Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-11-2014 01 Ran by Laura at 2014-11-29 18:26:51 Run:1 Running from C:\Users\Laura\Desktop\narzedzia Loaded Profile: Laura (Available profiles: Laura) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: R1 {06b330c2-0607-4547-8f68-86805edbaa23}Gw64; C:\Windows\System32\drivers\{06b330c2-0607-4547-8f68-86805edbaa23}Gw64.sys [48792 2014-10-17] (StdLib) R1 {24616444-765b-4b21-a0d9-3f0c17b29bfe}w64; C:\Windows\System32\drivers\{24616444-765b-4b21-a0d9-3f0c17b29bfe}w64.sys [48832 2014-11-29] (StdLib) R1 {2f1ed632-8cc1-4969-916a-211c6b0412c1}Gw64; C:\Windows\System32\drivers\{2f1ed632-8cc1-4969-916a-211c6b0412c1}Gw64.sys [48792 2014-10-13] (StdLib) R1 {397e3208-0393-47ca-9748-370b27e14021}Gw64; C:\Windows\System32\drivers\{397e3208-0393-47ca-9748-370b27e14021}Gw64.sys [48792 2014-10-19] (StdLib) R1 {4059f7a9-d023-4137-a1c8-01f0f6fe6110}Gw64; C:\Windows\System32\drivers\{4059f7a9-d023-4137-a1c8-01f0f6fe6110}Gw64.sys [48792 2014-10-19] (StdLib) R1 {4b6b588f-fe6d-43d5-96e6-6583434569cd}Gw64; C:\Windows\System32\drivers\{4b6b588f-fe6d-43d5-96e6-6583434569cd}Gw64.sys [48792 2014-10-15] (StdLib) R1 {5eeb83d0-96ea-4249-942c-beead6847053}Gw64; C:\Windows\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys [44696 2014-09-16] (StdLib) R1 {651e31c1-db10-434b-a173-a9b0e6a15ce0}Gw64; C:\Windows\System32\drivers\{651e31c1-db10-434b-a173-a9b0e6a15ce0}Gw64.sys [48792 2014-10-21] (StdLib) R1 {807699ff-a8ae-4ba9-8010-fe7f44646ff9}Gw64; C:\Windows\System32\drivers\{807699ff-a8ae-4ba9-8010-fe7f44646ff9}Gw64.sys [48792 2014-10-17] (StdLib) R1 {b52a596e-357b-4007-9a88-5592a17b1be9}Gw64; C:\Windows\System32\drivers\{b52a596e-357b-4007-9a88-5592a17b1be9}Gw64.sys [48792 2014-10-12] (StdLib) R1 {b6d2616c-64d9-4cf8-b476-cbd886546a36}Gw64; C:\Windows\System32\drivers\{b6d2616c-64d9-4cf8-b476-cbd886546a36}Gw64.sys [48792 2014-10-16] (StdLib) R1 {bf167862-9559-4b38-94c6-2e5edae3632c}Gw64; C:\Windows\System32\drivers\{bf167862-9559-4b38-94c6-2e5edae3632c}Gw64.sys [48792 2014-10-11] (StdLib) R1 {e168bb47-74a7-440b-bf7d-d17153007d6b}Gw64; C:\Windows\System32\drivers\{e168bb47-74a7-440b-bf7d-d17153007d6b}Gw64.sys [48792 2014-10-11] (StdLib) R1 {efa349b9-003c-4506-9e55-957c1cff853c}Gw64; C:\Windows\System32\drivers\{efa349b9-003c-4506-9e55-957c1cff853c}Gw64.sys [48792 2014-10-23] (StdLib) R1 {efa349b9-003c-4506-9e55-957c1cff853c}w64; C:\Windows\System32\drivers\{efa349b9-003c-4506-9e55-957c1cff853c}w64.sys [48832 2014-11-11] (StdLib) R1 {fa50efa5-2c2a-4d8c-b58d-b9548ceccd2b}Gw64; C:\Windows\System32\drivers\{fa50efa5-2c2a-4d8c-b58d-b9548ceccd2b}Gw64.sys [48792 2014-10-10] (StdLib) R1 {fc8e6a5c-9413-4b64-b2fd-0aad0e9e50eb}Gw64; C:\Windows\System32\drivers\{fc8e6a5c-9413-4b64-b2fd-0aad0e9e50eb}Gw64.sys [48792 2014-10-17] (StdLib) R1 {fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}Gw64; C:\Windows\System32\drivers\{fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}Gw64.sys [48792 2014-10-13] (StdLib) R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-16] (Cherished Technololgy LIMITED) R2 MaintainerSvc7.71.837357; C:\ProgramData\66d59f5c-9429-4c86-9f63-c339daeaabaf\maintainer.exe [123680 2014-11-29] () R2 Update SmarterPower; C:\Program Files (x86)\SmarterPower\updateSmarterPower.exe [525600 2014-11-29] () R2 Util SmarterPower; C:\Program Files (x86)\SmarterPower\bin\utilSmarterPower.exe [525600 2014-11-29] () R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-16] (Fuyu LIMITED) [File not signed] GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1410849486&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9DD832937&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1410849486&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9DD832937&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1410849486&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9DD832937&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1410849486&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9DD832937&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.sweet-page.com/?type=sc&ts=1410849486&from=cor&uid=ST1000LM024XHN-M101MBB_S2SMJ9DD832937 BHO-x32: SmarterPower 1.0.0.4 -> {bd7c9b62-a7d9-4405-be51-7fd633f08791} -> C:\Program Files (x86)\SmarterPower\SmarterPowerBHO.dll (SmarterPower) CustomCLSID: HKU\S-1-5-21-3068575985-1883321796-1181531582-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey Winlogon\Notify\igfxcui: igfxdev.dll [X] HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" C:\Program Files (x86)\SmarterPower C:\ProgramData\66d59f5c-9429-4c86-9f63-c339daeaabaf C:\ProgramData\IePluginServices C:\ProgramData\AVAST Software C:\ProgramData\McAfee C:\ProgramData\WindowsMangerProtect C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Local Storage\*localstorage* C:\Users\Laura\AppData\Roaming\eCyber C:\Users\Laura\AppData\Roaming\Opera Software C:\Users\Laura\AppData\Roaming\WebExtend C:\Windows\System32\drivers\{06b330c2-0607-4547-8f68-86805edbaa23}Gw64.sys C:\Windows\System32\drivers\{24616444-765b-4b21-a0d9-3f0c17b29bfe}w64.sys C:\Windows\System32\drivers\{2f1ed632-8cc1-4969-916a-211c6b0412c1}Gw64.sys C:\Windows\System32\drivers\{397e3208-0393-47ca-9748-370b27e14021}Gw64.sys C:\Windows\System32\drivers\{4059f7a9-d023-4137-a1c8-01f0f6fe6110}Gw64.sys C:\Windows\System32\drivers\{4b6b588f-fe6d-43d5-96e6-6583434569cd}Gw64.sys C:\Windows\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys C:\Windows\System32\drivers\{651e31c1-db10-434b-a173-a9b0e6a15ce0}Gw64.sys C:\Windows\System32\drivers\{807699ff-a8ae-4ba9-8010-fe7f44646ff9}Gw64.sys C:\Windows\System32\drivers\{b52a596e-357b-4007-9a88-5592a17b1be9}Gw64.sys C:\Windows\System32\drivers\{b6d2616c-64d9-4cf8-b476-cbd886546a36}Gw64.sys C:\Windows\System32\drivers\{bf167862-9559-4b38-94c6-2e5edae3632c}Gw64.sys C:\Windows\System32\drivers\{e168bb47-74a7-440b-bf7d-d17153007d6b}Gw64.sys C:\Windows\System32\drivers\{efa349b9-003c-4506-9e55-957c1cff853c}Gw64.sys C:\Windows\System32\drivers\{efa349b9-003c-4506-9e55-957c1cff853c}w64.sys C:\Windows\System32\drivers\{fa50efa5-2c2a-4d8c-b58d-b9548ceccd2b}Gw64.sys C:\Windows\System32\drivers\{fc8e6a5c-9413-4b64-b2fd-0aad0e9e50eb}Gw64.sys C:\Windows\System32\drivers\{fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}Gw64.sys Reg: reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v mcui_exe /f CMD: dir /a "C:\Program Files" CMD: dir /a "C:\Program Files (x86)" CMD: dir /a C:\ProgramData CMD: dir /a C:\Users\Laura\AppData\Local CMD: dir /a C:\Users\Laura\AppData\LocalLow CMD: dir /a C:\Users\Laura\AppData\Roaming EmptyTemp: ***************** Processes closed successfully. {06b330c2-0607-4547-8f68-86805edbaa23}Gw64 => Unable to stop service {06b330c2-0607-4547-8f68-86805edbaa23}Gw64 => Service deleted successfully. {24616444-765b-4b21-a0d9-3f0c17b29bfe}w64 => Unable to stop service {24616444-765b-4b21-a0d9-3f0c17b29bfe}w64 => Service deleted successfully. {2f1ed632-8cc1-4969-916a-211c6b0412c1}Gw64 => Unable to stop service {2f1ed632-8cc1-4969-916a-211c6b0412c1}Gw64 => Service deleted successfully. {397e3208-0393-47ca-9748-370b27e14021}Gw64 => Unable to stop service {397e3208-0393-47ca-9748-370b27e14021}Gw64 => Service deleted successfully. {4059f7a9-d023-4137-a1c8-01f0f6fe6110}Gw64 => Unable to stop service {4059f7a9-d023-4137-a1c8-01f0f6fe6110}Gw64 => Service deleted successfully. {4b6b588f-fe6d-43d5-96e6-6583434569cd}Gw64 => Unable to stop service {4b6b588f-fe6d-43d5-96e6-6583434569cd}Gw64 => Service deleted successfully. {5eeb83d0-96ea-4249-942c-beead6847053}Gw64 => Unable to stop service {5eeb83d0-96ea-4249-942c-beead6847053}Gw64 => Service deleted successfully. {651e31c1-db10-434b-a173-a9b0e6a15ce0}Gw64 => Unable to stop service {651e31c1-db10-434b-a173-a9b0e6a15ce0}Gw64 => Service deleted successfully. {807699ff-a8ae-4ba9-8010-fe7f44646ff9}Gw64 => Unable to stop service {807699ff-a8ae-4ba9-8010-fe7f44646ff9}Gw64 => Service deleted successfully. {b52a596e-357b-4007-9a88-5592a17b1be9}Gw64 => Unable to stop service {b52a596e-357b-4007-9a88-5592a17b1be9}Gw64 => Service deleted successfully. {b6d2616c-64d9-4cf8-b476-cbd886546a36}Gw64 => Unable to stop service {b6d2616c-64d9-4cf8-b476-cbd886546a36}Gw64 => Service deleted successfully. {bf167862-9559-4b38-94c6-2e5edae3632c}Gw64 => Unable to stop service {bf167862-9559-4b38-94c6-2e5edae3632c}Gw64 => Service deleted successfully. {e168bb47-74a7-440b-bf7d-d17153007d6b}Gw64 => Unable to stop service {e168bb47-74a7-440b-bf7d-d17153007d6b}Gw64 => Service deleted successfully. {efa349b9-003c-4506-9e55-957c1cff853c}Gw64 => Unable to stop service {efa349b9-003c-4506-9e55-957c1cff853c}Gw64 => Service deleted successfully. {efa349b9-003c-4506-9e55-957c1cff853c}w64 => Unable to stop service {efa349b9-003c-4506-9e55-957c1cff853c}w64 => Service deleted successfully. {fa50efa5-2c2a-4d8c-b58d-b9548ceccd2b}Gw64 => Unable to stop service {fa50efa5-2c2a-4d8c-b58d-b9548ceccd2b}Gw64 => Service deleted successfully. {fc8e6a5c-9413-4b64-b2fd-0aad0e9e50eb}Gw64 => Unable to stop service {fc8e6a5c-9413-4b64-b2fd-0aad0e9e50eb}Gw64 => Service deleted successfully. {fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}Gw64 => Unable to stop service {fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}Gw64 => Service deleted successfully. IePluginServices => Service deleted successfully. MaintainerSvc7.71.837357 => Service deleted successfully. Update SmarterPower => Service not found. Util SmarterPower => Service not found. WindowsMangerProtect => Service not found. C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully. C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bd7c9b62-a7d9-4405-be51-7fd633f08791}" => Key not found. "HKCR\Wow6432Node\CLSID\{bd7c9b62-a7d9-4405-be51-7fd633f08791}" => Key not found. "HKU\S-1-5-21-3068575985-1883321796-1181531582-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}" => Key deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully. "HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncBackedUp" => Key deleted successfully. "HKCR\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}" => Key deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncPending" => Key deleted successfully. "HKCR\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}" => Key deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncRoot" => Key deleted successfully. "HKCR\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}" => Key deleted successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncShared" => Key deleted successfully. "HKCR\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}" => Key deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mcui_exe => value deleted successfully. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui" => Key deleted successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc" => Key deleted successfully. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc" => Key deleted successfully. C:\Program Files (x86)\SmarterPower => Moved successfully. C:\ProgramData\66d59f5c-9429-4c86-9f63-c339daeaabaf => Moved successfully. C:\ProgramData\IePluginServices => Moved successfully. C:\ProgramData\AVAST Software => Moved successfully. C:\ProgramData\McAfee => Moved successfully. C:\ProgramData\WindowsMangerProtect => Moved successfully. C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Local Storage\*localstorage* => Moved successfully. C:\Users\Laura\AppData\Roaming\eCyber => Moved successfully. C:\Users\Laura\AppData\Roaming\Opera Software => Moved successfully. C:\Users\Laura\AppData\Roaming\WebExtend => Moved successfully. C:\Windows\System32\drivers\{06b330c2-0607-4547-8f68-86805edbaa23}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{24616444-765b-4b21-a0d9-3f0c17b29bfe}w64.sys => Moved successfully. C:\Windows\System32\drivers\{2f1ed632-8cc1-4969-916a-211c6b0412c1}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{397e3208-0393-47ca-9748-370b27e14021}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{4059f7a9-d023-4137-a1c8-01f0f6fe6110}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{4b6b588f-fe6d-43d5-96e6-6583434569cd}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{651e31c1-db10-434b-a173-a9b0e6a15ce0}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{807699ff-a8ae-4ba9-8010-fe7f44646ff9}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{b52a596e-357b-4007-9a88-5592a17b1be9}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{b6d2616c-64d9-4cf8-b476-cbd886546a36}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{bf167862-9559-4b38-94c6-2e5edae3632c}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{e168bb47-74a7-440b-bf7d-d17153007d6b}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{efa349b9-003c-4506-9e55-957c1cff853c}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{efa349b9-003c-4506-9e55-957c1cff853c}w64.sys => Moved successfully. C:\Windows\System32\drivers\{fa50efa5-2c2a-4d8c-b58d-b9548ceccd2b}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{fc8e6a5c-9413-4b64-b2fd-0aad0e9e50eb}Gw64.sys => Moved successfully. C:\Windows\System32\drivers\{fec0fd95-7a4f-4f0e-93f4-63bcf3ad1706}Gw64.sys => Moved successfully. ========= reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2 /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v mcui_exe /f ========= Operacja ukoäczona pomy˜lnie. ========= End of Reg: ========= ========= dir /a "C:\Program Files" ========= Volume in drive C is Windows8_OS Volume Serial Number is 2470-A02F Directory of C:\Program Files 2014-11-11 14:19 . 2014-11-11 14:19 .. 2014-07-21 15:29 AMD 2013-09-05 04:59 ATI 2014-11-11 14:16 Common Files 2014-07-18 22:14 CONEXANT 2013-08-22 16:35 174 desktop.ini 2013-09-05 05:28 DIFX 2014-07-21 12:19 Intel 2014-11-29 15:41 Internet Explorer 2014-11-29 13:33 Lenovo 2014-11-29 13:34 Microsoft Office 15 2014-09-25 07:41 Microsoft Silverlight 2014-07-18 22:48 MSBuild 2014-07-18 22:48 Reference Assemblies 2014-07-18 22:04 Synaptics 2012-07-26 08:22 Uninstall Information 2014-11-29 15:41 Windows Defender 2014-09-15 21:08 Windows Journal 2014-07-18 22:14 Windows Mail 2014-07-18 22:14 Windows Media Player 2014-03-18 11:09 Windows Multimedia Platform 2014-07-18 22:29 Windows NT 2014-07-18 22:14 Windows Photo Viewer 2014-03-18 11:09 Windows Portable Devices 2014-07-18 22:14 Windows Sidebar 2014-11-29 15:28 WindowsApps 2013-08-22 16:36 WindowsPowerShell 1 File(s) 174 bytes 27 Dir(s) 923ÿ525ÿ206ÿ016 bytes free ========= End of CMD: ========= ========= dir /a "C:\Program Files (x86)" ========= Volume in drive C is Windows8_OS Volume Serial Number is 2470-A02F Directory of C:\Program Files (x86) 2014-11-29 18:28 . 2014-11-29 18:28 .. 2014-07-21 15:34 Advanced Micro Devices, Inc 2013-09-05 04:59 AMD APP 2013-09-05 04:59 AMD AVT 2014-07-21 15:34 ATI Technologies 2014-11-11 14:16 Common Files 2013-09-05 05:21 Cyberlink 2013-08-22 16:34 174 desktop.ini 2013-09-05 05:04 Dolby Advanced Audio v2 2014-10-06 17:23 Google 2014-09-29 16:52 InstallShield Installation Information 2013-09-05 05:29 Intel 2014-11-29 15:41 Internet Explorer 2013-09-05 05:28 Lenovo 2013-09-05 05:17 Microsoft Office 2014-09-25 07:41 Microsoft Silverlight 2014-09-06 09:02 Microsoft SkyDrive 2014-09-06 09:01 Microsoft.NET 2014-09-25 05:55 Mozilla Firefox 2014-10-06 19:56 Mozilla Maintenance Service 2014-07-18 22:49 MSBuild 2013-09-05 05:28 New Folder 2014-09-29 16:44 Opera 2013-09-05 05:11 Realtek 2014-07-18 22:49 Reference Assemblies 2014-09-29 16:52 Samsung 2014-11-29 15:41 Windows Defender 2014-07-18 22:14 Windows Mail 2014-07-18 22:14 Windows Media Player 2014-03-18 11:09 Windows Multimedia Platform 2013-08-22 16:36 Windows NT 2014-07-18 22:14 Windows Photo Viewer 2014-03-18 11:09 Windows Portable Devices 2014-07-18 22:14 Windows Sidebar 2013-08-22 16:36 WindowsPowerShell 1 File(s) 174 bytes 35 Dir(s) 923ÿ525ÿ201ÿ920 bytes free ========= End of CMD: ========= ========= dir /a C:\ProgramData ========= Volume in drive C is Windows8_OS Volume Serial Number is 2470-A02F Directory of C:\ProgramData 2014-11-29 18:28 . 2014-11-29 18:28 .. 2014-09-29 16:45 374311380 2013-09-05 05:21 Adobe 2014-06-13 08:48 AlawarWrapper 2013-09-05 04:59 AMD 2013-08-22 15:45 Application Data [C:\ProgramData] 2014-07-21 15:34 ATI 2014-07-18 22:14 Conexant 2014-04-06 16:08 CyberLink 2014-02-12 02:21 Dane aplikacji [C:\ProgramData] 2013-08-22 15:45 Desktop [C:\Users\Public\Desktop] 2013-08-22 15:45 Documents [C:\Users\Public\Documents] 2014-02-12 02:21 Dokumenty [C:\Users\Public\Documents] 2013-09-05 05:28 Downloaded Installations 2013-09-05 05:04 0 DP45977C.lfl 2014-03-06 15:44 Energy Management 2014-06-09 10:51 Farm Frenzy 2014-03-09 19:15 GG 2013-09-05 05:29 Intel 2014-07-18 15:39 Lenovo 2014-02-12 02:21 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 2014-09-25 07:41 Microsoft 2014-09-06 09:02 Microsoft SkyDrive 2014-02-12 20:00 Mozilla 2014-10-06 19:57 266 ntuser.pol 2013-09-05 05:30 OneKey Recovery 2014-07-21 15:31 Package Cache 2014-07-18 22:15 PRICache 2014-02-12 02:21 Pulpit [C:\Users\Public\Desktop] 2014-11-29 13:40 regid.1991-06.com.microsoft 2013-08-22 15:45 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 2014-02-12 02:21 Szablony [C:\ProgramData\Microsoft\Windows\Templates] 2013-09-05 05:30 Temp 2013-08-22 15:45 Templates [C:\ProgramData\Microsoft\Windows\Templates] 2 File(s) 266 bytes 33 Dir(s) 923ÿ525ÿ201ÿ920 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\Laura\AppData\Local ========= Volume in drive C is Windows8_OS Volume Serial Number is 2470-A02F Directory of C:\Users\Laura\AppData\Local 2014-11-29 18:23 . 2014-11-29 18:23 .. 2014-10-29 19:10 Adobe 2014-06-09 10:23 AlawarWrapper 2014-02-11 20:38 ATI 2014-02-11 20:36 Broadcom 2014-09-14 17:08 CyberLink 2014-07-18 22:12 Dane aplikacji [C:\Users\Laura\AppData\Local] 2014-08-15 07:46 Diagnostics 2014-09-16 07:47 Downloaded Installations 2014-11-29 18:23 ElevatedDiagnostics 2014-08-01 06:56 EmieSiteList 2014-08-01 06:56 EmieUserList 2014-10-28 18:57 GG 2014-10-06 17:25 Google 2014-07-18 22:12 Historia [C:\Users\Laura\AppData\Local\Microsoft\Windows\History] 2014-11-29 15:54 50ÿ286 IconCache.db 2014-07-18 15:39 LSC 2014-02-13 09:45 Macromedia 2014-09-06 09:02 Microsoft 2014-02-12 20:00 Mozilla 2014-09-16 07:44 Opera Software 2014-09-22 09:28 Packages 2014-10-24 04:58 Pay-By-Ads 2014-09-16 07:38 Programs 2014-11-29 18:28 Temp 2014-07-18 22:12 Temporary Internet Files [C:\Users\Laura\AppData\Local\Microsoft\Windows\INetCache] 2014-09-06 08:56 VirtualStore 1 File(s) 50ÿ286 bytes 27 Dir(s) 923ÿ525ÿ197ÿ824 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\Laura\AppData\LocalLow ========= Volume in drive C is Windows8_OS Volume Serial Number is 2470-A02F Directory of C:\Users\Laura\AppData\LocalLow 2014-08-01 06:56 . 2014-08-01 06:56 .. 2014-08-01 06:56 EmieSiteList 2014-08-01 06:56 EmieUserList 2014-09-25 07:41 Microsoft 0 File(s) 0 bytes 5 Dir(s) 923ÿ525ÿ197ÿ824 bytes free ========= End of CMD: ========= ========= dir /a C:\Users\Laura\AppData\Roaming ========= Volume in drive C is Windows8_OS Volume Serial Number is 2470-A02F Directory of C:\Users\Laura\AppData\Roaming 2014-11-29 18:28 . 2014-11-29 18:28 .. 2014-02-11 21:41 Adobe 2014-02-11 20:38 ATI 2014-02-14 21:06 CyberLink 2014-10-28 18:57 GG 2014-07-19 05:04 Identities 2014-02-11 20:37 Intel Corporation 2014-02-12 18:41 Lenovo 2014-07-24 17:12 LSC 2013-09-05 05:21 Macromedia 2014-09-08 15:06 Microsoft 2014-02-12 20:00 Mozilla 2014-09-29 16:52 Samsung 2014-02-12 18:41 WebApp 0 File(s) 0 bytes 15 Dir(s) 923ÿ525ÿ197ÿ824 bytes free ========= End of CMD: ========= EmptyTemp: => Removed 804.3 MB temporary data. The system needed a reboot. ==== End of Fixlog ====