 13:12 - 2014-11-06 13:12 - 00000000 _____ () C:\Windows\setuperr.log 2014-11-06 12:45 - 2014-11-06 13:05 - 00000000 ____D () C:\Users\Magda\AppData\Roaming\QuickScan 2014-11-06 12:45 - 2014-11-06 12:45 - 10447328 _____ () C:\Users\Magda\Downloads\Antivirus_Free_Edition_x64.exe 2014-11-06 12:44 - 2014-11-06 12:44 - 00162208 _____ () C:\Users\Magda\Downloads\Antivirus_Free_Edition.exe 2014-11-06 12:24 - 2014-11-06 12:24 - 00001146 _____ () C:\Users\Magda\Desktop\CrystalDiskInfo.lnk 2014-11-06 12:24 - 2014-11-06 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo 2014-11-06 12:24 - 2014-11-06 12:24 - 00000000 ____D () C:\Program Files (x86)\CrystalDiskInfo 2014-11-06 12:23 - 2014-11-06 12:23 - 02996728 _____ (Crystal Dew World ) C:\Users\Magda\Downloads\CrystalDiskInfo6_2_1-en.exe 2014-11-06 12:16 - 2014-11-06 12:16 - 00002221 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-11-06 12:16 - 2014-11-06 12:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-11-06 12:14 - 2014-11-06 19:34 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-06 12:14 - 2014-11-06 19:19 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-06 12:14 - 2014-11-06 12:15 - 00000000 ____D () C:\Program Files (x86)\Google 2014-11-06 12:14 - 2014-11-06 12:14 - 00004040 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-06 12:14 - 2014-11-06 12:14 - 00003804 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-11-06 11:59 - 2014-11-06 11:59 - 01998336 _____ () C:\Users\Magda\Desktop\AdwCleaner.exe 2014-11-06 10:56 - 2014-11-06 19:34 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-06 10:56 - 2014-11-06 14:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-11-06 10:56 - 2014-11-06 10:56 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-11-06 10:56 - 2014-11-06 10:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-11-06 10:56 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-11-06 10:56 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-11-06 10:56 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-11-06 10:43 - 2014-11-06 13:03 - 00000000 ____D () C:\Users\Magda\AppData\Roaming\Malwarebytes 2014-11-06 10:43 - 2014-11-06 13:03 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-11-06 10:40 - 2014-11-06 10:40 - 00000000 ____D () C:\Users\Magda\AppData\Roaming\Macromedia 2014-11-06 10:39 - 2014-11-06 10:39 - 00000117 _____ () C:\Windows\system32\netcfg-2213453.txt 2014-11-06 10:10 - 2014-11-06 10:10 - 00000715 _____ () C:\Users\Magda\Desktop\ComboFix — skrót.lnk 2014-11-06 10:10 - 2014-11-06 10:10 - 00000117 _____ () C:\Windows\system32\netcfg-458171.txt 2014-11-06 10:10 - 2014-11-06 10:07 - 05591672 _____ (Swearware) C:\Users\Magda\Desktop\ComboFix.exe 2014-11-06 10:03 - 2014-11-06 10:03 - 00000117 _____ () C:\Windows\system32\netcfg-51093.txt 2014-11-06 10:01 - 2014-11-06 10:01 - 00000117 _____ () C:\Windows\system32\netcfg-1158078.txt 2014-11-06 09:43 - 2014-11-06 09:43 - 00000117 _____ () C:\Windows\system32\netcfg-45187.txt 2014-11-06 09:41 - 2014-11-06 09:41 - 00000117 _____ () C:\Windows\system32\netcfg-749156.txt 2014-11-06 09:30 - 2014-11-06 09:30 - 00000117 _____ () C:\Windows\system32\netcfg-44250.txt 2014-11-06 09:28 - 2014-11-06 09:28 - 00000117 _____ () C:\Windows\system32\netcfg-1871718.txt 2014-11-06 09:27 - 2014-05-20 03:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-11-06 09:27 - 2014-05-20 00:45 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-11-06 09:27 - 2014-05-20 00:45 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-11-06 09:27 - 2014-05-20 00:24 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-11-06 09:27 - 2014-05-20 00:24 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-11-06 09:27 - 2014-05-20 00:24 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-11-06 09:27 - 2014-05-20 00:24 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2014-11-06 09:27 - 2014-05-20 00:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll 2014-11-06 09:27 - 2014-05-20 00:24 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-11-06 09:27 - 2014-05-14 23:43 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-11-06 09:27 - 2014-05-14 23:43 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-11-06 09:27 - 2014-05-14 23:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-11-06 09:27 - 2014-05-14 23:42 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2014-11-06 09:27 - 2013-08-16 06:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-11-06 09:27 - 2013-08-16 06:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-11-06 09:27 - 2013-08-15 23:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-11-06 09:27 - 2012-11-06 05:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll 2014-11-06 09:27 - 2012-11-06 05:00 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wushareduxresources.dll 2014-11-06 09:26 - 2014-11-06 09:26 - 00000117 _____ () C:\Windows\system32\netcfg-1758718.txt 2014-11-06 09:26 - 2014-11-06 09:26 - 00000117 _____ () C:\Windows\system32\netcfg-1755671.txt 2014-11-06 09:26 - 2014-11-06 09:26 - 00000117 _____ () C:\Windows\system32\netcfg-1749406.txt 2014-11-06 09:01 - 2014-11-06 17:40 - 00000000 ____D () C:\Qoobox 2014-11-06 09:01 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-11-06 09:01 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-11-06 09:01 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-11-06 09:01 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-11-06 09:01 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-11-06 09:01 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe 2014-11-06 09:01 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe 2014-11-06 09:01 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe 2014-11-06 09:01 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe 2014-11-06 09:00 - 2014-11-06 09:13 - 00000000 ____D () C:\Windows\erdnt 2014-11-06 08:32 - 2014-11-06 08:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2014-11-06 08:18 - 2014-11-06 18:37 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4106931729-1466076011-650411161-1001 2014-11-06 07:13 - 2014-11-06 07:14 - 00000117 _____ () C:\Windows\system32\netcfg-210109.txt 2014-11-05 18:05 - 2014-11-05 18:05 - 00003920 _____ () C:\bootsqm.dat 2014-11-05 18:04 - 2014-11-06 13:49 - 00000000 ____D () C:\found.003 2014-11-05 00:56 - 2014-11-06 15:01 - 00000000 ____D () C:\AdwCleaner 2014-11-05 00:52 - 2014-11-06 12:16 - 00000000 ____D () C:\Users\Magda\AppData\Local\Google 2014-11-05 00:51 - 2014-11-06 04:00 - 00000000 ____D () C:\Users\Magda\AppData\Local\Apps\2.0 2014-11-05 00:51 - 2014-11-05 01:00 - 00000000 ____D () C:\Users\Magda\AppData\Local\Deployment 2014-11-05 00:50 - 2014-11-05 00:50 - 00000000 ____D () C:\Users\Magda\Documents\Sony PMB 2014-11-05 00:01 - 2014-11-05 00:32 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-04 23:17 - 2014-11-04 23:17 - 00000000 ____D () C:\Program Files\Sony Corporation 2014-11-04 23:13 - 2014-11-04 23:13 - 00000000 ____D () C:\Users\Magda\AppData\Roaming\iolo 2014-11-04 21:28 - 2014-11-04 21:28 - 00262144 _____ () C:\Windows\system32\config\userdiff 2014-11-04 21:00 - 2014-11-06 00:06 - 00000000 ____D () C:\$SysReset 2014-11-04 19:45 - 2014-11-06 07:35 - 00000000 ____D () C:\Users\Magda\AppData\Roaming\Sony Corporation 2014-11-04 19:45 - 2014-11-06 05:49 - 00000000 ____D () C:\Windows\SysWOW64\VAIO Startup Setting Tool 2014-11-04 19:45 - 2014-11-04 19:45 - 00000000 ____D () C:\Windows\pss 2014-11-04 19:44 - 2014-11-05 17:05 - 00000000 ____D () C:\Users\Magda\AppData\Local\Sony Corporation 2014-11-04 19:41 - 2014-11-04 19:41 - 00000000 ____D () C:\Users\Magda\AppData\Local\Power2Go8 2014-11-04 19:40 - 2014-11-04 19:40 - 00000000 ____D () C:\Users\Magda\AppData\Roaming\ATI 2014-11-04 19:40 - 2014-11-04 19:40 - 00000000 ____D () C:\Users\Magda\AppData\Local\ATI 2014-11-04 19:37 - 2014-11-04 19:37 - 00001308 _____ () C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-11-04 19:37 - 2014-11-04 19:37 - 00000000 ____D () C:\Users\Magda\AppData\Roaming\Adobe 2014-11-04 19:37 - 2014-11-04 19:37 - 00000000 ____D () C:\Users\Magda\AppData\Local\VirtualStore 2014-11-04 19:34 - 2014-11-04 19:34 - 00000020 ___SH () C:\Users\Magda\ntuser.ini 2014-11-04 19:34 - 2014-11-04 19:34 - 00000000 ____D () C:\Users\Magda\AppData\Roaming\Intel 2014-11-04 19:33 - 2014-11-04 19:33 - 00000855 _____ () C:\Users\Administrator\AppData\Local\Application.xml 2014-11-04 19:33 - 2014-11-04 19:33 - 00000117 _____ () C:\Windows\system32\netcfg-240281.txt 2014-11-04 19:33 - 2014-11-04 19:33 - 00000117 _____ () C:\Windows\system32\netcfg-234437.txt 2014-11-04 19:32 - 2014-11-06 07:15 - 00000000 ____D () C:\Users\Magda 2014-11-04 19:32 - 2014-11-04 19:37 - 00000000 ___RD () C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-04 19:32 - 2014-11-04 19:33 - 00017148 _____ () C:\Windows\diagwrn.xml 2014-11-04 19:32 - 2014-11-04 19:33 - 00017148 _____ () C:\Windows\diagerr.xml 2014-11-04 19:32 - 2014-11-04 19:32 - 00000117 _____ () C:\Windows\system32\netcfg-161406.txt 2014-11-04 19:32 - 2014-11-04 19:32 - 00000000 _SHDL () C:\Users\Magda\Ustawienia lokalne 2014-11-04 19:32 - 2014-11-04 19:32 - 00000000 _SHDL () C:\Users\Magda\Szablony 2014-11-04 19:32 - 2014-11-04 19:32 - 00000000 _SHDL () C:\Users\Magda\Moje dokumenty 2014-11-04 19:32 - 2014-11-04 19:32 - 00000000 _SHDL () C:\Users\Magda\Menu Start 2014-11-04 19:32 - 2014-11-04 19:32 - 00000000 _SHDL () C:\Users\Magda\Documents\Moje wideo 2014-11-04 19:32 - 2014-11-04 19:32 - 00000000 _SHDL () C:\Users\Magda\Documents\Moje obrazy 2014-11-04 19:32 - 2014-11-04 19:32 - 00000000 _SHDL () C:\Users\Magda\Documents\Moja muzyka 2014-11-04 19:32 - 2014-11-04 19:32 - 00000000 _SHDL () C:\Users\Magda\Dane aplikacji 2014-11-04 19:32 - 2014-11-04 19:32 - 00000000 _SHDL () C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-11-04 19:32 - 2014-11-04 19:32 - 00000000 _SHDL () C:\Users\Magda\AppData\Local\Historia 2014-11-04 19:32 - 2014-11-04 19:32 - 00000000 _SHDL () C:\Users\Magda\AppData\Local\Dane aplikacji 2014-11-04 19:32 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-04 19:32 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-11-04 19:32 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Public\Documents\Moje wideo 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Public\Documents\Moje obrazy 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Public\Documents\Moja muzyka 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Default\Ustawienia lokalne 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Default\Szablony 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Default\Moje dokumenty 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Default\Menu Start 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Default\Documents\Moje wideo 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Default\Documents\Moje obrazy 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Default\Documents\Moja muzyka 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Default\Dane aplikacji 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Historia 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Dane aplikacji 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Moje wideo 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Moje obrazy 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Moja muzyka 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Historia 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Dane aplikacji 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\ProgramData\Szablony 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\ProgramData\Pulpit 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programy 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\ProgramData\Menu Start 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\ProgramData\Dokumenty 2014-11-04 19:31 - 2014-11-04 19:31 - 00000000 _SHDL () C:\ProgramData\Dane aplikacji ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-06 19:34 - 2012-07-26 08:59 - 00000000 ____D () C:\Windows\CbsTemp 2014-11-06 19:33 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-06 19:31 - 2012-11-20 19:01 - 01704898 _____ () C:\Windows\WindowsUpdate.log 2014-11-06 19:28 - 2012-07-26 09:12 - 00000000 ___HD () C:\Windows\ELAMBKUP 2014-11-06 19:11 - 2012-11-20 19:24 - 00001140 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xperia Link.lnk 2014-11-06 19:11 - 2012-11-20 19:07 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation 2014-11-06 19:00 - 2014-01-19 21:32 - 00000000 ____D () C:\Update 2014-11-06 18:37 - 2014-01-19 16:45 - 00000000 ____D () C:\Users\Magda\Desktop\filmy 2014-11-06 17:33 - 2012-07-26 06:26 - 00000215 _____ () C:\Windows\system.ini 2014-11-06 16:26 - 2012-08-03 23:48 - 00712522 _____ () C:\Windows\system32\perfh01D.dat 2014-11-06 16:26 - 2012-08-03 23:48 - 00148908 _____ () C:\Windows\system32\perfc01D.dat 2014-11-06 16:26 - 2012-08-03 23:26 - 00776694 _____ () C:\Windows\system32\prfh0816.dat 2014-11-06 16:26 - 2012-08-03 23:26 - 00159974 _____ () C:\Windows\system32\prfc0816.dat 2014-11-06 16:26 - 2012-08-03 23:19 - 00794946 _____ () C:\Windows\system32\perfh015.dat 2014-11-06 16:26 - 2012-08-03 23:19 - 00159530 _____ () C:\Windows\system32\perfc015.dat 2014-11-06 16:26 - 2012-08-03 23:12 - 00440762 _____ () C:\Windows\system32\perfh014.dat 2014-11-06 16:26 - 2012-08-03 23:12 - 00076914 _____ () C:\Windows\system32\perfc014.dat 2014-11-06 16:26 - 2012-08-03 23:05 - 00730544 _____ () C:\Windows\system32\perfh00E.dat 2014-11-06 16:26 - 2012-08-03 23:05 - 00174018 _____ () C:\Windows\system32\perfc00E.dat 2014-11-06 16:26 - 2012-08-03 22:59 - 00426314 _____ () C:\Windows\system32\perfh00B.dat 2014-11-06 16:26 - 2012-08-03 22:59 - 00081450 _____ () C:\Windows\system32\perfc00B.dat 2014-11-06 16:26 - 2012-08-03 22:52 - 00541792 _____ () C:\Windows\system32\perfh008.dat 2014-11-06 16:26 - 2012-08-03 22:52 - 00088858 _____ () C:\Windows\system32\perfc008.dat 2014-11-06 16:26 - 2012-08-03 22:46 - 00455676 _____ () C:\Windows\system32\perfh006.dat 2014-11-06 16:26 - 2012-08-03 22:46 - 00079422 _____ () C:\Windows\system32\perfc006.dat 2014-11-06 16:26 - 2012-08-03 22:40 - 00718298 _____ () C:\Windows\system32\perfh005.dat 2014-11-06 16:26 - 2012-08-03 22:40 - 00147876 _____ () C:\Windows\system32\perfc005.dat 2014-11-06 16:26 - 2012-07-26 08:28 - 07539758 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-06 14:31 - 2014-05-18 10:53 - 00000000 ____D () C:\Users\Magda\Desktop\zdjecia Z1 2014-11-06 14:31 - 2014-03-28 19:39 - 00000000 ____D () C:\Users\Magda\Desktop\Sandra and Niedziu 2014-11-06 14:31 - 2014-01-19 16:43 - 00000000 ____D () C:\Users\Magda\Desktop\majorka 2014-11-06 14:31 - 2014-01-19 16:41 - 00000000 ____D () C:\Users\Magda\Desktop\zdjecia telefon 2014-11-06 14:04 - 2012-08-03 22:57 - 00000000 ____D () C:\Windows\Panther 2014-11-06 13:49 - 2014-07-03 15:25 - 00000000 ____D () C:\found.002 2014-11-06 13:49 - 2014-06-24 18:57 - 00000000 ____D () C:\found.000 2014-11-06 13:49 - 2012-11-20 18:40 - 00000000 ____D () C:\Intel 2014-11-06 10:01 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI 2014-11-06 10:01 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK 2014-11-06 10:01 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO 2014-11-06 10:01 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG 2014-11-06 10:01 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sl-SI 2014-11-06 10:01 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sk-SK 2014-11-06 10:01 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\ro-RO 2014-11-06 10:01 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\bg-BG 2014-11-06 09:43 - 2012-11-20 19:05 - 00000000 ____D () C:\ProgramData\McAfee 2014-11-06 09:39 - 2012-11-20 19:27 - 00124609 _____ () C:\firecore.log 2014-11-06 07:40 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-11-06 07:13 - 2012-08-03 22:08 - 00000000 ____D () C:\Users\Administrator 2014-11-06 07:13 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\Offline Web Pages 2014-11-06 07:13 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\Bthprops 2014-11-06 07:13 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\Bthprops 2014-11-06 07:13 - 2012-07-26 08:52 - 00000000 ____D () C:\Windows\ShellNew 2014-11-06 07:12 - 2012-08-03 23:40 - 00000000 ____D () C:\Windows\sl-SI 2014-11-06 07:12 - 2012-08-03 23:35 - 00000000 ____D () C:\Windows\sk-SK 2014-11-06 07:12 - 2012-08-03 23:30 - 00000000 ____D () C:\Windows\ro-RO 2014-11-06 07:12 - 2012-08-03 22:08 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\WinMetadata 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\ras 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\MSDRM 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\WinMetadata 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\setup 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\ras 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\MSDRM 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\addins 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Portable Devices 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\Services 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices 2014-11-06 07:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform 2014-11-06 07:12 - 2012-07-26 08:19 - 00281544 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-06 07:12 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-11-06 07:12 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\oobe 2014-11-06 07:12 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\Dism 2014-11-06 07:12 - 2012-07-26 06:37 - 00000000 ____D () C:\Windows\servicing 2014-11-06 07:11 - 2012-11-20 19:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-11-06 07:11 - 2012-11-20 19:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8 2014-11-06 07:11 - 2012-11-20 19:26 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 2014-11-06 07:11 - 2012-11-20 18:56 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless 2014-11-06 07:11 - 2012-08-03 22:34 - 00000000 ____D () C:\Windows\bg-BG 2014-11-06 07:11 - 2012-08-03 22:08 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-06 07:11 - 2012-08-03 22:08 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-06 07:11 - 2012-08-03 22:08 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 __RSD () C:\Windows\Media 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 __RHD () C:\Users\Public\Libraries 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\DesktopTileResources 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\L2Schemas 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\IME 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Cursors 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\System 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer 2014-11-06 07:11 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-11-06 07:11 - 2012-07-26 08:52 - 00000000 ____D () C:\Program Files\Windows Journal 2014-11-06 05:39 - 2012-07-26 08:20 - 00000000 ____D () C:\Windows\Setup 2014-11-06 05:25 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache 2014-11-06 05:09 - 2014-02-09 18:07 - 00000000 ___RD () C:\Users\Magda\SkyDrive 2014-11-06 05:08 - 2012-11-20 19:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center 2014-11-06 04:38 - 2012-08-22 03:40 - 00000000 ____D () C:\Program Files\MSBuild 2014-11-06 04:36 - 2012-08-22 03:40 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-11-06 00:47 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\registration 2014-11-06 00:38 - 2012-08-22 03:40 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer 2014-11-06 00:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Web 2014-11-06 00:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Vss 2014-11-06 00:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\WindowsPowerShell 2014-11-06 00:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\spp 2014-11-06 00:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\Speech 2014-11-06 00:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\networklist 2014-11-06 00:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\MUI 2014-11-06 00:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\MsDtc 2014-11-06 00:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\migwiz 2014-11-06 00:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2014-11-06 00:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\Licenses 2014-11-06 00:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield 2014-11-06 00:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\IME 2014-11-06 00:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\Com 2014-11-06 00:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell 2014-11-06 00:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns 2014-11-06 00:38 - 2012-07-26 08:49 - 00000000 ____D () C:\Windows\SysWOW64\winrm 2014-11-06 00:38 - 2012-07-26 08:49 - 00000000 ____D () C:\Windows\SysWOW64\slmgr 2014-11-06 00:38 - 2012-07-26 08:49 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts 2014-11-06 00:38 - 2012-07-26 08:49 - 00000000 ____D () C:\Windows\system32\winrm 2014-11-06 00:38 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\SysWOW64\oobe 2014-11-06 00:37 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform 2014-11-06 00:37 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\spp 2014-11-06 00:37 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\spool 2014-11-06 00:37 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\Speech 2014-11-06 00:37 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\networklist 2014-11-06 00:37 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\MUI 2014-11-06 00:37 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\MsDtc 2014-11-06 00:37 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\migwiz 2014-11-06 00:37 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\Macromed 2014-11-06 00:37 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\Licenses 2014-11-06 00:37 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\IME 2014-11-06 00:37 - 2012-07-26 08:49 - 00000000 ____D () C:\Windows\system32\slmgr 2014-11-06 00:37 - 2012-07-26 08:49 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts 2014-11-06 00:37 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\Sysprep 2014-11-06 00:37 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\SMI 2014-11-06 00:35 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\Com 2014-11-06 00:33 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Speech 2014-11-06 00:33 - 2012-07-26 08:52 - 00000000 ____D () C:\Windows\SKB 2014-11-06 00:29 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\security 2014-11-06 00:29 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\schemas 2014-11-06 00:29 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Resources 2014-11-06 00:28 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\PLA 2014-11-06 00:28 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Performance 2014-11-06 00:22 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Help 2014-11-06 00:22 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Globalization 2014-11-06 00:20 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Branding 2014-11-06 00:19 - 2014-01-19 16:59 - 00000000 ____D () C:\Users\Magda\Desktop\madzia 2014-11-06 00:19 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AppCompat 2014-11-06 00:18 - 2012-11-20 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation 2014-11-06 00:18 - 2012-11-20 19:43 - 00000000 ____D () C:\ProgramData\WildTangent 2014-11-06 00:18 - 2012-11-20 19:35 - 00000000 ____D () C:\ProgramData\install_clap 2014-11-06 00:18 - 2012-11-20 19:25 - 00000000 ____D () C:\ProgramData\Temp 2014-11-06 00:18 - 2012-11-20 18:56 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel 2014-11-06 00:18 - 2012-11-20 18:54 - 00000000 ____D () C:\ProgramData\Intel 2014-11-06 00:18 - 2012-11-20 18:38 - 00000000 ____D () C:\ProgramData\Sony Corporation 2014-11-06 00:18 - 2012-07-26 06:37 - 00000000 __RHD () C:\Users\Default 2014-11-06 00:09 - 2012-11-20 18:55 - 00000000 ____D () C:\Program Files\Synaptics 2014-11-06 00:09 - 2012-11-20 18:32 - 00000000 ____D () C:\Program Files\Sony 2014-11-06 00:09 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows NT 2014-11-06 00:08 - 2012-11-20 20:19 - 00000000 ____D () C:\Program Files\Intel Corporation 2014-11-06 00:08 - 2012-11-20 19:02 - 00000000 ____D () C:\Program Files\Java 2014-11-06 00:08 - 2012-11-20 19:02 - 00000000 ____D () C:\Program Files\Common Files\Sony Shared 2014-11-06 00:08 - 2012-11-20 18:53 - 00000000 ____D () C:\Program Files\Intel 2014-11-06 00:08 - 2012-11-20 18:46 - 00000000 ____D () C:\Program Files\Realtek 2014-11-06 00:08 - 2012-08-22 03:40 - 00000000 ____D () C:\Program Files\Reference Assemblies 2014-11-06 00:08 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-11-06 00:07 - 2012-11-20 19:45 - 00000000 ____D () C:\Program Files (x86)\WildGames 2014-11-06 00:07 - 2012-11-20 19:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2014-11-06 00:07 - 2012-11-20 19:07 - 00000000 ____D () C:\Program Files (x86)\Sony 2014-11-06 00:07 - 2012-11-20 19:03 - 00000000 ____D () C:\Program Files (x86)\Java 2014-11-06 00:07 - 2012-11-20 18:51 - 00000000 ____D () C:\Program Files\Common Files\Intel 2014-11-06 00:07 - 2012-11-20 18:50 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies 2014-11-06 00:07 - 2012-11-20 18:49 - 00000000 ____D () C:\Program Files\ATI 2014-11-06 00:07 - 2012-11-20 18:45 - 00000000 ____D () C:\Program Files (x86)\Realtek 2014-11-06 00:07 - 2012-11-20 18:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-11-06 00:07 - 2012-11-20 18:40 - 00000000 ____D () C:\Program Files (x86)\Intel 2014-11-06 00:07 - 2012-08-22 03:40 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies 2014-11-06 00:07 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows NT 2014-11-06 00:06 - 2012-11-20 19:25 - 00000000 ____D () C:\Program Files (x86)\CyberLink 2014-11-06 00:06 - 2012-11-20 19:24 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-11-06 00:06 - 2012-11-20 19:19 - 00000000 ____D () C:\Documentation 2014-11-06 00:06 - 2012-11-20 18:56 - 00000000 ____D () C:\Program Files (x86)\Cisco 2014-11-06 00:06 - 2012-11-20 18:51 - 00000000 ____D () C:\Program Files (x86)\AMD APP 2014-11-06 00:06 - 2012-11-20 18:49 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies 2014-11-06 00:06 - 2012-11-20 18:47 - 00000000 ____D () C:\Program Files (x86)\Dolby Home Theater v4 2014-11-05 23:59 - 2014-01-19 21:32 - 00000000 _____ () C:\Recovery.txt 2014-11-05 16:04 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2014-11-04 21:29 - 2012-07-26 09:13 - 00262144 _____ () C:\Windows\system32\config\BCD-Template 2014-11-04 19:50 - 2012-11-20 19:23 - 00000000 ____D () C:\Windows\System32\Tasks\SONY 2014-11-04 19:39 - 2014-01-19 16:53 - 00008470 _____ () C:\Users\Magda\Desktop\Usunięte aplikacje.html 2014-11-04 19:37 - 2014-01-19 21:19 - 00000000 ____D () C:\Users\Magda\AppData\Local\Packages 2014-11-04 19:33 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\Recovery ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2012-08-03 22:06 ==================== End Of Log ============================