Dysk twardy ciągle coś mieli

jqo_2 · 7 Lutego 2015

Witam!

Mam pewnien problem od jakiegoś czas dysk twardy (zwykły 2 tb HD) ciągle coś mieli.

Wyłączyłem już defragmentacje, indeksowanie, plik stronicowania i dalej nic.

Windows 7, nie mam antywirusa

Log z otl



 

OTL logfile created on: 2015-02-07 10:26:43 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = F:\Jdownlader

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17501)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

7,93 Gb Total Physical Memory | 5,82 Gb Available Physical Memory | 73,44% Memory free

15,86 Gb Paging File | 13,53 Gb Available in Paging File | 85,30% Paging File free

Paging file location(s): c:\pagefile.sys 0 0 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 232,88 Gb Total Space | 75,64 Gb Free Space | 32,48% Space Free | Partition Type: NTFS

Drive E: | 411,53 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Drive F: | 1630,12 Gb Total Space | 314,72 Gb Free Space | 19,31% Space Free | Partition Type: NTFS

 

Computer Name: DOM-KOMPUTER | User Name: DOM | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

[color=#E56717]========== Processes (SafeList) ==========[/color]

 

PRC - [2015-02-07 09:53:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Jdownlader\OTL.exe

PRC - [2015-02-05 13:16:14 | 000,675,256 | ---- | M] (NVIDIA Corporation) -- C:\Users\DOM\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe

PRC - [2015-02-03 14:29:29 | 051,365,496 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\27.0.1689.66\opera.exe

PRC - [2015-02-03 14:29:29 | 000,552,056 | ---- | M] () -- C:\Program Files (x86)\Opera\27.0.1689.66\opera_crashreporter.exe

PRC - [2015-01-29 17:46:11 | 000,251,040 | ---- | M] (Microsoft Corporation) -- C:\Users\DOM\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

PRC - [2015-01-29 17:43:08 | 000,081,640 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE

PRC - [2015-01-29 17:42:52 | 000,449,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE

PRC - [2015-01-16 07:42:47 | 002,585,928 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

PRC - [2015-01-16 07:42:37 | 001,706,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

PRC - [2015-01-09 23:27:57 | 000,410,768 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2014-12-19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2014-08-02 15:21:11 | 000,076,152 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2013-07-18 15:39:40 | 000,762,192 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe

PRC - [2011-10-19 01:21:52 | 002,076,672 | ---- | M] () -- C:\Program Files (x86)\Gameing Mouse\Gaming 3.exe

 

 

[color=#E56717]========== Modules (No Company Name) ==========[/color]

 

MOD - [2015-02-05 19:41:04 | 016,852,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

MOD - [2015-02-03 14:29:29 | 009,510,520 | ---- | M] () -- C:\Program Files (x86)\Opera\27.0.1689.66\pdf.dll

MOD - [2015-02-03 14:29:29 | 001,408,632 | ---- | M] () -- C:\Program Files (x86)\Opera\27.0.1689.66\libGLESv2.dll

MOD - [2015-02-03 14:29:29 | 000,552,056 | ---- | M] () -- C:\Program Files (x86)\Opera\27.0.1689.66\opera_crashreporter.exe

MOD - [2015-02-03 14:29:29 | 000,219,256 | ---- | M] () -- C:\Program Files (x86)\Opera\27.0.1689.66\libEGL.dll

MOD - [2015-01-29 17:42:57 | 000,316,576 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll

MOD - [2015-01-29 17:41:10 | 000,316,576 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll

MOD - [2011-10-19 01:21:52 | 002,076,672 | ---- | M] () -- C:\Program Files (x86)\Gameing Mouse\Gaming 3.exe

 

 

[color=#E56717]========== Services (SafeList) ==========[/color]

 

SRV:[b]64bit:[/b] - [2015-01-16 07:42:37 | 001,148,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)

SRV:[b]64bit:[/b] - [2015-01-16 07:42:33 | 021,833,544 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)

SRV:[b]64bit:[/b] - [2014-11-22 03:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV:[b]64bit:[/b] - [2014-11-12 00:06:52 | 002,449,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)

SRV:[b]64bit:[/b] - [2013-07-08 21:30:24 | 000,195,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)

SRV:[b]64bit:[/b] - [2013-05-27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2015-02-05 19:41:07 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2015-01-23 23:33:44 | 000,834,752 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2015-01-16 07:42:37 | 001,706,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)

SRV - [2015-01-09 23:27:57 | 000,410,768 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2014-12-19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2014-12-11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2014-08-02 15:21:11 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2014-03-20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2013-07-18 15:39:40 | 000,762,192 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)

SRV - [2012-07-08 23:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

 

 

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

 

DRV:[b]64bit:[/b] - [2015-01-20 03:33:24 | 000,585,944 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtkBtfilter.sys -- (RtkBtFilter)

DRV:[b]64bit:[/b] - [2015-01-16 07:42:32 | 000,019,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)

DRV:[b]64bit:[/b] - [2014-12-27 14:11:53 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:[b]64bit:[/b] - [2014-12-12 18:58:04 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV:[b]64bit:[/b] - [2014-11-22 11:46:30 | 000,038,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)

DRV:[b]64bit:[/b] - [2014-10-09 18:02:39 | 000,195,728 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:[b]64bit:[/b] - [2014-04-16 16:01:52 | 001,314,520 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CM10264.sys -- (USBAU)

DRV:[b]64bit:[/b] - [2014-03-28 14:25:16 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)

DRV:[b]64bit:[/b] - [2014-03-28 14:25:16 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)

DRV:[b]64bit:[/b] - [2013-07-24 16:02:55 | 000,034,816 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)

DRV:[b]64bit:[/b] - [2013-05-30 01:54:40 | 000,495,376 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1d62x64.sys -- (e1dexpress)

DRV:[b]64bit:[/b] - [2013-01-11 19:02:34 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)

DRV:[b]64bit:[/b] - [2012-12-26 19:27:28 | 000,052,440 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)

DRV:[b]64bit:[/b] - [2012-12-13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:[b]64bit:[/b] - [2012-08-21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:[b]64bit:[/b] - [2012-05-20 19:46:58 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:[b]64bit:[/b] - [2012-05-20 19:29:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:[b]64bit:[/b] - [2012-05-20 19:29:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:[b]64bit:[/b] - [2012-03-22 21:08:36 | 000,023,752 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\csrusbfilter.sys -- (csrusbfilter)

DRV:[b]64bit:[/b] - [2011-02-11 22:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)

DRV:[b]64bit:[/b] - [2011-01-26 18:27:48 | 000,030,312 | ---- | M] (CaptainFlint Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vd_filedisk.sys -- (VD_FileDisk)

DRV:[b]64bit:[/b] - [2010-11-21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)

DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)

DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)

DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)

DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:[b]64bit:[/b] - [2009-11-24 01:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)

DRV:[b]64bit:[/b] - [2009-11-24 01:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)

DRV:[b]64bit:[/b] - [2009-08-21 01:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)

DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:[b]64bit:[/b] - [2009-07-14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)

DRV:[b]64bit:[/b] - [2009-07-14 01:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)

DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:[b]64bit:[/b] - [2008-06-09 12:52:04 | 000,285,696 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\windrvr6.sys -- (WinDriver6)

DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

 

 

[color=#E56717]========== Internet Explorer ==========[/color]

 

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

[color=#E56717]========== FireFox ==========[/color]

 

FF - prefs.js..browser.search.isUS: false

FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.6.8

FF - prefs.js..extensions.enabledAddons: %7B018f3160-1a6f-4650-84fd-aad8c13609c8%7D:0.1

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5

FF - prefs.js..network.proxy.type: 5

FF - user.js - File not found

 

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

 

[2014-07-31 13:20:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DOM\AppData\Roaming\mozilla\Extensions

[2014-12-06 10:08:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DOM\AppData\Roaming\mozilla\Firefox\Profiles\5kwx5axi.default\extensions

[2014-12-02 12:03:06 | 000,006,199 | ---- | M] () (No name found) -- C:\Users\DOM\AppData\Roaming\mozilla\firefox\profiles\5kwx5axi.default\extensions\{018f3160-1a6f-4650-84fd-aad8c13609c8}.xpi

[2014-12-02 11:54:25 | 000,392,877 | ---- | M] () (No name found) -- C:\Users\DOM\AppData\Roaming\mozilla\firefox\profiles\5kwx5axi.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi

 

[color=#E56717]========== Chrome  ==========[/color]

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: http://speedial.com/?f=1&a=spd_ir_14_22_ch&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyE0EzytCtDzzyC0FyCzyyBtN0D0Tzu0SzzzztCtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByCtAyCzzyD0A0EtGtDtB0E0DtG0D0Czz0AtGyEyD0BtAtGtDyDyDyB0B0Czz0CyEzz0A0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyC0A0C0BtA0CyBtG0Dzz0AyEtGtBzy0CtCtG0AtBzzzytGyD0ByC0BzyyBzyyDyD0F0EyC2Q&cr=262311343&ir=

CHR - plugin: Error reading preferences file

CHR - Extension: Dokumenty Google = C:\Users\DOM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\

CHR - Extension: Dysk Google = C:\Users\DOM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: YouTube = C:\Users\DOM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: Szukaj w Google = C:\Users\DOM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: Google Wallet = C:\Users\DOM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

CHR - Extension: Gmail = C:\Users\DOM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

 

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:[b]64bit:[/b] - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

O2:[b]64bit:[/b] - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)

O4:[b]64bit:[/b] - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)

O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)

O4:[b]64bit:[/b] - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)

O4 - HKLM..\Run: [Gaming 3] C:\Program Files (x86)\Gameing Mouse\Gaming 3.exe ()

O4 - HKCU..\Run: [HP Deskjet 3050A J611 series (NET)] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)

O4 - HKCU..\Run: [SkyDrive] C:\Users\DOM\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found

O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)

O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)

O9:[b]64bit:[/b] - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)

O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)

O9:[b]64bit:[/b] - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

O9:[b]64bit:[/b] - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9:[b]64bit:[/b] - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O13[b]64bit:[/b] - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 10.51.2)

O16 - DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Java Plug-in 1.6.0_45)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.228.196 62.179.104.196

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3DE754B4-BB95-46C4-A0E2-A791C2CB0CA7}: DhcpNameServer = 213.46.228.196 62.179.104.196

O18:[b]64bit:[/b] - Protocol\Handler\osf - No CLSID value found

O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found

O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2012-10-15 09:47:04 | 000,000,057 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]

O33 - MountPoints2\{2369be7b-8dca-11e4-a65e-bc5ff4e91086}\Shell - "" = AutoRun

O33 - MountPoints2\{2369be7b-8dca-11e4-a65e-bc5ff4e91086}\Shell\AutoRun\command - "" = D:\setup.exe

O33 - MountPoints2\{3e96d64c-a19c-11e4-877a-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{3e96d64c-a19c-11e4-877a-806e6f6e6963}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\setup.exe

O33 - MountPoints2\{83c56c5f-e05e-11e3-88b1-bc5ff4e91086}\Shell - "" = AutoRun

O33 - MountPoints2\{83c56c5f-e05e-11e3-88b1-bc5ff4e91086}\Shell\AutoRun\command - "" = M:\LG_PC_Programs.exe

O33 - MountPoints2\{a180b905-741d-11e3-be16-a28151bc5e9f}\Shell - "" = AutoRun

O33 - MountPoints2\{a180b905-741d-11e3-be16-a28151bc5e9f}\Shell\AutoRun\command - "" = E:\install.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*

O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*

O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

 

[2015-02-07 10:09:50 | 000,285,696 | ---- | C] (Jungo) -- C:\Windows\SysNative\drivers\windrvr6.sys

[2015-02-07 10:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\amBX

[2015-02-06 16:33:18 | 000,000,000 | ---D | C] -- C:\Users\DOM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server

[2015-02-06 15:58:52 | 000,000,000 | ---D | C] -- C:\Users\DOM\AppData\Roaming\amBX_Events

[2015-02-06 15:58:51 | 000,000,000 | ---D | C] -- C:\ProgramData\amBX_Events

[2015-02-06 15:57:15 | 000,000,000 | ---D | C] -- C:\Users\DOM\AppData\Local\IsolatedStorage

[2015-02-06 15:39:27 | 000,000,000 | ---D | C] -- C:\Program Files\amBX

[2015-02-06 15:39:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\amBX

[2015-02-06 14:59:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories

[2015-02-06 14:59:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories

[2015-02-06 14:49:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Auslogics

[2015-02-04 19:58:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune

[2015-02-04 19:58:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune

[2015-01-30 21:06:27 | 000,000,000 | ---D | C] -- C:\Users\DOM\Documents\DyingLight

[2015-01-30 20:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Techland

[2015-01-29 17:49:07 | 000,000,000 | RH-D | C] -- C:\MSOCache

[2015-01-29 17:46:15 | 000,000,000 | R--D | C] -- C:\Users\DOM\OneDrive

[2015-01-29 17:46:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft OneDrive

[2015-01-29 17:46:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive

[2015-01-29 17:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER

[2015-01-29 17:42:47 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft

[2015-01-29 17:41:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013

[2015-01-29 17:41:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15

[2015-01-25 22:27:06 | 000,000,000 | ---D | C] -- C:\Intel

[2015-01-25 22:14:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse

[2015-01-25 22:14:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint

[2015-01-25 22:05:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gaming Mouse

[2015-01-25 22:05:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gameing Mouse

[2015-01-25 13:07:32 | 000,621,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe

[2015-01-25 13:06:10 | 025,459,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2015-01-25 13:06:10 | 024,765,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2015-01-25 13:06:10 | 020,465,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2015-01-25 13:06:10 | 017,250,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll

[2015-01-25 13:06:10 | 016,009,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll

[2015-01-25 13:06:10 | 013,295,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll

[2015-01-25 13:06:10 | 013,210,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2015-01-25 13:06:10 | 010,774,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll

[2015-01-25 13:06:10 | 010,714,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2015-01-25 13:06:10 | 003,607,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2015-01-25 13:06:10 | 003,245,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2015-01-25 13:06:10 | 001,895,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434725.dll

[2015-01-25 13:06:10 | 001,556,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434725.dll

[2015-01-25 13:06:10 | 001,540,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll

[2015-01-25 13:06:10 | 000,994,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll

[2015-01-25 13:06:10 | 000,969,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll

[2015-01-25 13:06:10 | 000,942,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll

[2015-01-25 13:06:10 | 000,929,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll

[2015-01-25 13:06:10 | 000,906,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll

[2015-01-25 13:06:10 | 000,877,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll

[2015-01-25 13:06:10 | 000,496,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll

[2015-01-25 13:06:10 | 000,399,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll

[2015-01-25 13:06:10 | 000,390,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll

[2015-01-25 13:06:10 | 000,353,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll

[2015-01-25 13:06:10 | 000,345,744 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll

[2015-01-25 13:06:10 | 000,305,320 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll

[2015-01-25 13:06:10 | 000,177,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll

[2015-01-25 13:06:10 | 000,164,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll

[2015-01-24 15:24:45 | 000,000,000 | ---D | C] -- C:\BluetoothExchangeFolder

[2015-01-24 12:33:54 | 000,000,000 | ---D | C] -- C:\Users\DOM\Documents\Wizards of the Coast

[2015-01-24 11:55:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone

[2015-01-20 03:33:24 | 000,585,944 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\drivers\RtkBtfilter.sys

[2015-01-18 21:50:22 | 000,000,000 | ---D | C] -- C:\Users\DOM\AppData\Roaming\DivX

[2015-01-18 21:50:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared

[2015-01-18 21:49:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX

[2015-01-18 21:49:37 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX

[2015-01-18 10:12:45 | 000,000,000 | ---D | C] -- C:\Users\DOM\AppData\Local\LumaEmu_SteamCloud

[2015-01-17 09:38:36 | 000,000,000 | ---D | C] -- C:\Users\DOM\Desktop\Salari

[2015-01-14 14:40:35 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe

[2015-01-14 14:40:33 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll

[2015-01-14 14:40:33 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll

[2015-01-14 14:40:19 | 005,553,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2015-01-14 14:40:19 | 003,971,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2015-01-14 14:40:18 | 003,916,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2015-01-14 14:40:18 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll

[2015-01-14 14:40:18 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe

[2015-01-14 14:40:18 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll

[2015-01-13 12:51:50 | 000,000,000 | ---D | C] -- C:\Users\DOM\AppData\Roaming\EurekaLog

[2014-04-12 12:59:53 | 005,057,024 | ---- | C] (Mar Software) -- C:\Program Files (x86)\WinCatalog.exe

[2014-03-08 10:11:42 | 001,536,564 | -H-- | C] (Igor Pavlov) -- C:\Users\DOM\AppData\Roaming\Sensea PL.exe

[2013-06-19 03:51:16 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files (x86)\Common Files\atimpenc.dll

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

 

[2015-02-07 10:22:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2015-02-07 10:22:38 | 2092,654,591 | -HS- | M] () -- C:\hiberfil.sys

[2015-02-07 10:21:06 | 000,026,512 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2015-02-07 10:21:06 | 000,026,512 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2015-02-07 09:46:42 | 000,007,601 | ---- | M] () -- C:\Users\DOM\AppData\Local\Resmon.ResmonCfg

[2015-02-07 09:41:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2015-02-06 16:33:00 | 000,001,050 | ---- | M] () -- C:\Users\DOM\Desktop\MSI Afterburner.lnk

[2015-02-05 19:41:05 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2015-02-05 19:41:05 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2015-02-04 19:58:31 | 000,000,890 | ---- | M] () -- C:\Users\DOM\Desktop\HD Tune.lnk

[2015-01-31 14:23:26 | 001,679,426 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2015-01-31 14:23:26 | 000,743,808 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat

[2015-01-31 14:23:26 | 000,657,196 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2015-01-31 14:23:26 | 000,157,290 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat

[2015-01-31 14:23:26 | 000,123,008 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2015-01-30 20:54:31 | 000,000,739 | ---- | M] () -- C:\Users\Public\Desktop\Dying Light.lnk

[2015-01-29 18:16:43 | 005,058,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2015-01-25 22:05:33 | 000,001,894 | ---- | M] () -- C:\Users\Public\Desktop\Gaming Mouse.lnk

[2015-01-24 16:28:38 | 000,000,219 | ---- | M] () -- C:\Users\DOM\Desktop\Dota 2.url

[2015-01-24 15:25:15 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_csrpan_01009.Wdf

[2015-01-24 15:24:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_csrserial_01009.Wdf

[2015-01-24 15:24:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_csrusb_01009.Wdf

[2015-01-24 12:29:26 | 000,000,222 | ---- | M] () -- C:\Users\DOM\Desktop\Magic 2014.url

[2015-01-24 11:55:44 | 000,000,840 | ---- | M] () -- C:\Users\Public\Desktop\Hearthstone.lnk

[2015-01-20 03:33:24 | 000,585,944 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\drivers\RtkBtfilter.sys

[2015-01-18 17:41:20 | 000,106,206 | ---- | M] () -- C:\Users\DOM\Desktop\gallery_1421344219_793353.jpg

[2015-01-18 10:12:44 | 000,000,000 | -HS- | M] () -- C:\Users\DOM\AppData\Local\LumaEmu

[2015-01-16 07:41:34 | 001,316,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll

[2015-01-16 07:41:34 | 001,278,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll

[2015-01-16 07:41:18 | 001,756,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll

[2015-01-16 07:41:18 | 001,514,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll

[2015-01-13 05:15:56 | 001,540,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll

[2015-01-10 09:07:47 | 032,102,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2015-01-10 09:07:47 | 025,459,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2015-01-10 09:07:47 | 024,765,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2015-01-10 09:07:47 | 020,465,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2015-01-10 09:07:47 | 018,566,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll

[2015-01-10 09:07:47 | 017,250,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll

[2015-01-10 09:07:47 | 016,009,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll

[2015-01-10 09:07:47 | 014,115,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll

[2015-01-10 09:07:47 | 013,295,552 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll

[2015-01-10 09:07:47 | 013,210,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2015-01-10 09:07:47 | 010,774,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll

[2015-01-10 09:07:47 | 010,714,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2015-01-10 09:07:47 | 003,607,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2015-01-10 09:07:47 | 003,298,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll

[2015-01-10 09:07:47 | 003,245,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2015-01-10 09:07:47 | 002,902,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll

[2015-01-10 09:07:47 | 001,895,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434725.dll

[2015-01-10 09:07:47 | 001,556,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434725.dll

[2015-01-10 09:07:47 | 000,994,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll

[2015-01-10 09:07:47 | 000,969,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll

[2015-01-10 09:07:47 | 000,942,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll

[2015-01-10 09:07:47 | 000,929,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll

[2015-01-10 09:07:47 | 000,906,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll

[2015-01-10 09:07:47 | 000,877,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll

[2015-01-10 09:07:47 | 000,496,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll

[2015-01-10 09:07:47 | 000,399,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll

[2015-01-10 09:07:47 | 000,390,472 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll

[2015-01-10 09:07:47 | 000,353,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll

[2015-01-10 09:07:47 | 000,345,744 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll

[2015-01-10 09:07:47 | 000,305,320 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll

[2015-01-10 09:07:47 | 000,177,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll

[2015-01-10 09:07:47 | 000,164,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll

[2015-01-10 09:07:47 | 000,073,872 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll

[2015-01-10 09:07:47 | 000,060,744 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll

[2015-01-10 09:07:47 | 000,027,441 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb

[2015-01-10 00:30:01 | 006,860,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll

[2015-01-10 00:30:01 | 003,517,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll

[2015-01-10 00:29:53 | 002,558,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll

[2015-01-10 00:29:52 | 000,385,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll

[2015-01-10 00:29:52 | 000,062,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll

[2015-01-09 23:27:57 | 000,621,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe

[2015-01-09 20:47:35 | 004,173,527 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

[color=#E56717]========== Files Created - No Company Name ==========[/color]

 

[2015-02-04 19:58:31 | 000,000,890 | ---- | C] () -- C:\Users\DOM\Desktop\HD Tune.lnk

[2015-01-30 20:54:31 | 000,000,739 | ---- | C] () -- C:\Users\Public\Desktop\Dying Light.lnk

[2015-01-29 17:46:15 | 000,002,178 | ---- | C] () -- C:\Users\DOM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk

[2015-01-25 22:05:33 | 000,001,894 | ---- | C] () -- C:\Users\Public\Desktop\Gaming Mouse.lnk

[2015-01-24 16:28:38 | 000,000,219 | ---- | C] () -- C:\Users\DOM\Desktop\Dota 2.url

[2015-01-24 15:25:15 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_csrpan_01009.Wdf

[2015-01-24 15:24:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_csrserial_01009.Wdf

[2015-01-24 15:24:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_csrusb_01009.Wdf

[2015-01-24 12:29:26 | 000,000,222 | ---- | C] () -- C:\Users\DOM\Desktop\Magic 2014.url

[2015-01-24 11:55:43 | 000,000,840 | ---- | C] () -- C:\Users\Public\Desktop\Hearthstone.lnk

[2015-01-18 17:41:20 | 000,106,206 | ---- | C] () -- C:\Users\DOM\Desktop\gallery_1421344219_793353.jpg

[2015-01-18 10:12:44 | 000,000,000 | -HS- | C] () -- C:\Users\DOM\AppData\Local\LumaEmu

[2015-01-06 13:36:35 | 000,001,110 | ---- | C] () -- C:\Users\DOM\audiobook.aren

[2014-11-22 13:37:09 | 000,003,584 | ---- | C] () -- C:\Users\DOM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2014-10-23 02:09:04 | 000,001,617 | ---- | C] () -- C:\Windows\Clarity.ini

[2014-08-29 18:13:15 | 000,247,284 | ---- | C] () -- C:\ProgramData\1409332296.bdinstall.bin

[2014-08-15 17:27:47 | 000,493,506 | ---- | C] () -- C:\ProgramData\1408119509.bdinstall.bin

[2014-08-15 17:17:52 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini

[2014-08-01 12:08:56 | 000,000,036 | ---- | C] () -- C:\Windows\CBMOCX.INI

[2014-07-18 19:12:09 | 000,000,204 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat

[2014-07-18 19:03:22 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI

[2014-07-18 18:48:10 | 000,109,696 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll

[2014-07-18 18:48:10 | 000,091,264 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll

[2014-07-18 18:34:55 | 000,001,057 | ---- | C] () -- C:\Users\DOM\AppData\Roaming\vso_ts_preview.xml

[2014-07-06 10:50:05 | 000,000,013 | ---- | C] () -- C:\ProgramData\anwblog2010.cfg

[2014-06-06 17:11:41 | 000,000,292 | ---- | C] () -- C:\Users\DOM\AppData\Local\HamsterBookConverter.cfg

[2014-04-12 10:32:47 | 000,000,209 | ---- | C] () -- C:\Users\DOM\datacrow.properties

[2014-03-15 20:44:15 | 000,297,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2014-03-15 20:44:14 | 000,076,152 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2014-03-12 13:21:04 | 000,154,283 | -H-- | C] () -- C:\Users\DOM\AppData\Roaming\DOM-wchelper.dll

[2014-02-20 17:14:02 | 000,179,377 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2014-01-26 19:45:39 | 000,000,143 | ---- | C] () -- C:\Users\DOM\AppData\Roaming\WB.CFG

[2014-01-19 09:57:15 | 000,007,601 | ---- | C] () -- C:\Users\DOM\AppData\Local\Resmon.ResmonCfg

[2014-01-13 18:39:15 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini

[2014-01-02 21:05:15 | 000,586,752 | ---- | C] () -- C:\Users\DOM\AppData\Local\file__0.localstorage

[2014-01-02 20:43:59 | 001,651,032 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2014-01-02 20:31:00 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl

 

[color=#E56717]========== ZeroAccess Check ==========[/color]

 

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2014-03-25 03:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2014-03-25 03:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 

[color=#E56717]========== Alternate Data Streams ==========[/color]

 

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:0BF4DA47

@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:56E2E879

 

< End of report >

Log z Hijck



Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 10:34:25, on 2015-02-07

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17496)

 

 

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Users\DOM\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

C:\Program Files (x86)\Gameing Mouse\Gaming 3.exe

C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE

C:\Program Files (x86)\Opera\27.0.1689.66\opera.exe

C:\Program Files (x86)\Opera\27.0.1689.66\opera_crashreporter.exe

C:\Program Files (x86)\Opera\27.0.1689.66\opera.exe

C:\Program Files (x86)\Opera\27.0.1689.66\opera.exe

C:\Program Files (x86)\Opera\27.0.1689.66\opera.exe

C:\Program Files (x86)\Opera\27.0.1689.66\opera.exe

C:\Program Files (x86)\Opera\27.0.1689.66\opera.exe

F:\Jdownlader\OTL.exe

C:\Program Files (x86)\Opera\27.0.1689.66\opera.exe

C:\Program Files (x86)\Opera\27.0.1689.66\opera.exe

F:\Jdownlader\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Gaming 3] "C:\Program Files (x86)\Gameing Mouse\Gaming 3.exe" /hide

O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2C51GGWM05WK:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1

O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [SkyDrive] "C:\Users\DOM\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-18\..\Run: [Agent aplikacji Portfel Bitdefender] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Agent aplikacji Portfel Bitdefender] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" (User 'Default user')

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Usługa Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)

O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 9610 bytes

Z góry dziękuję za pomoc

Edytowane 7 Lutego 2015 przez jqo_2

nad30 · 7 Lutego 2015

Cholera ale czytania zapodałeś ehh. A może format pomoże

lok1995 · 7 Lutego 2015

Przeleć dyski Malwarebytes anti-malvare (lub odpowiednikiem) może jakiś syf ci się wgrał i coś tam odwala..

Druga sprawa, sprawdź jakie programy uruchamiają ci się w autostarcie... Niepożądane wyłącz..

jqo_2 · 7 Lutego 2015

Cholera ale czytania zapodałeś ehh. A może format pomoże

Bez przesady log z Hijck to raptem parę linijek;)

Kuźwa nawet teraz pisząc tego posta ten zasra.... ciągle coś mieli... nie ma chyba nic bardziej irytującego

Przeleć dyski Malwarebytes anti-malvare (lub odpowiednikiem) może jakiś syf ci się wgrał i coś tam odwala..

Druga sprawa, sprawdź jakie programy uruchamiają ci się w autostarcie... Niepożądane wyłącz..

Robiłem, robiłem.... po to właśnie wstawiłem log ponieważ praktycznie wszystkie programy już wyłaczyłem

sebki1 · 7 Lutego 2015

Sprawdzales "Smart" dysku ?

Najlepiej programem HdTune, zakladka "Health".

Nastepnie zakladka "error scan", odznacz opcje "quick scan" - skan bedzie powolniejszy ale dokladniejszy (moze to troche potrwac).

jqo_2 · 7 Lutego 2015

Sprawdzales "Smart" dysku ?

Najlepiej programem HdTune, zakladka "Health".

Nastepnie zakladka "error scan", odznacz opcje "quick scan" - skan bedzie powolniejszy ale dokladniejszy (moze to troche potrwac).

Zaraz to zrobię dzięki za pomysł ale wątpię dysk ma miesiące nowy ze sklepu

sebki1 · 7 Lutego 2015

To ze dysk jest nowy nic nie znaczy - zawsze moze sie trafic jakas felerna sztuka

jqo_2 · 7 Lutego 2015

To ze dysk jest nowy nic nie znaczy - zawsze moze sie trafic jakas felerna sztuka

Tak ale jestem pewien że to jest inny problem.

Stary dysk zaczął dokładnie tak samo mielić więc kupiłem nowy (właśnie ten) sklonowałem całą partycję i przez dwa miesiące był spokój. Do teraz...

pulkownik · 10 Lutego 2015

Menadżer zadań - > Zakładka "Wydajność" -> Monitor zasobów -> Zakładka "Dysk"

Znajdziesz tam szczegółowe info jaki proces mieli po dysku.

Zaloguj się

Dysk twardy ciągle coś mieli

Recommended Posts

jqo_2 0

Link to post

Share on other sites

nad30 35

Link to post

Share on other sites

lok1995 48

Link to post

Share on other sites

jqo_2 0

Link to post

Share on other sites

sebki1 603

Link to post

Share on other sites

jqo_2 0

Link to post

Share on other sites

sebki1 603

Link to post

Share on other sites

jqo_2 0

Link to post

Share on other sites

pulkownik 192

Link to post

Share on other sites

Dołącz do dyskusji

Ostatnio przeglądający 0 użytkowników