OTL.Txt

Komputer znacznie zwolnił

Od jakiegoś czasu komputer wyraźnie zwolnił. Przeglądanie folderów odbywa się normalnie, ale włączanie, a także i wyłączanie komputera trwa znacznie dłużej niż wcześniej. Dodatkowo komputer zwalnia podczas korzystania z AutoCad. Ponad to kilka razy zdarzyło się "Wznawianie systemu Windows" po uruchomieniu go ze stanu "Uśpij", czego wcześniej nie było (zaś po tym wznawianiu wyłączał się monitor). System to Win 7 64-bit. Mainboard : Gigabyte P35-DS3L Chipset : Intel P31/P35 Processor : Intel Core 2 Duo E8500 @ 3166 MHz Physical Memory : 4096 MB (4 x 1024 DDR2-SDRAM ) Video Card : ATI Radeon HD 4800 Series Hard Disk : Seagate ST3500320AS ATA Device (500GB) + Hitachi 1TB DVD-Rom Drive : PIONEER DVD-RW DVR-215 Monitor Type : Hansol Electronics - 16 inches Network Card : Realtek Semiconductor RTL8168/8111 PCIe Gigabit Ethernet Adapter Operating System : Windows 7 Ultimate Professional Media Center 6.01.7601 Service Pack 1 (64-bit) DirectX : Version 11.00 Windows Performance Index : 5.9 on 7.9 Zasilacz : ATX 500W Cooler Master eXtreme


OTL logfile created on: 2014-08-25 10:25:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Adam\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 61,25% Memory free
4,00 Gb Paging File | 2,70 Gb Available in Paging File | 67,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 73,24 Gb Total Space | 37,69 Gb Free Space | 51,46% Space Free | Partition Type: NTFS
Drive D: | 14,65 Gb Total Space | 10,83 Gb Free Space | 73,91% Space Free | Partition Type: NTFS
Drive E: | 594,15 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 465,76 Gb Total Space | 465,64 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
Drive G: | 843,62 Gb Total Space | 433,98 Gb Free Space | 51,44% Space Free | Partition Type: NTFS

Computer Name: ADAM | User Name: Adam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014-08-25 10:20:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Adam\Desktop\OTL.exe
PRC - [2014-07-01 15:14:02 | 000,242,728 | ---- | M] (Foxit Corporation) -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
PRC - [2014-04-24 18:32:50 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2012-01-31 11:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2010-03-18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2006-09-28 11:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014-08-25 09:01:15 | 017,048,240 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2014-07-25 15:00:25 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014-01-03 12:14:54 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:[b]64bit:[/b] - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2013-04-30 05:52:38 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2011-05-28 22:24:32 | 000,173,056 | ---- | M] (Airytec) [Auto | Stopped] -- C:\Program Files\Airytec\Switch Off\swoff.exe -- (SwOffWeb)
SRV:[b]64bit:[/b] - [2011-05-28 22:24:32 | 000,173,056 | ---- | M] (Airytec) [Auto | Stopped] -- C:\Program Files\Airytec\Switch Off\swoff.exe -- (SwOffScheduler)
SRV - [2014-07-30 19:00:36 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-07-01 15:14:02 | 000,242,728 | ---- | M] (Foxit Corporation) [Auto | Running] -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe -- (FoxitCloudUpdateService)
SRV - [2014-03-21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-09-11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012-01-31 11:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2012-01-05 17:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2010-03-18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2006-09-28 11:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2014-07-19 16:16:07 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2014-07-14 16:25:53 | 000,034,512 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\debutfilterx64.sys -- (debutfilter)
DRV:[b]64bit:[/b] - [2013-10-02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013-04-30 06:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2013-04-30 06:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2013-04-30 04:48:14 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2012-08-23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012-06-05 07:45:16 | 000,237,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:[b]64bit:[/b] - [2012-05-14 08:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-06-10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-06-07 16:02:24 | 001,917,576 | ---- | M] (Syntek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\StkCMini.sys -- (StkCMini)
DRV:[b]64bit:[/b] - [2009-10-21 18:33:02 | 000,474,240 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wfeaglxt.sys -- (WFLR6654)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2007-07-13 14:50:34 | 000,607,744 | ---- | M] (Conexant, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\av88base.sys -- (AV88BASE)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2002-07-17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\ASPI32.SYS -- (Aspi32)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & src=IE-SearchBox & FORM=IE11SR
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & src=IE-SearchBox & FORM=IE11SR
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0



IE - HKU\S-1-5-21-3911258985-4238780220-1332891320-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-3911258985-4238780220-1332891320-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3911258985-4238780220-1332891320-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3911258985-4238780220-1332891320-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: " URL " = http://www.bing.com/search?q={searchTerms} & src=IE-SearchBox & FORM=IE11SR
IE - HKU\S-1-5-21-3911258985-4238780220-1332891320-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: " ProxyEnable " = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: " Google "
FF - prefs.js..browser.startup.homepage: " about:superstart "
FF - prefs.js..extensions.enabledAddons: superstart%40enjoyfreeware.org:7.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0


FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2014-05-20 21:00:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adam\AppData\Roaming\mozilla\Extensions
[2014-08-17 16:25:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adam\AppData\Roaming\mozilla\Firefox\Profiles\ldkaik45.default\extensions
[2014-08-17 16:25:30 | 000,000,000 | ---D | M] (British English Dictionary (Updated)) -- C:\Users\Adam\AppData\Roaming\mozilla\Firefox\Profiles\ldkaik45.default\extensions\en-gb@flyingtophat.co.uk
[2014-07-14 15:22:30 | 000,000,000 | ---D | M] (NextCoup) -- C:\Users\Adam\AppData\Roaming\mozilla\Firefox\Profiles\ldkaik45.default\extensions\llp7-oo@foqkgxaax.edu
[2014-07-14 15:22:30 | 000,000,000 | ---D | M] (pricecchaop) -- C:\Users\Adam\AppData\Roaming\mozilla\Firefox\Profiles\ldkaik45.default\extensions\smuoye9@leeak.edu
[2014-07-21 21:36:40 | 000,000,000 | ---D | M] (Super Start) -- C:\Users\Adam\AppData\Roaming\mozilla\Firefox\Profiles\ldkaik45.default\extensions\superstart@enjoyfreeware.org
[2014-07-14 15:22:29 | 000,000,000 | ---D | M] (NeXteCoup) -- C:\Users\Adam\AppData\Roaming\mozilla\Firefox\Profiles\ldkaik45.default\extensions\wjalpnvjkh@zatwqhktmp.net
[2014-07-27 18:00:02 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\Adam\AppData\Roaming\mozilla\firefox\profiles\ldkaik45.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014-07-30 19:00:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014-07-30 19:00:36 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] " C:\Windows\System32\SPReview\SPReview.exe " /sp:1 /errorfwlink: " http://go.microsoft.com/fwlink/?LinkID=122915 " /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] " C:\Windows\System32\SPReview\SPReview.exe " /sp:1 /errorfwlink: " http://go.microsoft.com/fwlink/?LinkID=122915 " /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3911258985-4238780220-1332891320-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O8:[b]64bit:[/b] - Extra context menu item: E & ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E & ksport do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BD16377-3953-4386-8A44-9E34A2E92601}: DhcpNameServer = 8.8.8.8 8.8.4.4
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml - No CLSID value found
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\SupTab\SEARCH~2.DLL) - File not found
O20 - AppInit_DLLs: (c:\progra~2\suptab\search~1.dll) - File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013-12-31 12:50:39 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002-03-20 18:02:38 | 000,372,224 | R--- | M] () - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [1998-09-17 18:12:36 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2014-01-03 11:57:15 | 000,000,000 | ---D | M] - G:\AutoCAD 2013 Win 7 64-bit -- [ NTFS ]
O33 - MountPoints2\{2a091227-b710-11e3-956c-001d7de8f826}\Shell - " " = AutoRun
O33 - MountPoints2\{2a091227-b710-11e3-956c-001d7de8f826}\Shell\AutoRun\command - " " = H:\SETUP.EXE /AUTORUN
O33 - MountPoints2\{2a091227-b710-11e3-956c-001d7de8f826}\Shell\configure\command - " " = H:\SETUP.EXE
O33 - MountPoints2\{2a091227-b710-11e3-956c-001d7de8f826}\Shell\install\command - " " = H:\SETUP.EXE
O33 - MountPoints2\{aa1512ed-7229-11e3-8055-806e6f6e6963}\Shell - " " = AutoRun
O33 - MountPoints2\{aa1512ed-7229-11e3-8055-806e6f6e6963}\Shell\AutoRun\command - " " = E:\AutoRun.exe -- [2002-03-20 18:02:38 | 000,372,224 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- " %1 " %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- " %1 " %*
O35 - HKLM\..comfile [open] -- " %1 " %*
O35 - HKLM\..exefile [open] -- " %1 " %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- " %1 " %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- " %1 " %*
O37 - HKLM\...com [@ = comfile] -- " %1 " %*
O37 - HKLM\...exe [@ = exefile] -- " %1 " %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014-08-25 10:20:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Adam\Desktop\OTL.exe
[2014-08-23 12:22:36 | 006,574,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014-08-23 12:22:36 | 005,694,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014-08-23 12:22:29 | 003,178,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014-08-23 12:22:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2014-08-22 16:20:42 | 000,000,000 | ---D | C] -- C:\Users\Adam\Desktop\autocad
[2014-08-21 18:57:29 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\Softland
[2014-08-21 18:57:27 | 000,025,920 | ---- | C] (Softland) -- C:\Windows\SysNative\dopdfmn7.dll
[2014-08-21 18:57:27 | 000,021,312 | ---- | C] (Softland) -- C:\Windows\SysNative\dopdfmi7.dll
[2014-08-21 18:57:26 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll
[2014-08-21 18:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 7
[2014-08-21 18:57:25 | 000,000,000 | ---D | C] -- C:\Program Files\Softland
[2014-08-21 17:59:47 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2014-08-21 17:59:46 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2014-08-21 17:59:46 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014-08-21 17:59:46 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2014-08-21 17:59:46 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2014-08-21 17:59:46 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014-08-21 17:59:46 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2014-08-21 17:59:46 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2014-08-21 17:59:46 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2014-08-21 17:59:46 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2014-08-21 17:59:46 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2014-08-21 17:59:45 | 001,147,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014-08-21 17:59:45 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014-08-21 17:59:45 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2014-08-21 17:59:45 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2014-08-21 17:59:45 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2014-08-21 17:50:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2014-08-21 17:50:27 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2014-08-21 17:50:26 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2014-08-21 17:50:26 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2014-08-21 17:41:05 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2014-08-21 17:41:04 | 001,389,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
[2014-08-21 17:41:04 | 000,619,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2014-08-21 17:41:04 | 000,171,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
[2014-08-21 17:41:03 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2014-08-21 17:41:03 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
[2014-08-21 17:40:46 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2014-08-21 17:40:46 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2014-08-21 17:39:40 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014-08-21 17:39:40 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014-08-21 17:39:39 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014-08-21 17:39:37 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014-08-21 17:39:37 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014-08-21 17:39:09 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014-08-21 17:39:09 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014-08-21 17:39:06 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014-08-21 17:39:06 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014-08-21 17:39:06 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014-08-21 17:39:05 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014-08-21 17:39:05 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014-08-21 17:39:05 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014-08-21 17:39:05 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014-08-21 17:39:05 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014-08-21 17:39:05 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014-08-21 17:39:05 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014-08-21 17:39:05 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014-08-21 17:39:05 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014-08-21 17:39:05 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014-08-21 17:39:05 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014-08-21 17:39:05 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014-08-21 17:39:05 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014-08-21 17:39:05 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014-08-21 17:39:04 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014-08-21 17:39:04 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014-08-21 17:38:39 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014-08-21 17:38:34 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014-08-21 17:38:26 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014-08-21 17:38:26 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014-08-21 17:38:17 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014-08-21 17:38:17 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014-08-21 17:38:16 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014-08-21 17:38:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014-08-21 17:38:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014-08-21 17:38:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014-08-21 17:38:16 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014-08-21 17:38:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014-08-21 17:38:16 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014-08-21 17:38:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014-08-21 17:38:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2014-08-21 17:38:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2014-08-21 17:38:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014-08-21 17:38:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014-08-21 17:38:13 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014-08-21 17:38:13 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014-08-21 17:38:13 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014-08-21 17:38:12 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2014-08-21 17:38:12 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2014-08-21 17:38:12 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014-08-21 17:38:04 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014-08-21 17:38:04 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014-08-21 17:38:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014-08-21 17:38:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014-08-21 17:37:53 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014-08-21 17:37:53 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014-08-21 17:37:52 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014-08-21 17:37:52 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014-08-21 17:37:52 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014-08-21 17:37:52 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014-08-21 17:37:52 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014-08-21 17:37:51 | 002,001,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014-08-21 17:37:51 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014-08-21 17:37:51 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014-08-21 17:37:51 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014-08-21 17:37:50 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014-08-21 17:37:50 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014-08-21 17:37:50 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014-08-21 17:37:50 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014-08-21 17:37:50 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014-08-21 17:37:49 | 002,087,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014-08-21 17:37:49 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014-08-21 17:37:48 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014-08-21 17:37:48 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014-08-21 17:37:48 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014-08-21 17:37:47 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014-08-21 17:37:47 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014-08-21 17:37:47 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014-08-21 17:37:46 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014-08-21 17:37:46 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014-08-21 17:37:46 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014-08-21 17:37:45 | 005,824,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014-08-21 17:37:45 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014-08-21 17:37:45 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014-08-21 17:37:45 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014-08-21 17:37:45 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014-08-21 17:37:44 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014-08-21 17:37:44 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014-08-21 17:37:43 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014-08-21 17:37:06 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014-08-21 17:37:06 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014-08-21 17:37:06 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014-08-21 17:37:06 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014-08-21 17:32:31 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014-08-12 10:19:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014-08-10 10:46:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014-08-10 10:46:29 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014-08-10 10:46:21 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014-08-10 10:46:21 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014-08-10 10:46:21 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014-08-10 10:46:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014-08-10 10:46:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014-08-01 09:06:25 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014-08-01 09:06:25 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014-08-01 09:06:24 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014-08-01 09:06:19 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014-08-01 09:06:19 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014-08-01 09:06:19 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014-08-01 09:06:19 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014-08-01 09:06:19 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014-08-01 09:06:19 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014-08-01 09:06:11 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014-08-01 09:06:11 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014-08-01 09:06:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014-08-01 09:06:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014-07-30 19:00:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[1 C:\Users\Adam\AppData\Local\*.tmp files - & gt; C:\Users\Adam\AppData\Local\*.tmp - & gt; ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014-08-25 10:20:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Adam\Desktop\OTL.exe
[2014-08-25 10:14:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-08-25 09:04:11 | 001,670,518 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-08-25 09:04:11 | 000,740,422 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2014-08-25 09:04:11 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-08-25 09:04:11 | 000,155,996 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2014-08-25 09:04:11 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-08-25 09:01:15 | 000,699,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-08-25 09:01:15 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-08-25 08:59:37 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2014-08-24 21:56:58 | 000,010,128 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-08-24 21:56:58 | 000,010,128 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-08-24 15:59:01 | 000,316,054 | ---- | M] () -- C:\Users\Adam\Desktop\rys2b Model (1)-page-001.jpg
[2014-08-24 15:57:17 | 000,058,591 | ---- | M] () -- C:\Users\Adam\Desktop\rys2b Model (1).pdf
[2014-08-24 11:24:54 | 002,977,008 | ---- | M] () -- C:\Users\Adam\Desktop\tolerancjeipasowania.pdf
[2014-08-23 12:33:34 | 000,803,366 | ---- | M] () -- C:\Users\Adam\Desktop\8252438900_1353690561.jpg
[2014-08-23 12:18:00 | 000,000,266 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014-08-23 11:00:11 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014-08-23 10:33:55 | 000,269,935 | ---- | M] () -- C:\Users\Adam\Documents\zdjęcie0911.jpg
[2014-08-23 07:34:01 | 000,106,258 | ---- | M] () -- C:\Users\Adam\Desktop\koloryswyk2.jpg
[2014-08-22 22:45:57 | 000,197,702 | ---- | M] () -- C:\Users\Adam\Desktop\rys3 Model (1)-page-002.jpg
[2014-08-21 18:10:18 | 000,387,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014-08-21 17:11:27 | 000,000,356 | ---- | M] () -- C:\Users\Adam\Documents\acad.err
[2014-08-10 10:46:15 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014-08-10 10:46:15 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014-08-10 10:46:15 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014-08-10 10:46:15 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014-08-02 13:08:41 | 000,570,653 | ---- | M] () -- C:\Users\Adam\Documents\zdjęcie0909.jpg
[2014-08-01 20:15:35 | 000,802,237 | ---- | M] () -- C:\Users\Adam\Documents\zdjęcie0906.jpg
[1 C:\Users\Adam\AppData\Local\*.tmp files - & gt; C:\Users\Adam\AppData\Local\*.tmp - & gt; ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014-08-24 15:58:50 | 000,316,054 | ---- | C] () -- C:\Users\Adam\Desktop\rys2b Model (1)-page-001.jpg
[2014-08-24 15:57:15 | 000,058,591 | ---- | C] () -- C:\Users\Adam\Desktop\rys2b Model (1).pdf
[2014-08-24 11:24:53 | 002,977,008 | ---- | C] () -- C:\Users\Adam\Desktop\tolerancjeipasowania.pdf
[2014-08-23 12:33:34 | 000,803,366 | ---- | C] () -- C:\Users\Adam\Desktop\8252438900_1353690561.jpg
[2014-08-23 10:33:17 | 000,269,935 | ---- | C] () -- C:\Users\Adam\Documents\zdjęcie0911.jpg
[2014-08-23 07:34:01 | 000,106,258 | ---- | C] () -- C:\Users\Adam\Desktop\koloryswyk2.jpg
[2014-08-22 22:45:56 | 000,197,702 | ---- | C] () -- C:\Users\Adam\Desktop\rys3 Model (1)-page-002.jpg
[2014-08-21 18:57:27 | 000,007,549 | ---- | C] () -- C:\Windows\SysNative\dopdf7.ctm
[2014-08-21 16:35:51 | 000,000,356 | ---- | C] () -- C:\Users\Adam\Documents\acad.err
[2014-08-02 13:08:33 | 000,570,653 | ---- | C] () -- C:\Users\Adam\Documents\zdjęcie0909.jpg
[2014-08-01 20:15:24 | 000,802,237 | ---- | C] () -- C:\Users\Adam\Documents\zdjęcie0906.jpg
[2014-07-21 12:21:00 | 000,003,584 | ---- | C] () -- C:\Users\Adam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014-07-19 15:33:48 | 000,000,264 | ---- | C] () -- C:\Windows\_delis32.ini
[2014-07-18 21:44:48 | 000,065,897 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\Debut.dmp
[2014-07-18 18:51:53 | 000,000,322 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\aps.uninstall.scan.results
[2014-07-14 17:15:18 | 000,084,616 | ---- | C] () -- C:\Windows\StkUnist.exe
[2014-07-13 18:10:24 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014-04-20 12:51:42 | 000,001,258 | ---- | C] () -- C:\Windows\win_nt4.dll
[2014-02-14 11:32:54 | 000,216,064 | ---- | C] () -- C:\Windows\SysWow64\gcapi_dll.dll
[2014-01-20 00:17:02 | 000,000,025 | ---- | C] () -- C:\Windows\D2P.INI
[2014-01-09 21:13:55 | 000,025,238 | ---- | C] () -- C:\Users\Adam\maxout.gnuplot
[2014-01-03 12:15:30 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2014-01-03 12:02:02 | 001,642,188 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014-01-01 22:46:44 | 000,000,544 | ---- | C] () -- C:\Windows\ODBC.INI
[2014-01-01 22:28:58 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2014-01-01 13:58:32 | 000,393,256 | ---- | C] () -- C:\Windows\SysWow64\CNQ2414N.DAT
[2013-12-31 16:43:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013-04-30 04:37:40 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013-04-30 04:37:40 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
" " = C:\Windows\SysNative\shell32.dll -- [2014-06-25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
" " = %SystemRoot%\system32\shell32.dll -- [2014-06-25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
" " = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
" " = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
" " = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
" ThreadingModel " = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2014-01-06 01:01:27 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Airytec
[2014-01-04 12:50:29 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Autodesk
[2014-01-01 14:03:38 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Canon
[2014-03-29 09:14:11 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\DAEMON Tools Lite
[2014-07-19 11:26:59 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\DVDVideoSoft
[2014-05-03 09:52:29 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\EurekaLog
[2014-03-17 22:55:32 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Foxit Software
[2013-12-31 18:48:27 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Gadu-Gadu
[2014-01-01 20:05:58 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\IrfanView
[2014-01-01 23:13:28 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\NapiProjekt
[2013-12-31 19:43:17 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Opera
[2014-04-16 20:50:17 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Oracle
[2014-06-10 19:34:40 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\PDF Architect 2
[2014-07-19 15:37:17 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\PowerISO
[2014-03-19 20:29:20 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\PTC
[2014-08-21 18:57:29 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Softland
[2014-07-18 17:41:45 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\systweak
[2014-07-14 17:44:53 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Ulead Systems
[2014-08-23 10:58:54 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\uTorrent
[2014-08-24 21:48:32 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\VideoReDo-TVSuite4
[2014-02-16 15:07:00 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\XMedia Recode

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 155 bytes - & gt; C:\ProgramData\temp:3440EB47
@Alternate Data Stream - 147 bytes - & gt; C:\ProgramData\temp:66633281
@Alternate Data Stream - 139 bytes - & gt; C:\ProgramData\temp:0888F409
@Alternate Data Stream - 118 bytes - & gt; C:\ProgramData\temp:373E1720

& lt; End of report & gt;


Pobierz plik - link do postu